SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:1048-1)

High Nessus Plugin ID 109310

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.126 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2018-1091: In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service (bnc#1087231).

- CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed local users to cause a denial of service (BUG) via a crafted application that made mmap system calls and has a large pgoff argument to the remap_file_pages system call (bnc#1084353).

- CVE-2018-8043: The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource availability, which allowed local users to cause a denial of service (NULL pointer dereference) (bnc#1084829).

- CVE-2017-18257: The __get_data_block function in fs/f2fs/data.c allowed local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. (bnc#1088241)

- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2018-718=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-718=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-718=1

SUSE Linux Enterprise Live Patching 12-SP3:zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-718=1

SUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch SUSE-SLE-HA-12-SP3-2018-718=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-718=1

SUSE CaaS Platform ALL :

To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

See Also

https://bugzilla.suse.com/show_bug.cgi?id=1012382

https://bugzilla.suse.com/show_bug.cgi?id=1019695

https://bugzilla.suse.com/show_bug.cgi?id=1019699

https://bugzilla.suse.com/show_bug.cgi?id=1022604

https://bugzilla.suse.com/show_bug.cgi?id=1031717

https://bugzilla.suse.com/show_bug.cgi?id=1046610

https://bugzilla.suse.com/show_bug.cgi?id=1060799

https://bugzilla.suse.com/show_bug.cgi?id=1064206

https://bugzilla.suse.com/show_bug.cgi?id=1068032

https://bugzilla.suse.com/show_bug.cgi?id=1073059

https://bugzilla.suse.com/show_bug.cgi?id=1073069

https://bugzilla.suse.com/show_bug.cgi?id=1075428

https://bugzilla.suse.com/show_bug.cgi?id=1076033

https://bugzilla.suse.com/show_bug.cgi?id=1077560

https://bugzilla.suse.com/show_bug.cgi?id=1083574

https://bugzilla.suse.com/show_bug.cgi?id=1083745

https://bugzilla.suse.com/show_bug.cgi?id=1083836

https://bugzilla.suse.com/show_bug.cgi?id=1084223

https://bugzilla.suse.com/show_bug.cgi?id=1084310

https://bugzilla.suse.com/show_bug.cgi?id=1084328

https://bugzilla.suse.com/show_bug.cgi?id=1084353

https://bugzilla.suse.com/show_bug.cgi?id=1084452

https://bugzilla.suse.com/show_bug.cgi?id=1084610

https://bugzilla.suse.com/show_bug.cgi?id=1084699

https://bugzilla.suse.com/show_bug.cgi?id=1084829

https://bugzilla.suse.com/show_bug.cgi?id=1084889

https://bugzilla.suse.com/show_bug.cgi?id=1084898

https://bugzilla.suse.com/show_bug.cgi?id=1084914

https://bugzilla.suse.com/show_bug.cgi?id=1084918

https://bugzilla.suse.com/show_bug.cgi?id=1084967

https://bugzilla.suse.com/show_bug.cgi?id=1085042

https://bugzilla.suse.com/show_bug.cgi?id=1085058

https://bugzilla.suse.com/show_bug.cgi?id=1085224

https://bugzilla.suse.com/show_bug.cgi?id=1085383

https://bugzilla.suse.com/show_bug.cgi?id=1085402

https://bugzilla.suse.com/show_bug.cgi?id=1085404

https://bugzilla.suse.com/show_bug.cgi?id=1085487

https://bugzilla.suse.com/show_bug.cgi?id=1085507

https://bugzilla.suse.com/show_bug.cgi?id=1085511

https://bugzilla.suse.com/show_bug.cgi?id=1085679

https://bugzilla.suse.com/show_bug.cgi?id=1085981

https://bugzilla.suse.com/show_bug.cgi?id=1086015

https://bugzilla.suse.com/show_bug.cgi?id=1086162

https://bugzilla.suse.com/show_bug.cgi?id=1086194

https://bugzilla.suse.com/show_bug.cgi?id=1086357

https://bugzilla.suse.com/show_bug.cgi?id=1086499

https://bugzilla.suse.com/show_bug.cgi?id=1086518

https://bugzilla.suse.com/show_bug.cgi?id=1086607

https://bugzilla.suse.com/show_bug.cgi?id=1087088

https://bugzilla.suse.com/show_bug.cgi?id=1087211

https://bugzilla.suse.com/show_bug.cgi?id=1087231

https://bugzilla.suse.com/show_bug.cgi?id=1087260

https://bugzilla.suse.com/show_bug.cgi?id=1087274

https://bugzilla.suse.com/show_bug.cgi?id=1087659

https://bugzilla.suse.com/show_bug.cgi?id=1087845

https://bugzilla.suse.com/show_bug.cgi?id=1087906

https://bugzilla.suse.com/show_bug.cgi?id=1087999

https://bugzilla.suse.com/show_bug.cgi?id=1088050

https://bugzilla.suse.com/show_bug.cgi?id=1088087

https://bugzilla.suse.com/show_bug.cgi?id=1088241

https://bugzilla.suse.com/show_bug.cgi?id=1088267

https://bugzilla.suse.com/show_bug.cgi?id=1088313

https://bugzilla.suse.com/show_bug.cgi?id=1088324

https://bugzilla.suse.com/show_bug.cgi?id=1088600

https://bugzilla.suse.com/show_bug.cgi?id=1088684

https://bugzilla.suse.com/show_bug.cgi?id=1088871

https://bugzilla.suse.com/show_bug.cgi?id=802154

https://www.suse.com/security/cve/CVE-2017-18257/

https://www.suse.com/security/cve/CVE-2018-1091/

https://www.suse.com/security/cve/CVE-2018-7740/

https://www.suse.com/security/cve/CVE-2018-8043/

https://www.suse.com/security/cve/CVE-2018-8822/

http://www.nessus.org/u?a5eeadf8

Plugin Details

Severity: High

ID: 109310

File Name: suse_SU-2018-1048-1.nasl

Version: 1.4

Type: local

Agent: unix

Published: 2018/04/24

Updated: 2019/09/10

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2018/04/23

Vulnerability Publication Date: 2018/03/07

Reference Information

CVE: CVE-2017-18257, CVE-2018-1091, CVE-2018-7740, CVE-2018-8043, CVE-2018-8822