1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2019:2262-1

[SUSE-SU-2019:2262-1] Security update for the Linux Kernel

Severity Important
Affected Packages 21
CVEs 7
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).
  • CVE-2018-20855: An issue was discovered in create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace (bsc#1143045).
  • CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service by setup_format_params division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make F_SECT_PER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189).
  • CVE-2019-14283: The function set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143191).
  • CVE-2019-11810: A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free (bsc#1134399).
  • CVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c (bnc#1142254).
  • CVE-2019-13631: In parse_hid_report_descriptor in drivers/input/tablet/gtco.c, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages (bsc#1142023).

The following non-security bugs were fixed:

  • bcache: Revert 'bcache: fix high CPU occupancy during journal' (bsc#1140652, bsc#1144288).
  • bcache: Revert 'bcache: free heap cache_set->flush_btree in bch_journal_free' (bsc#1140652, bsc#1144288).
  • bcache: add reclaimed_journal_buckets to struct cache_set (bsc#1140652, bsc#1144288).
  • bcache: fix race in btree_flush_write() (bsc#1140652, bsc#1144288).
  • bcache: fix stack corruption by PRECEDING_KEY() (bsc#1130972, bsc#1144257).
  • bcache: only set BCACHE_DEV_WB_RUNNING when cached device attached (bsc#1130972, bsc#1144273).
  • bcache: performance improvement for btree_flush_write() (bsc#1140652, bsc#1144288).
  • bcache: remove retry_flush_write from struct cache_set (bsc#1140652, bsc#1144288).
  • mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing (bsc#1142098).
  • powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945, bsc#1141401, bsc#1141402, bsc#1141452, bsc#1141453, bsc#1141454).
  • xen-netfront: use napi_complete() correctly to prevent Rx stalling (bsc#1138744).
Package Affected Version
pkg:rpm/suse/kgraft-patch-3_12_74-60_64_121-xen?arch=x86_64&distro=sles-12&sp=1 < 1-2.3.1
pkg:rpm/suse/kgraft-patch-3_12_74-60_64_121-default?arch=x86_64&distro=sles-12&sp=1 < 1-2.3.1
pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=1 < 3.12.74-60.64.121.1
ID
SUSE-SU-2019:2262-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2019/suse-su-20192262-1/
Published
2019-09-02T07:05:01
(5 years ago)
Modified
2019-09-02T07:05:01
(5 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_2262-1.json
Suse URL for SUSE-SU-2019:2262-1 https://www.suse.com/support/update/announcement/2019/suse-su-20192262-1/
Suse E-Mail link for SUSE-SU-2019:2262-1 https://lists.suse.com/pipermail/sle-security-updates/2019-September/005864.html
Bugzilla SUSE Bug 1130972 https://bugzilla.suse.com/1130972
Bugzilla SUSE Bug 1134399 https://bugzilla.suse.com/1134399
Bugzilla SUSE Bug 1138744 https://bugzilla.suse.com/1138744
Bugzilla SUSE Bug 1139358 https://bugzilla.suse.com/1139358
Bugzilla SUSE Bug 1140652 https://bugzilla.suse.com/1140652
Bugzilla SUSE Bug 1140945 https://bugzilla.suse.com/1140945
Bugzilla SUSE Bug 1141401 https://bugzilla.suse.com/1141401
Bugzilla SUSE Bug 1141402 https://bugzilla.suse.com/1141402
Bugzilla SUSE Bug 1141452 https://bugzilla.suse.com/1141452
Bugzilla SUSE Bug 1141453 https://bugzilla.suse.com/1141453
Bugzilla SUSE Bug 1141454 https://bugzilla.suse.com/1141454
Bugzilla SUSE Bug 1142023 https://bugzilla.suse.com/1142023
Bugzilla SUSE Bug 1142098 https://bugzilla.suse.com/1142098
Bugzilla SUSE Bug 1142254 https://bugzilla.suse.com/1142254
Bugzilla SUSE Bug 1143045 https://bugzilla.suse.com/1143045
Bugzilla SUSE Bug 1143189 https://bugzilla.suse.com/1143189
Bugzilla SUSE Bug 1143191 https://bugzilla.suse.com/1143191
Bugzilla SUSE Bug 1144257 https://bugzilla.suse.com/1144257
Bugzilla SUSE Bug 1144273 https://bugzilla.suse.com/1144273
Bugzilla SUSE Bug 1144288 https://bugzilla.suse.com/1144288
CVE SUSE CVE CVE-2018-20855 page https://www.suse.com/security/cve/CVE-2018-20855/
CVE SUSE CVE CVE-2019-1125 page https://www.suse.com/security/cve/CVE-2019-1125/
CVE SUSE CVE CVE-2019-11810 page https://www.suse.com/security/cve/CVE-2019-11810/
CVE SUSE CVE CVE-2019-13631 page https://www.suse.com/security/cve/CVE-2019-13631/
CVE SUSE CVE CVE-2019-13648 page https://www.suse.com/security/cve/CVE-2019-13648/
CVE SUSE CVE CVE-2019-14283 page https://www.suse.com/security/cve/CVE-2019-14283/
CVE SUSE CVE CVE-2019-14284 page https://www.suse.com/security/cve/CVE-2019-14284/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kgraft-patch-3_12_74-60_64_121-xen?arch=x86_64&distro=sles-12&sp=1 suse kgraft-patch-3_12_74-60_64_121-xen < 1-2.3.1 sles-12 x86_64
Affected pkg:rpm/suse/kgraft-patch-3_12_74-60_64_121-default?arch=x86_64&distro=sles-12&sp=1 suse kgraft-patch-3_12_74-60_64_121-default < 1-2.3.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-xen?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-xen-devel?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen-devel < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-xen-base?arch=x86_64&distro=sles-12&sp=1 suse kernel-xen-base < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=x86_64&distro=sles-12&sp=1 suse kernel-syms < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-syms?arch=s390x&distro=sles-12&sp=1 suse kernel-syms < 3.12.74-60.64.121.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-syms?arch=ppc64le&distro=sles-12&sp=1 suse kernel-syms < 3.12.74-60.64.121.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-source?arch=noarch&distro=sles-12&sp=1 suse kernel-source < 3.12.74-60.64.121.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-macros?arch=noarch&distro=sles-12&sp=1 suse kernel-macros < 3.12.74-60.64.121.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-devel?arch=noarch&distro=sles-12&sp=1 suse kernel-devel < 3.12.74-60.64.121.1 sles-12 noarch
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=sles-12&sp=1 suse kernel-default < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default?arch=s390x&distro=sles-12&sp=1 suse kernel-default < 3.12.74-60.64.121.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default < 3.12.74-60.64.121.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-man?arch=s390x&distro=sles-12&sp=1 suse kernel-default-man < 3.12.74-60.64.121.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=x86_64&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-devel?arch=s390x&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.74-60.64.121.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-devel?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default-devel < 3.12.74-60.64.121.1 sles-12 ppc64le
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=sles-12&sp=1 suse kernel-default-base < 3.12.74-60.64.121.1 sles-12 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=s390x&distro=sles-12&sp=1 suse kernel-default-base < 3.12.74-60.64.121.1 sles-12 s390x
Affected pkg:rpm/suse/kernel-default-base?arch=ppc64le&distro=sles-12&sp=1 suse kernel-default-base < 3.12.74-60.64.121.1 sles-12 ppc64le
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date