SUSE SLES11 Security Update : kernel (SUSE-SU-2018:1821-1)

Medium Nessus Plugin ID 110761

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This new feature was added :

- Btrfs: Remove empty block groups in the background The following security bugs were fixed :

- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and AVX registers) between processes.
These registers might contain encryption keys when doing SSE accelerated AES enc/decryption (bsc#1087086)

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t patch sdksp4-kernel-source-13680=1

SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-kernel-source-13680=1

SUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch slexsp3-kernel-source-13680=1

SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-kernel-source-13680=1

See Also

https://bugzilla.suse.com/1046610

https://bugzilla.suse.com/1052351

https://bugzilla.suse.com/1068054

https://bugzilla.suse.com/1079152

https://bugzilla.suse.com/1080837

https://bugzilla.suse.com/1083347

https://bugzilla.suse.com/1087086

https://bugzilla.suse.com/1087088

https://bugzilla.suse.com/1088997

https://bugzilla.suse.com/1088998

https://bugzilla.suse.com/1088999

https://bugzilla.suse.com/1089000

https://bugzilla.suse.com/1089001

https://bugzilla.suse.com/1089002

https://bugzilla.suse.com/1089003

https://bugzilla.suse.com/1089004

https://bugzilla.suse.com/1089005

https://bugzilla.suse.com/1089006

https://bugzilla.suse.com/1089007

https://bugzilla.suse.com/1089008

https://bugzilla.suse.com/1089010

https://bugzilla.suse.com/1089011

https://bugzilla.suse.com/1089012

https://bugzilla.suse.com/1089013

https://bugzilla.suse.com/1089016

https://bugzilla.suse.com/1089192

https://bugzilla.suse.com/1089199

https://bugzilla.suse.com/1089200

https://bugzilla.suse.com/1089201

https://bugzilla.suse.com/1089202

https://bugzilla.suse.com/1089203

https://bugzilla.suse.com/1089204

https://bugzilla.suse.com/1089205

https://bugzilla.suse.com/1089206

https://bugzilla.suse.com/1089207

https://bugzilla.suse.com/1089208

https://bugzilla.suse.com/1089209

https://bugzilla.suse.com/1089210

https://bugzilla.suse.com/1089211

https://bugzilla.suse.com/1089212

https://bugzilla.suse.com/1089213

https://bugzilla.suse.com/1089214

https://bugzilla.suse.com/1089215

https://bugzilla.suse.com/1089216

https://bugzilla.suse.com/1089217

https://bugzilla.suse.com/1089218

https://bugzilla.suse.com/1089219

https://bugzilla.suse.com/1089220

https://bugzilla.suse.com/1089221

https://bugzilla.suse.com/1089222

https://bugzilla.suse.com/1089223

https://bugzilla.suse.com/1089224

https://bugzilla.suse.com/1089225

https://bugzilla.suse.com/1089226

https://bugzilla.suse.com/1089227

https://bugzilla.suse.com/1089228

https://bugzilla.suse.com/1089229

https://bugzilla.suse.com/1089230

https://bugzilla.suse.com/1089231

https://bugzilla.suse.com/1089232

https://bugzilla.suse.com/1089233

https://bugzilla.suse.com/1089234

https://bugzilla.suse.com/1089235

https://bugzilla.suse.com/1089236

https://bugzilla.suse.com/1089237

https://bugzilla.suse.com/1089238

https://bugzilla.suse.com/1089239

https://bugzilla.suse.com/1089240

https://bugzilla.suse.com/1089241

https://bugzilla.suse.com/1093194

https://bugzilla.suse.com/1093195

https://bugzilla.suse.com/1093196

https://bugzilla.suse.com/1093197

https://bugzilla.suse.com/1093198

https://bugzilla.suse.com/1094244

https://bugzilla.suse.com/1094421

https://bugzilla.suse.com/1094422

https://bugzilla.suse.com/1094423

https://bugzilla.suse.com/1094424

https://bugzilla.suse.com/1094425

https://bugzilla.suse.com/1094436

https://bugzilla.suse.com/1094437

https://bugzilla.suse.com/1095241

https://bugzilla.suse.com/1096140

https://bugzilla.suse.com/1096242

https://bugzilla.suse.com/1096281

https://bugzilla.suse.com/1096746

https://bugzilla.suse.com/1097443

https://bugzilla.suse.com/1097445

https://bugzilla.suse.com/1097948

https://bugzilla.suse.com/973378

https://bugzilla.suse.com/989401

https://www.suse.com/security/cve/CVE-2018-3665.html

http://www.nessus.org/u?3b7c9df5

Plugin Details

Severity: Medium

ID: 110761

File Name: suse_SU-2018-1821-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2018/06/28

Modified: 2018/07/12

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 4.7

Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-ec2, p-cpe:/a:novell:suse_linux:kernel-ec2-base, p-cpe:/a:novell:suse_linux:kernel-ec2-devel, p-cpe:/a:novell:suse_linux:kernel-pae, p-cpe:/a:novell:suse_linux:kernel-pae-base, p-cpe:/a:novell:suse_linux:kernel-pae-devel, p-cpe:/a:novell:suse_linux:kernel-source, p-cpe:/a:novell:suse_linux:kernel-syms, p-cpe:/a:novell:suse_linux:kernel-trace, p-cpe:/a:novell:suse_linux:kernel-trace-base, p-cpe:/a:novell:suse_linux:kernel-trace-devel, p-cpe:/a:novell:suse_linux:kernel-xen, p-cpe:/a:novell:suse_linux:kernel-xen-base, p-cpe:/a:novell:suse_linux:kernel-xen-devel, cpe:/o:novell:suse_linux:11

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2018/06/27

Reference Information

CVE: CVE-2018-3665