883724 – (CVE-2014-4508) VUL-0: CVE-2014-4508: kernel: BUG in syscall auditing

Bug 883724 (CVE-2014-4508) - VUL-0: CVE-2014-4508: kernel: BUG in syscall auditing

Summary: VUL-0: CVE-2014-4508: kernel: BUG in syscall auditing

Status:	RESOLVED FIXED

Alias:	CVE-2014-4508

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Major
Target Milestone:	---
Deadline:	2014-09-03
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/99968/
Whiteboard:	CVSSv3.1:SUSE:CVE-2014-4508:5.5:(AV:L...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-06-23 07:55 UTC by Johannes Segitz
Modified:	2021-11-03 16:13 UTC (History)
CC List:	8 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2014-06-23 07:55:01 UTC

Linux kernel built with the system-call auditing support(CONFIG_AUDITSYSCALL)
for 32-bit platforms is vulnerable to a crash caused by erroneous handling of
bad system call numerals. It occurs during syscall(2) calls, if system-call
auditing is enabled on the system.

An unprivileged user/process could use this flaw to crash the system kernel
resulting in DoS.

Upstream fix:
https://lkml.org/lkml/2014/6/16/682

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1111590
http://www.openwall.com/lists/oss-security/2014/06/20/1

Comment 1 SMASH SMASH 2014-06-23 08:35:15 UTC

Affected packages:

SLE-10-SP3-TERADATA: kernel-source
SLE-11-SP1-TERADATA: kernel-source
SLE-11-SP3: kernel-source

Comment 2 Marcus Meissner 2014-06-23 09:07:05 UTC

easy local denial of service

Comment 3 Tony Jones 2014-06-24 20:32:29 UTC

Fix seems sound but (like following comments) I'm not sure it's a great idea to take the suggested fix until it's been better reviewed and is in maintainer branch.

https://lkml.org/lkml/2014/6/23/820
https://lkml.org/lkml/2014/6/24/205

Comment 4 Borislav Petkov 2014-06-25 09:03:01 UTC

http://git.kernel.org/tip/554086d85e71f30abe46fc014fea31929a7c6a8a - hpa picked it up already. Tony, let me know if I should backport it to 11SP3. mhocko is already on CC for TD.

Comment 7 Tony Jones 2014-06-25 22:50:19 UTC

(In reply to comment #4)
> http://git.kernel.org/tip/554086d85e71f30abe46fc014fea31929a7c6a8a - hpa picked
> it up already. Tony, let me know if I should backport it to 11SP3. mhocko is
> already on CC for TD.

Sure, if you want to handle SLE11 that's fine.  I've not looked at code but potentially impacts LTSS branches also.

Comment 8 Tony Jones 2014-06-26 05:10:47 UTC

> Sure, if you want to handle SLE11 that's fine.  I've not looked at code but
> potentially impacts LTSS branches also.

Applies fine to SP3 with one minor change. I can handle it but if you want to, go ahead. Looks like we'll need to fix in every branch post 2.6.27.

Comment 9 Borislav Petkov 2014-06-26 11:03:43 UTC

(In reply to comment #8)
> > Sure, if you want to handle SLE11 that's fine.  I've not looked at code but
> > potentially impacts LTSS branches also.
> 
> Applies fine to SP3 with one minor change. I can handle it but if you want to,
> go ahead. Looks like we'll need to fix in every branch post 2.6.27.

Want to? I'm not dying to do it, frankly speaking :-). And it seems you've already started so don't let me distract you. I got CCed and didn't have any intention to disrupt workflows here.

Thanks.

Comment 11 Marcus Meissner 2014-07-03 15:51:59 UTC

Can you apply it?

It will not be in the currently running maintenance update, but in the next one.

Comment 13 Jan Beulich 2014-07-04 10:08:18 UTC

(In reply to comment #11)
> Can you apply it?

Done for the three SLE11 branches; the openSUSE ones will follow later.

Comment 15 Tony Jones 2014-07-10 03:19:07 UTC

Checked SLE10 LTSS branches,  none are impacted.

Comment 16 Swamp Workflow Management 2014-07-16 19:41:56 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)

Comment 17 Swamp Workflow Management 2014-07-17 03:45:57 UTC

SUSE-SU-2014:0908-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 18 Swamp Workflow Management 2014-07-17 04:30:29 UTC

SUSE-SU-2014:0909-1: An update that solves 30 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 767610,786450,792271,821619,832710,837563,840524,846404,846690,847652,850915,851426,851603,852553,855126,857926,858869,858870,858872,859840,861636,861980,862429,862934,863300,863335,863410,863873,864404,864464,865310,865330,865882,866081,866102,866615,866800,866864,867362,867517,867531,867723,867953,868488,868528,868653,868748,869033,869414,869563,869934,870173,870335,870450,870496,870498,870576,870591,870618,870877,870958,871561,871634,871676,871728,871854,871861,871899,872188,872540,872634,873061,873374,873463,874108,874145,874440,874577,875386,876102,876114,876176,876463,877013,877257,877497,877775,878115,878123,878274,878407,878509,879921,879957,880007,880357,880437,880484,881571,881761,881939,882324,883380,883724,883795,885725
CVE References: CVE-2012-2372,CVE-2013-2929,CVE-2013-4299,CVE-2013-4579,CVE-2013-6382,CVE-2013-7339,CVE-2014-0055,CVE-2014-0077,CVE-2014-0101,CVE-2014-0131,CVE-2014-0155,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1874,CVE-2014-2309,CVE-2014-2523,CVE-2014-2678,CVE-2014-2851,CVE-2014-3122,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4699
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.79, drbd-kmp-8.4.4-0.22.45, iscsitarget-1.4.20-0.38.64, kernel-rt-3.0.101.rt130-0.24.1, kernel-rt_trace-3.0.101.rt130-0.24.1, kernel-source-rt-3.0.101.rt130-0.24.1, kernel-syms-rt-3.0.101.rt130-0.24.1, lttng-modules-2.1.1-0.11.57, ocfs2-1.6-0.20.79, ofed-1.5.4.1-0.13.70

Comment 19 Tony Jones 2014-07-29 15:53:06 UTC

(In reply to comment #13)
> (In reply to comment #11)
> > Can you apply it?
> 
> Done for the three SLE11 branches; the openSUSE ones will follow later.

Jan, did openSUSE get taken tare of?  If so I'll close,  else I'm going to reassign this to you.   Thanks!

Comment 20 Jan Beulich 2014-07-29 16:14:10 UTC

It's in the pipeline, but not committed yet.

Comment 21 Tony Jones 2014-07-29 17:39:52 UTC

(In reply to comment #20)
> It's in the pipeline, but not committed yet.

ok, I'll reassign to you,  you can close when you're finished.  thanks!

Comment 22 Jan Beulich 2014-08-01 09:29:57 UTC

openSUSE branches now also taken care of wrt Xen.

Comment 23 Swamp Workflow Management 2014-08-01 13:06:10 UTC

openSUSE-SU-2014:0957-1: An update that fixes 15 vulnerabilities is now available.

Category: security (important)
Bug References: 788080,867531,867723,877257,880484,882189,883518,883724,883795,885422,885725
CVE References: CVE-2014-0131,CVE-2014-2309,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4014,CVE-2014-4171,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.40.2, kernel-source-3.7.10-1.40.1, kernel-syms-3.7.10-1.40.1

Comment 24 Swamp Workflow Management 2014-08-11 10:08:11 UTC

openSUSE-SU-2014:0985-1: An update that solves 14 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 768714,851686,855657,866101,867531,867723,879071,880484,882189,883518,883724,883795,884840,885422,885725,886629
CVE References: CVE-2014-0100,CVE-2014-0131,CVE-2014-2309,CVE-2014-3917,CVE-2014-4014,CVE-2014-4171,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.13.1, crash-7.0.2-2.13.1, hdjmod-1.28-16.13.1, ipset-6.21.1-2.17.1, iscsitarget-1.4.20.3-13.13.1, kernel-docs-3.11.10-21.3, kernel-source-3.11.10-21.1, kernel-syms-3.11.10-21.1, ndiswrapper-1.58-13.1, pcfclock-0.44-258.13.1, vhba-kmp-20130607-2.14.1, virtualbox-4.2.18-2.18.1, xen-4.3.2_01-21.1, xtables-addons-2.3-2.13.1

Comment 25 Jan Beulich 2014-08-11 11:12:40 UTC

Don't we btw need to pull in 8142b215501f8b291a108a202b3a053a265b03dd on top of the current fix (while that also alters the non-sysenter code path, the fix it supplies seems to only be to the sysenter one, which makes at least the Xen kernels unaffected of that new problem)?

Comment 26 Tony Jones 2014-08-11 14:18:16 UTC

(In reply to comment #25)
> Don't we btw need to pull in 8142b215501f8b291a108a202b3a053a265b03dd on top of
> the current fix (while that also alters the non-sysenter code path, the fix it
> supplies seems to only be to the sysenter one, which makes at least the Xen
> kernels unaffected of that new problem)?

I"d not seen this, ugh, yes we do need it.  I'll redo for SLE11 and OpenSUSE.

Comment 27 Swamp Workflow Management 2014-08-27 10:29:01 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2014-09-03.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/58726

Comment 28 Tony Jones 2014-08-28 06:33:52 UTC

pushed additional mainline commits fb21b84e and 8142b215 to SLE11-SP1/SP2/SP3,  openSUSE-12.3 and openSUSE-13.1 branches.    Tested each on i386/vm.

based on comment #25 8142b215 isn't required for Xen,  so if you're done Jan,  bug can be reassigned back to security-team

Comment 29 Jan Beulich 2014-08-28 07:12:06 UTC

Doing just so then.

Comment 30 Swamp Workflow Management 2014-09-09 23:13:10 UTC

SUSE-SU-2014:1105-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,877775,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-4299,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.23.1, kernel-ec2-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-source-3.0.101-0.7.23.1, kernel-syms-3.0.101-0.7.23.1, kernel-trace-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1, xen-4.1.6_06-0.5.30
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1

Comment 31 Swamp Workflow Management 2014-09-16 17:08:17 UTC

SUSE-SU-2014:1138-1: An update that fixes 22 vulnerabilities is now available.

Category: security (important)
Bug References: 794824,806431,831058,854722,856756,871797,877257,879921,880484,881051,882809,883526,883724,883795,884530,885422,885725,887082,889173,892490
CVE References: CVE-2013-1860,CVE-2013-4162,CVE-2013-7266,CVE-2013-7267,CVE-2013-7268,CVE-2013-7269,CVE-2013-7270,CVE-2013-7271,CVE-2014-0203,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-4943,CVE-2014-5077
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    kernel-default-2.6.32.59-0.15.2, kernel-ec2-2.6.32.59-0.15.2, kernel-pae-2.6.32.59-0.15.2, kernel-source-2.6.32.59-0.15.2, kernel-syms-2.6.32.59-0.15.2, kernel-trace-2.6.32.59-0.15.2, kernel-xen-2.6.32.59-0.15.2, xen-4.0.3_21548_16-0.5.26
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.15.2, kernel-pae-2.6.32.59-0.15.2, kernel-xen-2.6.32.59-0.15.2

Comment 32 Swamp Workflow Management 2014-09-28 16:10:19 UTC

openSUSE-SU-2014:1246-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,854722,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-6463,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-docs-3.0.101-91.2, kernel-source-3.0.101-91.1, kernel-syms-3.0.101-91.1, preload-1.2-6.69.2

Comment 33 Swamp Workflow Management 2014-10-22 19:14:17 UTC

SUSE-SU-2014:1316-1: An update that solves 11 vulnerabilities and has 64 fixes is now available.

Category: security (important)
Bug References: 774818,806990,816708,826486,832309,849123,855657,859840,860441,860593,863586,866130,866615,866864,866911,869055,869934,870161,871797,876017,876055,876114,876590,879921,880344,880370,881051,881759,882317,882639,882804,882900,883376,883518,883724,884333,884582,884725,884767,885262,885382,885422,885509,886840,887082,887503,887608,887645,887680,888058,888105,888591,888607,888847,888849,888968,889061,889173,889451,889614,889727,890297,890426,890513,890526,891087,891259,891619,892200,892490,892723,893064,893496,893596,894200
CVE References: CVE-2013-1979,CVE-2014-1739,CVE-2014-2706,CVE-2014-4027,CVE-2014-4171,CVE-2014-4508,CVE-2014-4667,CVE-2014-4943,CVE-2014-5077,CVE-2014-5471,CVE-2014-5472
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-bigsmp-3.0.101-0.40.1
SUSE Linux Enterprise Server 11 SP3 (src):    iscsitarget-1.4.20-0.38.83, kernel-bigsmp-3.0.101-0.40.1, ofed-1.5.4.1-0.13.89, oracleasm-2.0.5-7.39.89
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.98, drbd-kmp-8.4.4-0.22.64, gfs2-2-0.16.104, ocfs2-1.6-0.20.98
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-bigsmp-3.0.101-0.40.1
SLE 11 SERVER Unsupported Extras (src):    kernel-bigsmp-3.0.101-0.40.1

Comment 34 Swamp Workflow Management 2014-10-22 23:16:52 UTC

SUSE-SU-2014:1319-1: An update that solves 13 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 774818,806990,816708,826486,832309,833820,849123,855657,859840,860441,860593,863586,866130,866615,866864,866911,869055,869934,870161,871134,871797,876017,876055,876114,876590,879304,879921,880344,880370,880892,881051,881759,882317,882639,882804,882900,883096,883376,883518,883724,884333,884582,884725,884767,885262,885382,885422,885509,886840,887082,887418,887503,887608,887645,887680,888058,888105,888591,888607,888847,888849,888968,889061,889173,889451,889614,889727,890297,890426,890513,890526,891087,891259,891281,891619,891746,892200,892490,892723,893064,893496,893596,894200,895221,895608,895680,895983,896689
CVE References: CVE-2013-1979,CVE-2014-1739,CVE-2014-2706,CVE-2014-3153,CVE-2014-4027,CVE-2014-4171,CVE-2014-4508,CVE-2014-4667,CVE-2014-4943,CVE-2014-5077,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.40.1, kernel-ec2-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-ppc64-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1, xen-4.2.4_04-0.7.3
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.99, drbd-kmp-8.4.4-0.22.65, iscsitarget-1.4.20-0.38.84, kernel-rt-3.0.101.rt130-0.28.1, kernel-rt_trace-3.0.101.rt130-0.28.1, kernel-source-rt-3.0.101.rt130-0.28.1, kernel-syms-rt-3.0.101.rt130-0.28.1, lttng-modules-2.1.1-0.11.75, ocfs2-1.6-0.20.99, ofed-1.5.4.1-0.13.90
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.98, gfs2-2-0.16.104, ocfs2-1.6-0.20.98
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1, xen-4.2.4_04-0.7.3
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-ppc64-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1

Comment 35 Swamp Workflow Management 2014-12-19 18:06:24 UTC

openSUSE-SU-2014:1669-1: An update that solves 22 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 768714,818561,835839,853040,865882,882639,883518,883724,883948,887082,889173,890624,892490,896382,896385,896390,896391,896392,896689,899785,904013,904700,905100,905764,907818,909077,910251
CVE References: CVE-2013-2889,CVE-2013-2891,CVE-2014-3181,CVE-2014-3182,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-4171,CVE-2014-4508,CVE-2014-4608,CVE-2014-4943,CVE-2014-5077,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410,CVE-2014-7826,CVE-2014-7841,CVE-2014-8133,CVE-2014-8709,CVE-2014-8884,CVE-2014-9090,CVE-2014-9322
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.45.2, kernel-source-3.7.10-1.45.1, kernel-syms-3.7.10-1.45.1

Comment 36 Swamp Workflow Management 2014-12-21 12:07:21 UTC

openSUSE-SU-2014:1677-1: An update that solves 31 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 818966,835839,853040,856659,864375,865882,873790,875051,881008,882639,882804,883518,883724,883948,883949,884324,887046,887082,889173,890114,891689,892490,893429,896382,896385,896390,896391,896392,896689,897736,899785,900392,902346,902349,902351,904013,904700,905100,905744,907818,908163,909077,910251
CVE References: CVE-2013-2891,CVE-2013-2898,CVE-2014-0181,CVE-2014-0206,CVE-2014-1739,CVE-2014-3181,CVE-2014-3182,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-4171,CVE-2014-4508,CVE-2014-4608,CVE-2014-4611,CVE-2014-4943,CVE-2014-5077,CVE-2014-5206,CVE-2014-5207,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410,CVE-2014-7826,CVE-2014-7841,CVE-2014-7975,CVE-2014-8133,CVE-2014-8709,CVE-2014-9090,CVE-2014-9322
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.16.1, crash-7.0.2-2.16.1, hdjmod-1.28-16.16.1, ipset-6.21.1-2.20.1, iscsitarget-1.4.20.3-13.16.1, kernel-docs-3.11.10-25.2, kernel-source-3.11.10-25.1, kernel-syms-3.11.10-25.1, ndiswrapper-1.58-16.1, pcfclock-0.44-258.16.1, vhba-kmp-20130607-2.17.1, virtualbox-4.2.18-2.21.1, xen-4.3.2_02-30.1, xtables-addons-2.3-2.16.1

Comment 37 Swamp Workflow Management 2014-12-23 18:09:13 UTC

SUSE-SU-2014:1693-1: An update that solves 21 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522
CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8709,CVE-2014-8884
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.42.1, kernel-ec2-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1, xen-4.2.5_02-0.7.2
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.115, gfs2-2-0.16.121, ocfs2-1.6-0.20.115
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1, xen-4.2.5_02-0.7.2
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.42.1, kernel-pae-3.0.101-0.42.1, kernel-ppc64-3.0.101-0.42.1, kernel-xen-3.0.101-0.42.1

Comment 38 Swamp Workflow Management 2014-12-23 19:07:26 UTC

SUSE-SU-2014:1695-1: An update that solves 24 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522,907818,909077,910251
CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8133,CVE-2014-8709,CVE-2014-8884,CVE-2014-9090,CVE-2014-9322
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-ec2-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1, xen-4.2.5_02-0.7.9
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.120, gfs2-2-0.16.126, ocfs2-1.6-0.20.120
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-source-3.0.101-0.46.1, kernel-syms-3.0.101-0.46.1, kernel-trace-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1, xen-4.2.5_02-0.7.9
SLE 11 SERVER Unsupported Extras (src):    kernel-bigsmp-3.0.101-0.46.1, kernel-default-3.0.101-0.46.1, kernel-xen-3.0.101-0.46.1

Comment 39 Swamp Workflow Management 2014-12-24 07:11:25 UTC

SUSE-SU-2014:1693-2: An update that solves 21 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522
CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8709,CVE-2014-8884
Sources used:
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.42.1, kernel-ppc64-3.0.101-0.42.1, kernel-source-3.0.101-0.42.1, kernel-syms-3.0.101-0.42.1, kernel-trace-3.0.101-0.42.1
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.115, gfs2-2-0.16.121, ocfs2-1.6-0.20.115

Comment 40 Swamp Workflow Management 2015-01-14 18:08:14 UTC

SUSE-SU-2014:1695-2: An update that solves 24 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 755743,779488,800255,835839,851603,853040,857643,860441,868049,873228,876633,883724,883948,885077,887418,888607,891211,891368,891790,892782,893758,894058,894895,895387,895468,896382,896390,896391,896392,896415,897502,897694,897708,898295,898375,898554,899192,899574,899843,901638,902346,902349,903331,903653,904013,904358,904700,905100,905522,907818,909077,910251
CVE References: CVE-2012-4398,CVE-2013-2889,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-7263,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-4508,CVE-2014-4608,CVE-2014-7826,CVE-2014-7841,CVE-2014-8133,CVE-2014-8709,CVE-2014-8884,CVE-2014-9090,CVE-2014-9322
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.121, drbd-kmp-8.4.4-0.22.87, iscsitarget-1.4.20-0.38.106, kernel-rt-3.0.101.rt130-0.32.1, kernel-rt_trace-3.0.101.rt130-0.32.1, kernel-source-rt-3.0.101.rt130-0.32.1, kernel-syms-rt-3.0.101.rt130-0.32.1, lttng-modules-2.1.1-0.11.96, ocfs2-1.6-0.20.121, ofed-1.5.4.1-0.13.112

Comment 41 Swamp Workflow Management 2015-03-21 14:08:39 UTC

openSUSE-SU-2015:0566-1: An update that solves 38 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 771619,778463,833588,835839,847652,853040,864049,865442,867531,867723,870161,875051,876633,880892,883096,883724,883948,887082,892490,892782,895680,896382,896390,896391,896392,897995,898693,899192,901885,902232,902346,902349,902351,902675,903640,904013,904700,905100,905312,905799,906586,907189,907338,907396,907818,909077,909078,910251,912654,912705,915335
CVE References: CVE-2012-4398,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-2929,CVE-2013-7263,CVE-2014-0131,CVE-2014-0181,CVE-2014-2309,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4508,CVE-2014-4608,CVE-2014-4943,CVE-2014-5471,CVE-2014-5472,CVE-2014-7826,CVE-2014-7841,CVE-2014-7842,CVE-2014-8133,CVE-2014-8134,CVE-2014-8369,CVE-2014-8559,CVE-2014-8709,CVE-2014-9090,CVE-2014-9322,CVE-2014-9584,CVE-2014-9585
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-docs-3.0.101-99.2, kernel-source-3.0.101-99.1, kernel-syms-3.0.101-99.1, preload-1.2-6.77.1