Bug 853052 (CVE-2013-6368) - VUL-1: CVE-2013-6368: kernel: kvm: cross page vapic_addr access
Summary: VUL-1: CVE-2013-6368: kernel: kvm: cross page vapic_addr access
Status: RESOLVED FIXED
Alias: CVE-2013-6368
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Deadline: 2014-03-11
Assignee: E-mail List
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:sle11-sp2:55877 maint:...
Keywords:
Depends on:
Blocks:
 
Reported: 2013-11-30 12:26 UTC by Marcus Meissner
Modified: 2017-04-25 22:44 UTC (History)
6 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
CVE-2013-6368.patch (5.34 KB, patch)
2013-11-30 12:27 UTC, Marcus Meissner 		Details | Diff
SLE11-SP2 backport (5.69 KB, patch)
2013-12-22 18:44 UTC, Borislav Petkov 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2013-11-30 12:26:50 UTC 
embargoed until 2013-12-12 12:12 UTC.

Hello, vendors.

We've been informed about four issues affecting kvm:


CVE-2013-6368 kernel: kvm: cross page vapic_addr access

Please see attachment for kvm upstream acked patches and descriptions.

First three issues were found by Andrew Honig <ahonig@google.com> and
the last one by Lars Bull <larsbull@google.com>

All four issues are embargoed until 2013-12-12 12:12 UTC.

Regards,
-- 
Petr Matousek / Red Hat Security Response Team
Comment 1 Marcus Meissner 2013-11-30 12:27:16 UTC 
Created attachment 569728 [details]
CVE-2013-6368.patch

attached patch
Comment 2 Swamp Workflow Management 2013-11-30 23:01:43 UTC 
bugbot adjusting priority
Comment 3 Alexander Bergmann 2013-12-13 17:10:48 UTC 
public now
Comment 4 Borislav Petkov 2013-12-21 12:12:07 UTC 
upstream commit: fda4e2e85589191b123d31cdc21fd33ee70f50fd
Comment 5 Borislav Petkov 2013-12-22 18:43:46 UTC 
SLE12: applied

SLE11-SP2 is not that trivial. I've done the backport and it builds but
it would be nice if someone could double check. Judging by git log, a
good candidate would be Bruce. :-)

Bruce, can you please take a look at the next comment where I'm
attaching the backport to SLE11-SP2 of this fix? Please check whether
I've done it correctly.

Thanks.
Comment 6 Borislav Petkov 2013-12-22 18:44:56 UTC 
Created attachment 572832 [details]
SLE11-SP2 backport
Comment 7 Bruce Rogers 2014-01-06 17:58:42 UTC 
Your backport looks good to me.
Comment 8 Borislav Petkov 2014-01-07 19:50:22 UTC 
Thanks Bruce, applied.

oS12.2: applied.
oS12.3: applied.
oS13.1: applied.

Closing.
Comment 11 Swamp Workflow Management 2014-01-27 10:58:50 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ppc64)
SLE-HAE 11-SP2 (ppc64)
SLE-SERVER 11-SP2 (ppc64)
Comment 12 Swamp Workflow Management 2014-01-27 11:14:30 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ia64)
SLE-HAE 11-SP2 (ia64)
SLE-SERVER 11-SP2 (ia64)
Comment 13 Swamp Workflow Management 2014-01-27 11:30:02 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-DESKTOP 11-SP2 (i386)
SLE-HAE 11-SP2 (i386)
SLE-SERVER 11-SP2 (i386)
SLES4VMWARE 11-SP2 (i386)
Comment 14 Swamp Workflow Management 2014-01-27 11:56:21 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-HAE 11-SP2 (s390x)
SLE-SERVER 11-SP2 (s390x)
Comment 15 Swamp Workflow Management 2014-01-27 16:43:01 UTC 
SUSE-SU-2014:0140-1: An update that solves 14 vulnerabilities and has 57 fixes is now available.

Category: security (moderate)
Bug References: 708296,769644,787843,789359,798050,806988,807434,810323,813245,818545,819979,820102,820338,821980,823618,825696,825896,826602,826756,827767,828236,831168,834473,834708,834808,835074,835186,836718,837739,838623,839407,840226,841445,842239,843419,843429,843445,843642,843645,845621,845729,846036,846984,847261,848321,848336,848544,848652,849021,849029,849034,849404,849675,849809,849848,849950,850640,851066,851101,851314,852373,852558,852559,852624,853050,853051,853052,854546,854634,854722,855037
CVE References: CVE-2013-4345,CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6368,CVE-2013-6378,CVE-2013-6380,CVE-2013-6383,CVE-2013-6463,CVE-2013-7027
Sources used:
SUSE Linux Enterprise Server 11 SP2 for VMware (src):    kernel-default-3.0.101-0.7.15.1, kernel-pae-3.0.101-0.7.15.1, kernel-source-3.0.101-0.7.15.1, kernel-syms-3.0.101-0.7.15.1, kernel-trace-3.0.101-0.7.15.1, kernel-xen-3.0.101-0.7.15.1, xen-4.1.6_04-0.5.12
SUSE Linux Enterprise Server 11 SP2 (src):    kernel-default-3.0.101-0.7.15.1, kernel-ec2-3.0.101-0.7.15.1, kernel-pae-3.0.101-0.7.15.1, kernel-ppc64-3.0.101-0.7.15.1, kernel-source-3.0.101-0.7.15.1, kernel-syms-3.0.101-0.7.15.1, kernel-trace-3.0.101-0.7.15.1, kernel-xen-3.0.101-0.7.15.1, xen-4.1.6_04-0.5.12
SUSE Linux Enterprise High Availability Extension 11 SP2 (src):    cluster-network-1.4-2.18.79, gfs2-2-0.7.107, ocfs2-1.6-0.11.78
SUSE Linux Enterprise Desktop 11 SP2 (src):    kernel-default-3.0.101-0.7.15.1, kernel-pae-3.0.101-0.7.15.1, kernel-source-3.0.101-0.7.15.1, kernel-syms-3.0.101-0.7.15.1, kernel-trace-3.0.101-0.7.15.1, kernel-xen-3.0.101-0.7.15.1, xen-4.1.6_04-0.5.12
SLE 11 SERVER Unsupported Extras (src):    ext4-writeable-0-0.14.88, kernel-default-3.0.101-0.7.15.1, kernel-pae-3.0.101-0.7.15.1, kernel-ppc64-3.0.101-0.7.15.1, kernel-xen-3.0.101-0.7.15.1
Comment 16 Swamp Workflow Management 2014-01-27 16:56:46 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 17 Swamp Workflow Management 2014-01-27 17:18:33 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-pae, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 18 Swamp Workflow Management 2014-01-27 17:52:39 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 19 Swamp Workflow Management 2014-01-27 18:18:55 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-ppc64, ext4-writeable-kmp-trace, kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 20 Swamp Workflow Management 2014-01-27 19:18:44 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 21 Swamp Workflow Management 2014-01-31 11:06:14 UTC 
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-RT 11-SP2 (x86_64)
Comment 22 Swamp Workflow Management 2014-01-31 16:29:47 UTC 
SUSE-SU-2014:0169-1: An update that solves 14 vulnerabilities and has 53 fixes is now available.

Category: security (moderate)
Bug References: 708296,769644,787843,789359,806988,810323,813245,818545,819979,820102,820338,821980,823618,825696,825896,826602,826756,827767,828236,831168,834473,834708,834808,835074,835186,836718,837739,838623,839407,840226,841445,842239,843419,843429,843445,843642,843645,845621,845729,846036,846984,847261,848321,848336,848544,849021,849029,849034,849404,849675,849809,849848,849950,850640,851066,851101,851314,852373,852558,852559,853050,853051,853052,854546,854634,854722,855037
CVE References: CVE-2013-4345,CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6368,CVE-2013-6378,CVE-2013-6380,CVE-2013-6383,CVE-2013-6463,CVE-2013-7027
Sources used:
SUSE Linux Enterprise Real Time 11 SP2 (src):    cluster-network-1.4-2.18.79, drbd-kmp-8.4.2-0.6.6.70, iscsitarget-1.4.20-0.25.25.18, kernel-rt-3.0.101.rt130-0.7.9.1, kernel-rt_trace-3.0.101.rt130-0.7.9.1, kernel-source-rt-3.0.101.rt130-0.7.9.1, kernel-syms-rt-3.0.101.rt130-0.7.9.1, lttng-modules-2.0.4-0.9.9.6, ocfs2-1.6-0.11.78, ofed-1.5.2-0.28.28.50
Comment 23 Bernhard Wiedemann 2014-02-03 22:00:25 UTC 
This is an autogenerated message for OBS integration:
This bug (853052) was mentioned in
https://build.opensuse.org/request/show/220752 12.3 / kernel-source
Comment 24 Swamp Workflow Management 2014-02-04 19:43:53 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)
Comment 25 Swamp Workflow Management 2014-02-04 20:14:52 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)
Comment 26 Swamp Workflow Management 2014-02-05 01:29:53 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 27 Swamp Workflow Management 2014-02-05 01:53:48 UTC 
SUSE-SU-2014:0189-1: An update that solves 17 vulnerabilities and has 104 fixes is now available.

Category: security (moderate)
Bug References: 708296,733022,769035,769644,770541,787843,789359,793727,798050,805114,805740,806988,807434,810323,813245,818064,818545,819979,820102,820338,820434,821619,821980,823618,825006,825696,825896,826602,826756,826978,827527,827767,828236,831103,833097,834473,834708,834808,835074,835186,836718,837206,837739,838623,839407,839973,840116,840226,841445,841654,842239,843185,843419,843429,843445,843642,843645,843654,845352,845378,845621,845729,846036,846298,846654,846984,846989,847261,847660,847842,848055,848317,848321,848335,848336,848544,848652,848864,849021,849029,849034,849256,849362,849364,849404,849675,849809,849855,849950,850072,850103,850324,850493,850640,851066,851101,851290,851314,851603,851879,852153,852373,852558,852559,852624,852652,852761,853050,853051,853052,853053,853428,853465,854516,854546,854634,854722,856307,856481,858534,858831
CVE References: CVE-2013-2146,CVE-2013-2930,CVE-2013-4345,CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6383,CVE-2013-6463,CVE-2013-7027
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.15.1, kernel-ec2-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-ppc64-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1, xen-4.2.3_08-0.7.22
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.40, gfs2-2-0.16.46, ocfs2-1.6-0.20.40
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1, xen-4.2.3_08-0.7.22
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-ppc64-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1
Comment 28 Swamp Workflow Management 2014-02-05 02:26:31 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 29 Swamp Workflow Management 2014-02-05 03:29:01 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 30 Swamp Workflow Management 2014-02-05 04:32:08 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 31 Swamp Workflow Management 2014-02-05 05:36:34 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 32 Swamp Workflow Management 2014-02-06 18:20:00 UTC 
openSUSE-SU-2014:0204-1: An update that solves 16 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 804950,805226,808358,811746,825006,831836,838024,840226,840656,844513,848079,848255,849021,849023,849029,849034,849362,852373,852558,852559,853050,853051,853052,853053,854173,854634,854722,860993
CVE References: CVE-2013-0343,CVE-2013-1792,CVE-2013-4348,CVE-2013-4511,CVE-2013-4513,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6431,CVE-2013-7027,CVE-2014-0038
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.28.2, kernel-source-3.7.10-1.28.1, kernel-syms-3.7.10-1.28.1
Comment 33 Swamp Workflow Management 2014-02-06 18:27:21 UTC 
openSUSE-SU-2014:0205-1: An update that solves 8 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 733022,773058,838024,844513,845621,846529,848042,849021,850072,852652,852656,852931,853050,853051,853052,853053,854175,854722,856294,859804,860993
CVE References: CVE-2013-4511,CVE-2013-4563,CVE-2013-4587,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6432,CVE-2014-0038
Sources used:
openSUSE 13.1 (src):    kernel-docs-3.11.10-7.3, kernel-source-3.11.10-7.1, kernel-syms-3.11.10-7.1
Comment 34 Swamp Workflow Management 2014-02-18 12:24:06 UTC 
openSUSE-SU-2014:0247-1: An update that solves 11 vulnerabilities and has 62 fixes is now available.

Category: security (moderate)
Bug References: 610783,708296,769644,787843,789359,798050,798466,806988,807434,810323,813245,818545,819979,820102,820338,821980,823618,825696,825896,826602,826756,827767,828236,831168,834473,834708,834808,835074,835186,836718,837739,838623,839407,840226,841445,842239,843419,843429,843445,843642,843645,845621,845729,846036,846984,847261,848321,848336,848544,848652,849021,849029,849034,849404,849675,849809,849848,849950,850640,851066,851314,852373,852558,852559,852624,853050,853051,853052,854546,854634,854722,855037,858831
CVE References: CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6368,CVE-2013-6378,CVE-2013-6380,CVE-2013-7027
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.101-79.2, kernel-source-3.0.101-79.1, kernel-syms-3.0.101-79.1, preload-1.2-6.57.2
Comment 35 Swamp Workflow Management 2014-02-24 08:59:03 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-SERVER 11-SP1-LTSS (s390x)
Comment 36 Swamp Workflow Management 2014-02-24 09:58:59 UTC 
Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-SERVER 11-SP1-LTSS (x86_64)
Comment 37 Swamp Workflow Management 2014-02-24 14:33:11 UTC 
SUSE-SU-2014:0287-1: An update that solves 84 vulnerabilities and has 41 fixes is now available.

Category: security (moderate)
Bug References: 714906,715250,735347,744955,745640,748896,752544,754898,760596,761774,762099,762366,763463,763654,767610,767612,768668,769644,769896,770695,771706,771992,772849,773320,773383,773577,773640,773831,774523,775182,776024,776144,776885,777473,780004,780008,780572,782178,785016,786013,787573,787576,789648,789831,795354,797175,798050,800280,801178,802642,803320,804154,804653,805226,805227,805945,806138,806976,806977,806980,807320,808358,808827,809889,809891,809892,809893,809894,809898,809899,809900,809901,809902,809903,810045,810473,811354,812364,813276,813735,814363,814716,815352,815745,816668,817377,818337,818371,820338,822575,822579,823260,823267,823618,824159,824295,825227,826707,827416,827749,827750,828012,828119,833820,835094,835481,835839,840226,840858,845028,847652,847672,848321,849021,851095,851103,852558,852559,853050,853051,853052,856917,858869,858870,858872
CVE References: CVE-2011-1083,CVE-2011-3593,CVE-2012-1601,CVE-2012-2137,CVE-2012-2372,CVE-2012-2745,CVE-2012-3375,CVE-2012-3412,CVE-2012-3430,CVE-2012-3511,CVE-2012-4444,CVE-2012-4530,CVE-2012-4565,CVE-2012-6537,CVE-2012-6538,CVE-2012-6539,CVE-2012-6540,CVE-2012-6541,CVE-2012-6542,CVE-2012-6544,CVE-2012-6545,CVE-2012-6546,CVE-2012-6547,CVE-2012-6548,CVE-2012-6549,CVE-2013-0160,CVE-2013-0216,CVE-2013-0231,CVE-2013-0268,CVE-2013-0310,CVE-2013-0343,CVE-2013-0349,CVE-2013-0871,CVE-2013-0914,CVE-2013-1767,CVE-2013-1773,CVE-2013-1774,CVE-2013-1792,CVE-2013-1796,CVE-2013-1797,CVE-2013-1798,CVE-2013-1827,CVE-2013-1928,CVE-2013-1943,CVE-2013-2015,CVE-2013-2141,CVE-2013-2147,CVE-2013-2164,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2634,CVE-2013-2851,CVE-2013-2852,CVE-2013-2888,CVE-2013-2889,CVE-2013-2892,CVE-2013-2893,CVE-2013-2897,CVE-2013-2929,CVE-2013-3222,CVE-2013-3223,CVE-2013-3224,CVE-2013-3225,CVE-2013-3228,CVE-2013-3229,CVE-2013-3231,CVE-2013-3232,CVE-2013-3234,CVE-2013-3235,CVE-2013-4345,CVE-2013-4470,CVE-2013-4483,CVE-2013-4511,CVE-2013-4587,CVE-2013-4588,CVE-2013-4591,CVE-2013-6367,CVE-2013-6368,CVE-2013-6378,CVE-2013-6383,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    btrfs-0-0.3.151, ext4dev-0-7.9.118, hyper-v-0-0.18.37, kernel-default-2.6.32.59-0.9.1, kernel-ec2-2.6.32.59-0.9.1, kernel-pae-2.6.32.59-0.9.1, kernel-source-2.6.32.59-0.9.1, kernel-syms-2.6.32.59-0.9.1, kernel-trace-2.6.32.59-0.9.1, kernel-xen-2.6.32.59-0.9.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.9.1, kernel-pae-2.6.32.59-0.9.1, kernel-xen-2.6.32.59-0.9.1
Comment 38 Swamp Workflow Management 2014-02-24 14:45:20 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 39 Swamp Workflow Management 2014-02-24 15:15:38 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 40 Swamp Workflow Management 2014-02-24 16:17:19 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 41 Swamp Workflow Management 2014-03-04 14:41:00 UTC 
The SWAMPID for this issue is 56531.
This issue was rated as important.
Please submit fixed packages until 2014-03-11.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 42 Swamp Workflow Management 2014-03-07 12:05:08 UTC 
Update released for: kernel-debug, kernel-debug-base, kernel-debug-debuginfo, kernel-debug-debugsource, kernel-debug-devel, kernel-debug-devel-debuginfo, kernel-debug-extra, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-docs, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra
Products:
SLE-SERVER 11-SP1-TERADATA (x86_64)
Comment 43 Swamp Workflow Management 2014-04-16 19:49:47 UTC 
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)
Comment 44 Swamp Workflow Management 2014-04-17 00:14:28 UTC 
SUSE-SU-2014:0537-1: An update that solves 7 vulnerabilities and has 50 fixes is now available.

Category: security (important)
Bug References: 599263,769035,769644,793727,798050,805114,805740,820434,823618,827670,833968,844513,845378,845621,846654,846790,846984,847672,848055,849364,849855,851603,852153,852488,852967,853052,853162,853166,853455,854025,854445,854516,855825,855885,856848,857358,857643,857919,858534,858604,858831,859225,859342,861093,862796,862957,863178,863526,864025,864058,864833,864880,865342,865783,866253,866428,870801
CVE References: CVE-2013-4470,CVE-2013-6368,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2014-0069
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.55, drbd-kmp-8.4.4-0.22.21, iscsitarget-1.4.20-0.38.40, kernel-rt-3.0.101.rt130-0.14.1, kernel-rt_trace-3.0.101.rt130-0.14.1, kernel-source-rt-3.0.101.rt130-0.14.1, kernel-syms-rt-3.0.101.rt130-0.14.1, lttng-modules-2.1.1-0.11.36, ocfs2-1.6-0.20.55, ofed-1.5.4.1-0.13.46
Comment 45 Victor Pereira 2015-07-22 07:22:55 UTC 
fixed and released
Comment 46 Swamp Workflow Management 2017-02-09 20:22:17 UTC 
SUSE-SU-2017:0437-1: An update that solves 20 vulnerabilities and has 79 fixes is now available.

Category: security (important)
Bug References: 1003813,1005877,1007615,1008557,1008645,1008831,1008833,1008893,1009875,1010150,1010175,1010201,1010467,1010501,1010507,1010711,1010713,1010716,1011685,1011820,1012183,1012411,1012422,1012832,1012851,1012852,1012917,1013018,1013038,1013042,1013070,1013531,1013542,1014410,1014454,1014746,1015561,1015752,1015760,1015796,1015803,1015817,1015828,1015844,1015848,1015878,1015932,1016320,1016505,1016520,1016668,1016688,1016824,1016831,1017686,1017710,1019079,1019148,1019165,1019348,1019783,1020214,1021258,748806,786036,790588,795297,800999,821612,824171,851603,853052,871728,901809,909350,909491,913387,914939,919382,924708,925065,953233,961589,962846,969340,973691,987333,987576,989152,989680,989896,990245,992991,993739,993832,996541,996557,997401,999101
CVE References: CVE-2004-0230,CVE-2012-6704,CVE-2013-6368,CVE-2015-1350,CVE-2015-8962,CVE-2015-8964,CVE-2016-10088,CVE-2016-5696,CVE-2016-7910,CVE-2016-7911,CVE-2016-7916,CVE-2016-8399,CVE-2016-8632,CVE-2016-8633,CVE-2016-8646,CVE-2016-9555,CVE-2016-9685,CVE-2016-9756,CVE-2016-9793,CVE-2017-5551
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-94.2
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-94.1, kernel-default-3.0.101-94.1, kernel-ec2-3.0.101-94.1, kernel-pae-3.0.101-94.1, kernel-ppc64-3.0.101-94.1, kernel-source-3.0.101-94.1, kernel-syms-3.0.101-94.1, kernel-trace-3.0.101-94.1, kernel-xen-3.0.101-94.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-94.1, kernel-pae-3.0.101-94.1, kernel-ppc64-3.0.101-94.1, kernel-trace-3.0.101-94.1, kernel-xen-3.0.101-94.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-94.1, kernel-default-3.0.101-94.1, kernel-ec2-3.0.101-94.1, kernel-pae-3.0.101-94.1, kernel-ppc64-3.0.101-94.1, kernel-trace-3.0.101-94.1, kernel-xen-3.0.101-94.1
Comment 47 Swamp Workflow Management 2017-04-25 19:25:59 UTC 
SUSE-SU-2017:1102-1: An update that solves 27 vulnerabilities and has 114 fixes is now available.

Category: security (important)
Bug References: 1003077,1003344,1003568,1003677,1003813,1003866,1003925,1004517,1004520,1005857,1005877,1005896,1005903,1006917,1006919,1007615,1007944,1008557,1008645,1008831,1008833,1008893,1009875,1010150,1010175,1010201,1010467,1010501,1010507,1010711,1010716,1011685,1011820,1012411,1012422,1012832,1012851,1012917,1013018,1013038,1013042,1013070,1013531,1013533,1013542,1013604,1014410,1014454,1014746,1015561,1015752,1015760,1015796,1015803,1015817,1015828,1015844,1015848,1015878,1015932,1016320,1016505,1016520,1016668,1016688,1016824,1016831,1017686,1017710,1019148,1019165,1019348,1019783,1020214,1021258,748806,763198,771065,786036,790588,795297,799133,800999,803320,821612,824171,851603,853052,860441,863873,865783,871728,901809,907611,908458,908684,909077,909350,909484,909491,909618,913387,914939,919382,922634,924708,925065,928138,929141,953233,956514,960689,961589,962846,963655,967716,968010,969340,973203,973691,979681,984194,986337,987333,987576,989152,989680,989764,989896,990245,992566,992991,993739,993832,995968,996541,996557,997401,998689,999101,999907
CVE References: CVE-2004-0230,CVE-2012-6704,CVE-2013-6368,CVE-2015-1350,CVE-2015-8956,CVE-2015-8962,CVE-2015-8964,CVE-2016-10088,CVE-2016-3841,CVE-2016-5696,CVE-2016-7042,CVE-2016-7097,CVE-2016-7117,CVE-2016-7910,CVE-2016-7911,CVE-2016-7916,CVE-2016-8399,CVE-2016-8632,CVE-2016-8633,CVE-2016-8646,CVE-2016-9555,CVE-2016-9576,CVE-2016-9685,CVE-2016-9756,CVE-2016-9793,CVE-2016-9794,CVE-2017-5551
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-68.1, kernel-rt_trace-3.0.101.rt130-68.1, kernel-source-rt-3.0.101.rt130-68.1, kernel-syms-rt-3.0.101.rt130-68.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-68.1, kernel-rt_debug-3.0.101.rt130-68.1, kernel-rt_trace-3.0.101.rt130-68.1