SUSE: 2019:1287-1 important: the Linux Kernel
Summary
The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various
security and bugfixes.
Four new speculative execution information leak issues have been
identified in Intel CPUs. (bsc#1111331)
- CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
- CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
- CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
- CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
(MDSUM)
This kernel update contains software mitigations for these issues, which
also utilize CPU microcode updates shipped in parallel.
For more information on this set of information leaks, check out
https://www.suse.com/support/kb/
The following security bugs were fixed:
- CVE-2018-1128: It was found that cephx authentication protocol did not
verify ceph clients correctly and was vulnerable to replay attack. Any
attacker having access to ceph cluster network who is able to sniff
packets on network could use this vulnerability to authenticate with
ceph service and perform actions allowed by ceph service. (bnc#1096748).
- CVE-2018-1129: A flaw was found in the way signature calculation was
handled by cephx authentication protocol. An attacker having access to
ceph cluster network who is able to alter the message payload was able
to bypass signature checks done by cephx protocol. (bnc#1096748).
- CVE-2016-8636: Integer overflow in the mem_check_range function in
drivers/infiniband/sw/rxe/rxe_mr.c allowed local users to cause a denial
of service (memory corruption), obtain sensitive information or possibly
have unspecified other impact via a write or read request involving the
"RDMA protocol over infiniband" (aka Soft RoCE) technology (bnc#1024908).
- CVE-2017-18174: In the amd_gpio_remove function in
drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function,
leading to a double free (bnc#1080533).
- CVE-2018-1091: In the flush_tmregs_to_thread function in
arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from
unprivileged userspace during a core dump on a POWER host due to a
missing processor feature check and an erroneous use of transactional
memory (TM) instructions in the core dump path, leading to a denial of
service (bnc#1087231).
- CVE-2018-1120: By mmap()ing a FUSE-backed file onto a process's memory
containing command line arguments (or environment strings), an attacker
can cause utilities from psutils or procps (such as ps, w) or any other
program which made a read() call to the /proc/
References
#1012382 #1024908 #1034113 #1043485 #1068032
#1073311 #1080157 #1080533 #1082632 #1087231
#1087659 #1087906 #1093158 #1094268 #1096748
#1100152 #1103186 #1106913 #1109772 #1111331
#1112178 #1113399 #1116841 #1118338 #1119019
#1122822 #1124832 #1125580 #1129279 #1131416
#1131427 #1131587 #1132673 #1132828 #1133188
Cross- CVE-2016-8636 CVE-2017-17741 CVE-2017-18174
CVE-2018-1091 CVE-2018-1120 CVE-2018-1128
CVE-2018-1129 CVE-2018-12126 CVE-2018-12127
CVE-2018-12130 CVE-2018-19407 CVE-2019-11091
CVE-2019-11486 CVE-2019-3882 CVE-2019-8564
CVE-2019-9503
Affected Products:
SUSE OpenStack Cloud 7
SUSE Linux Enterprise Server for SAP 12-SP2
SUSE Linux Enterprise Server 12-SP2-LTSS
SUSE Linux Enterprise Server 12-SP2-BCL
SUSE Linux Enterprise High Availability 12-SP2
SUSE Enterprise Storage 4
OpenStack Cloud Magnum Orchestration 7
https://www.suse.com/security/cve/CVE-2016-8636.html
https://www.suse.com/security/cve/CVE-2017-17741.html
https://www.suse.com/security/cve/CVE-2017-18174.html
https://www.suse.com/security/cve/CVE-2018-1091.html
https://www.suse.com/security/cve/CVE-2018-1120.html
https://www.suse.com/security/cve/CVE-2018-1128.html
https://www.suse.com/security/cve/CVE-2018-1129.html
https://www.suse.com/security/cve/CVE-2018-12126.html
https://www.suse.com/security/cve/CVE-2018-12127.html
https://www.suse.com/security/cve/CVE-2018-12130.html
https://www.suse.com/security/cve/CVE-2018-19407.html
https://www.suse.com/security/cve/CVE-2019-11091.html
https://www.suse.com/security/cve/CVE-2019-11486.html
https://www.suse.com/security/cve/CVE-2019-3882.html
https://www.suse.com/security/cve/CVE-2019-8564.html
https://www.suse.com/security/cve/CVE-2019-9503.html
https://bugzilla.suse.com/1012382
https://bugzilla.suse.com/1024908
https://bugzilla.suse.com/1034113
https://bugzilla.suse.com/1043485
https://bugzilla.suse.com/1068032
https://bugzilla.suse.com/1073311
https://bugzilla.suse.com/1080157
https://bugzilla.suse.com/1080533
https://bugzilla.suse.com/1082632
https://bugzilla.suse.com/1087231
https://bugzilla.suse.com/1087659
https://bugzilla.suse.com/1087906
https://bugzilla.suse.com/1093158
https://bugzilla.suse.com/1094268
https://bugzilla.suse.com/1096748
https://bugzilla.suse.com/1100152
https://bugzilla.suse.com/1103186
https://bugzilla.suse.com/1106913
https://bugzilla.suse.com/1109772
https://bugzilla.suse.com/1111331
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1113399
https://bugzilla.suse.com/1116841
https://bugzilla.suse.com/1118338
https://bugzilla.suse.com/1119019
https://bugzilla.suse.com/1122822
https://bugzilla.suse.com/1124832
https://bugzilla.suse.com/1125580
https://bugzilla.suse.com/1129279
https://bugzilla.suse.com/1131416
https://bugzilla.suse.com/1131427
https://bugzilla.suse.com/1131587
https://bugzilla.suse.com/1132673
https://bugzilla.suse.com/1132828
https://bugzilla.suse.com/1133188