SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2051-1)

High Nessus Plugin ID 111329

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.140 to receive various security and bugfixes. The following security bugs were fixed :

- CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow via a large relative timeout because ktime_add_safe was not used (bnc#1099924)

- CVE-2018-9385: Prevent overread of the 'driver_override' buffer (bsc#1100491)

- CVE-2018-13405: The inode_init_owner function allowed local users to create files with an unintended group ownership allowing attackers to escalate privileges by making a plain file executable and SGID (bnc#1100416)

- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function could have result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used (bnc#1100418)

The update package also includes non-security fixes. See advisory for details.

Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch SUSE-SLE-WE-12-SP3-2018-1385=1

SUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1385=1

SUSE Linux Enterprise Server 12-SP3:zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-1385=1

SUSE Linux Enterprise Live Patching 12-SP3:zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2018-1385=1

SUSE Linux Enterprise High Availability 12-SP3:zypper in -t patch SUSE-SLE-HA-12-SP3-2018-1385=1

SUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-1385=1

SUSE CaaS Platform ALL :

To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

SUSE CaaS Platform 3.0 :

To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.

See Also

https://bugzilla.suse.com/1012382

https://bugzilla.suse.com/1064232

https://bugzilla.suse.com/1075876

https://bugzilla.suse.com/1076110

https://bugzilla.suse.com/1085185

https://bugzilla.suse.com/1085657

https://bugzilla.suse.com/1089525

https://bugzilla.suse.com/1090435

https://bugzilla.suse.com/1090888

https://bugzilla.suse.com/1091171

https://bugzilla.suse.com/1092207

https://bugzilla.suse.com/1094244

https://bugzilla.suse.com/1094248

https://bugzilla.suse.com/1094643

https://bugzilla.suse.com/1095453

https://bugzilla.suse.com/1096790

https://bugzilla.suse.com/1097034

https://bugzilla.suse.com/1097140

https://bugzilla.suse.com/1097492

https://bugzilla.suse.com/1097501

https://bugzilla.suse.com/1097551

https://bugzilla.suse.com/1097808

https://bugzilla.suse.com/1097931

https://bugzilla.suse.com/1097961

https://bugzilla.suse.com/1098016

https://bugzilla.suse.com/1098236

https://bugzilla.suse.com/1098425

https://bugzilla.suse.com/1098435

https://bugzilla.suse.com/1098527

https://bugzilla.suse.com/1098599

https://bugzilla.suse.com/1099042

https://bugzilla.suse.com/1099183

https://bugzilla.suse.com/1099279

https://bugzilla.suse.com/1099713

https://bugzilla.suse.com/1099732

https://bugzilla.suse.com/1099792

https://bugzilla.suse.com/1099810

https://bugzilla.suse.com/1099918

https://bugzilla.suse.com/1099924

https://bugzilla.suse.com/1099966

https://bugzilla.suse.com/1099993

https://bugzilla.suse.com/1100089

https://bugzilla.suse.com/1100340

https://bugzilla.suse.com/1100416

https://bugzilla.suse.com/1100418

https://bugzilla.suse.com/1100491

https://bugzilla.suse.com/1100843

https://bugzilla.suse.com/1101296

https://www.suse.com/security/cve/CVE-2018-13053.html

https://www.suse.com/security/cve/CVE-2018-13405.html

https://www.suse.com/security/cve/CVE-2018-13406.html

https://www.suse.com/security/cve/CVE-2018-9385.html

http://www.nessus.org/u?6aed4180

Plugin Details

Severity: High

ID: 111329

File Name: suse_SU-2018-2051-1.nasl

Version: 1.2

Type: local

Agent: unix

Published: 2018/07/25

Modified: 2018/09/05

Dependencies: 12634

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSSv3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:kernel-default, p-cpe:/a:novell:suse_linux:kernel-default-base, p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-debugsource, p-cpe:/a:novell:suse_linux:kernel-default-devel, p-cpe:/a:novell:suse_linux:kernel-default-extra, p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo, p-cpe:/a:novell:suse_linux:kernel-default-man, p-cpe:/a:novell:suse_linux:kernel-syms, cpe:/o:novell:suse_linux:12

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2018/07/24

Reference Information

CVE: CVE-2018-13053, CVE-2018-13405, CVE-2018-13406, CVE-2018-9385