openSUSE Security Update : dpdk (openSUSE-2018-1484)

Low Nessus Plugin ID 119492

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for dpdk to version 16.11.8 provides the following security fix :

- CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application (ovs-dpdk) memory which could have lead all VM to lose connectivity (bsc#1089638)

and following non-security fixes :

- Enable the broadcom chipset family Broadcom NetXtreme II BCM57810 (bsc#1073363)

- Fix a latency problem by using cond_resched rather than schedule_timeout_interruptible (bsc#1069601)

- Fix a syntax error affecting csh environment configuration (bsc#1102310)

- Fixes in net/bnxt :

- Fix HW Tx checksum offload check

- Fix incorrect IO address handling in Tx

- Fix Rx ring count limitation

- Check access denied for HWRM commands

- Fix RETA size

- Fix close operation

- Fixes in eal/linux :

- Fix an invalid syntax in interrupts

- Fix return codes on thread naming failure

- Fixes in kni :

- Fix crash with null name

- Fix build with gcc 8.1

- Fixes in net/thunderx :

- Fix build with gcc optimization on

- Avoid sq door bell write on zero packet

- net/bonding: Fix MAC address reset

- vhost: Fix missing increment of log cache count

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Solution

Update the affected dpdk packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1069601

https://bugzilla.opensuse.org/show_bug.cgi?id=1073363

https://bugzilla.opensuse.org/show_bug.cgi?id=1089638

https://bugzilla.opensuse.org/show_bug.cgi?id=1102310

Plugin Details

Severity: Low

ID: 119492

File Name: openSUSE-2018-1484.nasl

Version: 1.1

Type: local

Agent: unix

Published: 2018/12/07

Modified: 2018/12/07

Dependencies: 12634

Risk Information

Risk Factor: Low

CVSS v2.0

Base Score: 2.9

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 6.1

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:dpdk, p-cpe:/a:novell:opensuse:dpdk-debuginfo, p-cpe:/a:novell:opensuse:dpdk-debugsource, p-cpe:/a:novell:opensuse:dpdk-devel, p-cpe:/a:novell:opensuse:dpdk-devel-debuginfo, p-cpe:/a:novell:opensuse:dpdk-examples, p-cpe:/a:novell:opensuse:dpdk-examples-debuginfo, p-cpe:/a:novell:opensuse:dpdk-kmp-default, p-cpe:/a:novell:opensuse:dpdk-kmp-default-debuginfo, p-cpe:/a:novell:opensuse:dpdk-tools, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2018/12/06

Reference Information

CVE: CVE-2018-1059