Bug 639709 (CVE-2010-3081) - VUL-0: CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
Summary: VUL-0: CVE-2010-3081: kernel: 64-bit Compatibility Mode Stack Pointer Underflow
Status: RESOLVED FIXED
Alias: CVE-2010-3081
Product: SUSE Security Incidents
Classification: Novell Products
Component: General (show other bugs)
Version: unspecified
Hardware: Other Other
: P1 - Urgent : Critical
Target Milestone: ---
Deadline: 2010-10-21
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:11.3:35928 maint:relea...
Keywords:
Depends on:
Blocks:
 
Reported: 2010-09-16 07:35 UTC by Ludwig Nussel
Modified: 2018-10-19 18:00 UTC (History)
18 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
ABftw.c (23.78 KB, text/plain)
2010-09-17 13:31 UTC, Marcus Meissner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2010-09-16 07:35:37 UTC 
Your friendly security team received the following report via oss-security.
Please respond ASAP.
The issue is public.

CVE-2010-3081

------------------------------------------------------------------------------
Date: Thu, 16 Sep 2010 13:33:13 +0800
From: Eugene Teo <eugeneteo@kernel.sg>
Subject: [oss-security] CVE-2010-3081 kernel: 64-bit Compatibility Mode Stack Pointer Underflow

Reported by Ben Hawkes. "A vulnerability in the 32-bit compatibility 
layer for 64-bit systems was reported. It is caused by insecure 
allocation of user space memory when translating system call inputs to 
64-bit. A stack pointer underflow can occur when using the 
"compat_alloc_user_space" method with an arbitrary length input."

Reference:
http://sota.gen.nz/compat1/
https://bugzilla.redhat.com/CVE-2010-3081

Upstream commit:
http://git.kernel.org/linus/c41d68a513c71e35a14f66d71782d27a79a81ea6

Thanks, Eugene
-- 
main(i) { putchar(182623909 >> (i-1) * 5&31|!!(i<7)<<6) && main(++i); }
Comment 1 Marcus Meissner 2010-09-16 09:05:24 UTC 
jeff, we need this in the current sle11 submission.
Comment 2 Marcus Meissner 2010-09-16 11:59:03 UTC 
unclear what versuons are affected
Comment 3 Swamp Workflow Management 2010-09-16 12:18:48 UTC 
The SWAMPID for this issue is 35853.
This issue was rated as critical.
Please submit fixed packages until 2010-09-20.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 4 Jeff Mahoney 2010-09-16 18:02:36 UTC 
The issue exists on x86 since at least SLES9.
Comment 5 Jeff Mahoney 2010-09-16 18:48:42 UTC 
Fix applied to SLES9 SP4.
Fix applied to SLES10 SP3.
Fix applied to SLES10 SP4.
Fix applied to SLE11.
Fix applied to openSUSE 11.2.
Fix applied to SLE11 SP1.
Fix applied to openSUSE 11.3.
Fix applied to openSUSE Factory.

This issue affects SLERT and Moblin/Meego.
Comment 6 Mike Galbraith 2010-09-17 10:36:22 UTC 
Applied to SLE11-RT-SP1.
Comment 7 Marcus Meissner 2010-09-17 13:31:07 UTC 
Created attachment 390234 [details]
ABftw.c

gcc -o ABftw -O2 -m32 ABftw.c

./ABftw



confirmed working on 11.1 (aka SLE11 GA)
Comment 8 Jaydan Wylds 2010-09-20 08:00:50 UTC 
Has this fix been released publicly?  If not when can we expect this, and will this be for all versions?
Comment 9 Ludwig Nussel 2010-09-20 08:52:30 UTC 
kernel updates for all version are in the works
Comment 10 David Sterba 2010-09-20 10:55:35 UTC 
Bug 640483 now tracks sles11-ga PTF release. I'm transfering the DSLA there, sorry for the noise.
Comment 11 Jeff Mahoney 2010-09-20 13:33:18 UTC 
SR 8282 has the cherry-picked update for SLE11.
Comment 12 Thomas Abraham 2010-09-20 13:39:46 UTC 
http://support.novell.com/security/cve/CVE-2010-3081.html

does list SLES 9 as being affected. Who should I notify to
update that page?
Comment 13 Derek Paxton 2010-09-20 15:10:23 UTC 
Another customer is looking for the fix for this.  Do we have an ETA on a public fix?
Comment 14 Forgotten User 2PMDk7uCfS 2010-09-20 15:49:45 UTC 
My customer called about this today. I need to provide an update. Do we have an ETA?
Comment 15 Marcus Meissner 2010-09-21 15:31:50 UTC 
we will be releasing updates on Wednesday, is the current prediction.
Comment 16 Marcus Meissner 2010-09-21 15:35:44 UTC 
@Tom: sles9 is affected, what is not correct with the page?
Comment 17 Thomas Abraham 2010-09-21 16:09:42 UTC 
@Marcus : it's there now, but I don't believe it was when I looked initially.
Comment 18 Marcus Meissner 2010-09-21 20:19:22 UTC 
tom: you did not fully answer ... i think you meant that "In QA" did not list SLES 9 yet, right?

It did not list it, because it was only chceked in today.
Comment 19 Ludwig Nussel 2010-09-22 09:06:55 UTC 
This change break building the fglrx driver. compat_alloc_user_space() previously was defined inline in a header. Now it got turned into a GPL only symbol. The function really is trivial. Is it really necessary to suddenly declare it GPL only as part of a critical security fix?
Comment 20 Stefan Dirsch 2010-09-22 11:59:51 UTC 
(In reply to comment #19)
> This change break building the fglrx driver. compat_alloc_user_space()
> previously was defined inline in a header. Now it got turned into a GPL only
> symbol. The function really is trivial. Is it really necessary to suddenly
> declare it GPL only as part of a critical security fix?

Using the upstream patch would be clearly an ABI change, which isn't allowed at least for the SLE products as far as I know.
Comment 23 Swamp Workflow Management 2010-09-22 16:09:56 UTC 
Update released for: kernel-debug, kernel-debug-base, kernel-debug-base-debuginfo, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-default, kernel-default-base, kernel-default-base-debuginfo, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-desktop, kernel-desktop-base, kernel-desktop-base-debuginfo, kernel-desktop-debuginfo, kernel-desktop-debugsource, kernel-desktop-devel, kernel-desktop-devel-debuginfo, kernel-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-base-debuginfo, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-extra-debuginfo, kernel-pae, kernel-pae-base, kernel-pae-base-debuginfo, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-base-debuginfo, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-vanilla, kernel-vanilla-base, kernel-vanilla-base-debuginfo, kernel-vanilla-debuginfo, kernel-vanilla-debugsource, kernel-vanilla-devel, kernel-vanilla-devel-debuginfo, kernel-vmi, kernel-vmi-base, kernel-vmi-base-debuginfo, kernel-vmi-debuginfo, kernel-vmi-debugsource, kernel-vmi-devel, kernel-vmi-devel-debuginfo, kernel-xen, kernel-xen-base, kernel-xen-base-debuginfo, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, preload-kmp-default, preload-kmp-desktop
Products:
openSUSE 11.3 (debug, i586, x86_64)
Comment 24 Swamp Workflow Management 2010-09-22 16:13:24 UTC 
Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-docs, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-extra, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-extra, kernel-ps3, kernel-ps3-debuginfo, kernel-ps3-debugsource, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-extra, kernel-vanilla, kernel-vanilla-debuginfo, kernel-vanilla-debugsource, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
openSUSE 11.1 (debug, i586, ppc, x86_64)
Comment 25 Stefan Dirsch 2010-09-22 16:28:34 UTC 
Just verified that the updated kernel doesn't break the build on 32bit machines. Still I believe the fix would have been required to be adjusted in a kABI-compatible way. Changing an internal symbol to a GPL-only external symbol
I wouldn't call kABI compatible.
Comment 26 Swamp Workflow Management 2010-09-22 19:00:47 UTC 
Update released for: kernel-default, kernel-default-debuginfo, kernel-iseries64, kernel-iseries64-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-ppc64, kernel-ppc64-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 10-SP3 (ppc)
SLE-SDK 10-SP3 (ppc)
SLE-SERVER 10-SP3 (ppc)
Comment 27 Swamp Workflow Management 2010-09-22 19:56:40 UTC 
Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 10-SP3 (ia64)
SLE-SDK 10-SP3 (ia64)
SLE-SERVER 10-SP3 (ia64)
Comment 28 Swamp Workflow Management 2010-09-22 20:01:53 UTC 
Update released for: cluster-network-kmp-default, ext4dev-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 11 (s390x)
SLE-HAE 11 (s390x)
SLE-SERVER 11 (s390x)
Comment 29 Swamp Workflow Management 2010-09-22 20:07:55 UTC 
Update released for: cluster-network-kmp-default, ext4dev-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 11 (ia64)
SLE-HAE 11 (ia64)
SLE-SERVER 11 (ia64)
Comment 30 Swamp Workflow Management 2010-09-22 20:12:54 UTC 
Update released for: cluster-network-kmp-default, ext4dev-kmp-default, ext4dev-kmp-ppc64, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-extra, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 11 (ppc64)
SLE-HAE 11 (ppc64)
SLE-SERVER 11 (ppc64)
Comment 31 Swamp Workflow Management 2010-09-22 20:56:39 UTC 
Update released for: btrfs-kmp-default, cluster-network-kmp-default, ext4dev-kmp-default, gfs2-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra
Products:
SLE-DEBUGINFO 11-SP1 (ia64)
SLE-HAE 11-SP1 (ia64)
SLE-SERVER 11-SP1 (ia64)
Comment 32 Swamp Workflow Management 2010-09-22 21:11:44 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-desktop-devel, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-extra
Products:
SLE-DEBUGINFO 11-SP1 (i386)
SLE-DESKTOP 11-SP1 (i386)
SLE-HAE 11-SP1 (i386)
SLE-SERVER 11-SP1 (i386)
SLES4VMWARE 11-SP1 (i386)
Comment 33 Swamp Workflow Management 2010-09-22 21:26:45 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-vmi, ext4dev-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-vmi, kernel-vmi-base, kernel-vmi-debuginfo, kernel-vmi-debugsource, kernel-vmi-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
SLE-DEBUGINFO 11 (i386)
SLE-DESKTOP 11 (i386)
SLE-HAE 11 (i386)
SLE-SERVER 11 (i386)
Comment 34 Swamp Workflow Management 2010-09-22 21:31:17 UTC 
Update released for: kernel-default, kernel-default-debug, kernel-iseries64, kernel-iseries64-debug, kernel-pmac64, kernel-pmac64-debug, kernel-pseries64, kernel-pseries64-debug, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, um-host-kernel, kernel-update.ycp, install-kernel-non-interactive.sh
Products:
SUSE-CORE 9 (ppc)
Comment 35 Swamp Workflow Management 2010-09-22 21:36:07 UTC 
Update released for: kernel-64k-pagesize, kernel-64k-pagesize-debug, kernel-debug, kernel-debug-debug, kernel-default, kernel-default-debug, kernel-sn2, kernel-sn2-debug, kernel-source, kernel-syms, um-host-kernel, kernel-update.ycp, install-kernel-non-interactive.sh
Products:
SUSE-CORE 9 (ia64)
Comment 36 Swamp Workflow Management 2010-09-22 21:44:24 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
SLE-DEBUGINFO 11 (x86_64)
SLE-DESKTOP 11 (x86_64)
SLE-HAE 11 (x86_64)
SLE-SERVER 11 (x86_64)
Comment 37 Swamp Workflow Management 2010-09-22 21:51:50 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-ppc64, cluster-network-kmp-default, cluster-network-kmp-ppc64, ext4dev-kmp-default, ext4dev-kmp-ppc64, gfs2-kmp-default, gfs2-kmp-ppc64, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra
Products:
SLE-DEBUGINFO 11-SP1 (ppc64)
SLE-HAE 11-SP1 (ppc64)
SLE-SERVER 11-SP1 (ppc64)
Comment 38 Swamp Workflow Management 2010-09-22 22:00:30 UTC 
Update released for: cloop-kmp-default, cpint-kmp-default, drbd-kmp-default, kernel-default, kernel-default-debuginfo, kernel-source, kernel-syms, lirc-kmp-default
Products:
SLE-DEBUGINFO 10-SP3 (s390x)
SLE-SDK 10-SP3 (s390x)
SLE-SERVER 10-SP3 (s390x)
Comment 39 Swamp Workflow Management 2010-09-22 22:06:33 UTC 
Update released for: btrfs-kmp-default, cluster-network-kmp-default, ext4dev-kmp-default, gfs2-kmp-default, iscsitarget-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, oracleasm-kmp-default
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-HAE 11-SP1 (s390x)
SLE-SERVER 11-SP1 (s390x)
Comment 40 Swamp Workflow Management 2010-09-22 22:31:04 UTC 
Update released for: kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-debuginfo
Products:
SLE-DEBUGINFO 10-SP3 (x86_64)
SLE-DESKTOP 10-SP3 (x86_64)
SLE-SAP-APL 10-SP3 (x86_64)
SLE-SDK 10-SP3 (x86_64)
SLE-SERVER 10-SP3 (x86_64)
Comment 41 Swamp Workflow Management 2010-09-22 23:14:43 UTC 
Update released for: kernel-bigsmp, kernel-bigsmp-debuginfo, kernel-debug, kernel-debug-debuginfo, kernel-default, kernel-default-debuginfo, kernel-kdump, kernel-kdump-debuginfo, kernel-kdumppae, kernel-kdumppae-debuginfo, kernel-smp, kernel-smp-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-syms-debuginfo, kernel-vmi, kernel-vmi-debuginfo, kernel-vmipae, kernel-vmipae-debuginfo, kernel-xen, kernel-xen-debuginfo, kernel-xenpae, kernel-xenpae-debuginfo
Products:
SLE-DEBUGINFO 10-SP3 (i386)
SLE-DESKTOP 10-SP3 (i386)
SLE-SDK 10-SP3 (i386)
SLE-SERVER 10-SP3 (i386)
Comment 42 Swamp Workflow Management 2010-09-22 23:19:18 UTC 
Update released for: kernel-default, kernel-default-debug, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, kernel-xen, kernel-xen-debug, um-host-kernel, xen-kmp, kernel-update.ycp, install-kernel-non-interactive.sh
Products:
SUSE-CORE 9 (x86_64)
Comment 43 Swamp Workflow Management 2010-09-22 23:34:39 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-xen, hyper-v-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-DESKTOP 11-SP1 (x86_64)
SLE-HAE 11-SP1 (x86_64)
SLE-SERVER 11-SP1 (x86_64)
SLES4VMWARE 11-SP1 (x86_64)
Comment 44 Swamp Workflow Management 2010-09-22 23:44:32 UTC 
Update released for: kernel-bigsmp, kernel-bigsmp-debug, kernel-debug, kernel-debug-debug, kernel-default, kernel-default-debug, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, kernel-um, kernel-um-debug, kernel-xen, kernel-xen-debug, kernel-xenpae, kernel-xenpae-debug, um-host-install-initrd, um-host-kernel, xen-kmp, kernel-update.ycp, install-kernel-non-interactive.sh
Products:
Novell-Linux-POS 9 (i386)
SUSE-CORE 9 (i386)
Comment 45 Swamp Workflow Management 2010-09-23 01:08:52 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 46 Swamp Workflow Management 2010-09-23 01:09:15 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 47 Swamp Workflow Management 2010-09-23 01:09:57 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 48 Swamp Workflow Management 2010-09-23 01:10:21 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 49 Swamp Workflow Management 2010-09-23 01:11:10 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 50 Swamp Workflow Management 2010-09-23 03:09:16 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 51 Swamp Workflow Management 2010-09-23 03:12:17 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 52 Swamp Workflow Management 2010-09-23 03:13:27 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 53 Swamp Workflow Management 2010-09-23 03:13:51 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 54 Swamp Workflow Management 2010-09-23 03:14:42 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 55 Swamp Workflow Management 2010-09-23 13:08:44 UTC 
Update released for: kernel-debug, kernel-debug-base, kernel-debug-base-debuginfo, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-default, kernel-default-base, kernel-default-base-debuginfo, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-desktop, kernel-desktop-base, kernel-desktop-base-debuginfo, kernel-desktop-debuginfo, kernel-desktop-debugsource, kernel-desktop-devel, kernel-desktop-devel-debuginfo, kernel-pae, kernel-pae-base, kernel-pae-base-debuginfo, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-base-debuginfo, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-vanilla, kernel-vanilla-base, kernel-vanilla-base-debuginfo, kernel-vanilla-debuginfo, kernel-vanilla-debugsource, kernel-vanilla-devel, kernel-vanilla-devel-debuginfo, kernel-xen, kernel-xen-base, kernel-xen-base-debuginfo, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, preload-kmp-default, preload-kmp-desktop
Products:
openSUSE 11.2 (debug, i586, x86_64)
Comment 56 Greg Kroah-Hartman 2010-09-23 14:54:43 UTC 
I don't know why this is NEEDINFO from me, the upstream patch does change
the export symbol to be GPL only.

Which, if you think about it, is what an inline function really is in the first
place, so it makes sense.
Comment 57 Anthony Tortola 2010-09-23 14:58:28 UTC 
(In reply to comment #6)
> Applied to SLE11-RT-SP1.

Does this mean that SLE11-RT-SP1 has the fix in it already or is it affected and requires a patch?
Comment 58 Jeff Christensen 2010-09-23 15:12:30 UTC 
I have a question from a customer with regards to this CVE fix. They have RHEL5 support contract through Novell and have been getting updates and fixes from us. Do we know if or when we will provide this fix for RHEL5, for RHEL support contract customers?
Comment 59 Marcus Meissner 2010-09-23 16:01:38 UTC 
sle11-rt-sp1 has not yet received this update, I need to start a kernel update
for that one.



RHEL5, please contact olaf kirch (I think).
Comment 60 Stefan Dirsch 2010-09-23 16:15:23 UTC 
(In reply to comment #56)
> I don't know why this is NEEDINFO from me, the upstream patch does change
> the export symbol to be GPL only.
> 
> Which, if you think about it, is what an inline function really is in the first
> place, so it makes sense.

AFAICS nobody complains about the upstream patch, just about not adjusting the upstream patch for our release products to remain kABI compatible - and if easily possible also API compatible (in this case at least).
Comment 61 Takashi Iwai 2010-09-23 16:19:50 UTC 
Well, in this case, it's not about kABI.  As long as you don't rebuild the module, it should work.  The problem is that it brings a (sort of) license incompatibility in API.

Originally, it was a leak of GPL-marking due to inline function.  So, marking it as GPL isn't wrong.  But, still, I don't think we should break such a compatibility.
Comment 62 Jeff Mahoney 2010-09-23 16:24:43 UTC 
Yeah, I'm of two minds about this. Yes, ATI will have to respin their module to
work with the upstream fix, so that's work they're already doing. OTOH, we've
just broken something that built before and that's not really acceptable
either.

So, I'll punt to maintenance on this.

Marcus, which solution are you more comfortable with?
Comment 63 Marcus Meissner 2010-09-24 06:49:20 UTC 
we should not break stuff within a service pack.

I would adjust our kernels (and also have ATI adjust their driver)
Comment 64 Swamp Workflow Management 2010-09-27 15:02:13 UTC 
The SWAMPID for this issue is 36104.
This issue was rated as critical.
Please submit fixed packages until 2010-09-29.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 65 Rich Paredes 2010-09-27 17:58:53 UTC 
My customer wants to know if there are any mitigating factors or workarounds that they can put in place to reduce exposure of their install base until they can deploy the new kernel.
Comment 66 Marcus Meissner 2010-09-27 21:01:54 UTC 
they can avoid the trivial script kiddies who just use the exploit copy and paste
by chmod 0400 /proc/kallsyms

that will not stop people just specifying the addresses.

so: No, there is no effective mitigation against this problem.
Comment 67 Swamp Workflow Management 2010-09-29 12:46:42 UTC 
Update released for: ib-bonding-kmp-default, oracleasm-kmp-default
Products:
SLE-SERVER 10-SP3 (s390x)
Comment 68 Swamp Workflow Management 2010-10-13 15:09:15 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-xen, hyper-v-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-DESKTOP 11-SP1 (x86_64)
SLE-HAE 11-SP1 (x86_64)
SLE-SERVER 11-SP1 (x86_64)
SLES4VMWARE 11-SP1 (x86_64)
Comment 69 Swamp Workflow Management 2010-10-13 15:17:10 UTC 
Update released for: btrfs-kmp-default, cluster-network-kmp-default, ext4dev-kmp-default, gfs2-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-HAE 11-SP1 (s390x)
SLE-SERVER 11-SP1 (s390x)
Comment 70 Swamp Workflow Management 2010-10-13 15:23:05 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-extra
Products:
SLE-DEBUGINFO 11-SP1 (i386)
SLE-DESKTOP 11-SP1 (i386)
SLE-HAE 11-SP1 (i386)
SLE-SERVER 11-SP1 (i386)
SLES4VMWARE 11-SP1 (i386)
Comment 71 Swamp Workflow Management 2010-10-13 15:35:07 UTC 
Update released for: btrfs-kmp-default, cluster-network-kmp-default, ext4dev-kmp-default, gfs2-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra
Products:
SLE-DEBUGINFO 11-SP1 (ia64)
SLE-HAE 11-SP1 (ia64)
SLE-SERVER 11-SP1 (ia64)
Comment 72 Marcus Meissner 2010-10-13 15:43:47 UTC 
We have just released a kernel update for SUSE Linux Enterprise 11 SP1 that mentions/fixes this bug. The released version is 2.6.32.23-0.3.1.
Comment 73 Swamp Workflow Management 2010-10-13 16:10:01 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 74 Swamp Workflow Management 2010-10-13 16:12:25 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 75 Swamp Workflow Management 2010-10-13 16:14:48 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 76 Swamp Workflow Management 2010-10-13 16:17:13 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 77 Swamp Workflow Management 2010-10-13 16:19:43 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 78 Stefan Dirsch 2010-10-14 04:43:06 UTC 
Are there plans to fix the patch also for openSUSE (11.1 - 11.3)? Maybe also SLE11(GA), SLE10, SLE9? Thanks.
Comment 79 Marcus Meissner 2010-10-14 06:27:17 UTC 
yes. the fix is actually in the repos already, and will be released with the next updates.

(11.2 and 11.3 are in the queue already, sle11 ga and 11.1 will follow very soon)
Comment 80 Stefan Dirsch 2010-10-14 09:53:28 UTC 
Thanks, Marcus. That's indeed good news. :-)
Comment 81 Swamp Workflow Management 2010-10-14 11:55:13 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-ppc64, cluster-network-kmp-default, cluster-network-kmp-ppc64, ext4dev-kmp-default, ext4dev-kmp-ppc64, gfs2-kmp-default, gfs2-kmp-ppc64, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra
Products:
SLE-DEBUGINFO 11-SP1 (ppc64)
SLE-HAE 11-SP1 (ppc64)
SLE-SERVER 11-SP1 (ppc64)
Comment 82 Swamp Workflow Management 2010-10-19 21:27:50 UTC 
The SWAMPID for this issue is 36579.
This issue was rated as critical.
Please submit fixed packages until 2010-10-21.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 83 Swamp Workflow Management 2010-10-20 17:55:52 UTC 
Update released for: kernel-bigsmp, kernel-bigsmp-debug, kernel-debug, kernel-debug-debug, kernel-default, kernel-default-debug, kernel-smp, kernel-smp-debug, kernel-source, kernel-syms, kernel-um, kernel-um-debug, kernel-xen, kernel-xen-debug, kernel-xenpae, kernel-xenpae-debug, um-host-install-initrd, um-host-kernel, xen-kmp
Products:
Open-Enterprise-Server 9 (i386)
Comment 84 Swamp Workflow Management 2010-10-20 17:59:30 UTC 
Update released for: adminfs, novell-cluster-services, novell-cluster-services-cli, novell-cluster-services-km, novell-evms-snapins, novell-nss, novell-sms-zapishim, novell-sms-zapishim-bigsmp, novell-sms-zapishim-default, novell-sms-zapishim-smp, python-xml
Products:
Open-Enterprise-Server 9 (i386)
Comment 87 Swamp Workflow Management 2010-10-26 15:03:18 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-vmi, ext4dev-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-vmi, kernel-vmi-base, kernel-vmi-debuginfo, kernel-vmi-debugsource, kernel-vmi-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
SLE-DEBUGINFO 11 (i386)
SLE-DESKTOP 11 (i386)
SLE-HAE 11 (i386)
SLE-SERVER 11 (i386)
Comment 88 Swamp Workflow Management 2010-10-26 15:10:37 UTC 
Update released for: cluster-network-kmp-default, ext4dev-kmp-default, ext4dev-kmp-ppc64, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-extra, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 11 (ppc64)
SLE-HAE 11 (ppc64)
SLE-SERVER 11 (ppc64)
Comment 89 Swamp Workflow Management 2010-10-26 15:17:00 UTC 
Update released for: cluster-network-kmp-default, ext4dev-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-syms
Products:
SLE-DEBUGINFO 11 (ia64)
SLE-HAE 11 (ia64)
SLE-SERVER 11 (ia64)
Comment 90 Swamp Workflow Management 2010-10-26 15:29:01 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
SLE-DEBUGINFO 11 (x86_64)
SLE-DESKTOP 11 (x86_64)
SLE-HAE 11 (x86_64)
SLE-SERVER 11 (x86_64)
Comment 91 Swamp Workflow Management 2010-10-26 15:36:01 UTC 
Update released for: btrfs-kmp-default, cluster-network-kmp-default, drbd-kmp-default, ext4dev-kmp-default, gfs2-kmp-default, iscsitarget-kmp-default, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-syms, ocfs2-kmp-default, oracleasm-kmp-default, samplekmp-source
Products:
SLE-DEBUGINFO 11 (s390x)
SLE-HAE 11 (s390x)
SLE-SERVER 11 (s390x)
Comment 92 Swamp Workflow Management 2010-10-26 18:08:29 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 93 Swamp Workflow Management 2010-10-26 18:10:22 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 94 Swamp Workflow Management 2010-10-26 18:11:28 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 95 Swamp Workflow Management 2010-10-26 18:13:03 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 96 Swamp Workflow Management 2010-10-26 18:14:13 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 97 Marcus Meissner 2010-10-27 14:43:18 UTC 
We just released an update for SUSE Linux Enterprise 11 GA that mentions/fixes this bug. The released kernel version is 2.6.27.54-0.2.1.

(was released before alerady however, just adjusted patch)
Comment 98 Rich Paredes 2010-10-28 16:20:15 UTC 
Are we building packages for SLES 10 SP1 & SP2 for our LTSS customers?
Comment 103 Swamp Workflow Management 2010-11-02 22:42:11 UTC 
Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-extra, kernel-docs, kernel-kdump, kernel-kdump-debuginfo, kernel-kdump-debugsource, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-extra, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-extra, kernel-ps3, kernel-ps3-debuginfo, kernel-ps3-debugsource, kernel-source, kernel-source-debuginfo, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-extra, kernel-vanilla, kernel-vanilla-debuginfo, kernel-vanilla-debugsource, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-extra
Products:
openSUSE 11.1 (debug, i586, ppc, x86_64)
Comment 104 Swamp Workflow Management 2010-11-12 18:55:35 UTC 
Update released for: ib-bonding-kmp-debug, ib-bonding-kmp-rt, ib-bonding-kmp-rt_bigsmp, ib-bonding-kmp-rt_bigsmp_shield, ib-bonding-kmp-rt_bigsmp_shield_trace, ib-bonding-kmp-rt_debug, ib-bonding-kmp-rt_shield, ib-bonding-kmp-rt_shield_trace, ib-bonding-kmp-rt_timing, intel-igb, intel-igb-debuginfo, intel-igb-kmp-rt, intel-igb-kmp-rt_bigsmp, intel-igb-kmp-rt_debug, intel-igb-kmp-rt_timing, kernel-rt, kernel-rt-debuginfo, kernel-rt_bigsmp, kernel-rt_bigsmp-debuginfo, kernel-rt_debug, kernel-rt_debug-debuginfo, kernel-rt_timing, kernel-rt_timing-debuginfo, kernel-source, kernel-source-debuginfo, kernel-syms, ofed, ofed-cxgb3-NIC-kmp-rt, ofed-cxgb3-NIC-kmp-rt_bigsmp, ofed-cxgb3-NIC-kmp-rt_debug, ofed-cxgb3-NIC-kmp-rt_timing, ofed-devel, ofed-doc, ofed-kmp-bigsmp, ofed-kmp-debug, ofed-kmp-default, ofed-kmp-kdump, ofed-kmp-kdumppae, ofed-kmp-rt, ofed-kmp-rt_bigsmp, ofed-kmp-rt_bigsmp_shield, ofed-kmp-rt_bigsmp_shield_trace, ofed-kmp-rt_debug, ofed-kmp-rt_shield, ofed-kmp-rt_shield_trace, ofed-kmp-rt_timing, ofed-kmp-smp, ofed-kmp-vmi, ofed-kmp-vmipae
Products:
SLE-RT 10-SP3 (i386, x86_64)
Comment 105 Marcus Meissner 2010-12-10 12:46:08 UTC 
david answered the question I guess.
Comment 106 Swamp Workflow Management 2011-02-07 11:51:15 UTC 
Update released for: brocade-bna-kmp-rt, iscsitarget-kmp-rt, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-source-rt, kernel-source-rt-debuginfo, kernel-syms-rt, ofed-kmp-rt
Products:
SLE-RT 11-SP1 (x86_64)