875690 – (CVE-2014-0196) VUL-0: CVE-2014-0196: kernel: memory corruption via a race in pty write handling

Bug 875690 (CVE-2014-0196) - VUL-0: CVE-2014-0196: kernel: memory corruption via a race in pty write handling

Summary: VUL-0: CVE-2014-0196: kernel: memory corruption via a race in pty write handling

Status:	RESOLVED FIXED

Alias:	CVE-2014-0196

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P2 - High Severity: Major
Target Milestone:	---
Deadline:	2014-05-22
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	maint:running:57248:important maint:r...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-04-29 15:38 UTC by Marcus Meissner
Modified:	2019-08-16 16:46 UTC (History)
CC List:	16 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
tty-pty-disallow-concurrent-writers.patch (2.32 KB, patch) 2014-04-30 10:02 UTC, Marcus Meissner	Details \| Diff
better fix (3.30 KB, patch) 2014-04-30 14:46 UTC, Jiri Slaby	Details \| Diff
cve-2014-0196_local_dos.c (3.56 KB, text/plain) 2014-05-06 06:24 UTC, Marcus Meissner	Details
cve-2014-0196-md.c (5.18 KB, text/plain) 2014-05-12 09:36 UTC, Marcus Meissner	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2014-04-29 15:38:03 UTC

Found by a SUSE customer / Jiri Slaby.

no CVE yet

A race condition in pty (pseudo terminal) write buffer handling could be used by local attackers to corrupt kernel memory and so cause a system crash or potentially code execution.

Comment 2 Marcus Meissner 2014-04-29 17:03:10 UTC

Jiri thinks:

Introduced by d945cb9cce20ac7143c2de8d88b187f62db99bdc (pty: Rework the pty
layer to use the normal buffering logic) in 2.6.31-rc3. Until then, pty
was writing directly to a line discipline without using buffers.

So 2.6.31 - 3.15rcX

Comment 5 Marcus Meissner 2014-04-30 14:45:40 UTC

Just informed linux-distros.

Jiri has emailed security@kernel.org.

Comment 6 Jiri Slaby 2014-04-30 14:46:52 UTC

Created attachment 588355 [details]
better fix

Comment 7 Marcus Meissner 2014-05-01 07:47:34 UTC

CVE-2014-0196

Comment 8 Jiri Slaby 2014-05-05 08:43:15 UTC

As this is going to be published today, I pushed that:
   6e6682643904..76899163c690  SLE12 -> SLE12
   62b55933bcc6..f6299c2be7ba  master -> master
   fb1602b10fab..e8d51883a85e  openSUSE-12.3 -> openSUSE-12.3
   b50ea73f34f8..7564cee0c62d  openSUSE-13.1 -> openSUSE-13.1
   1474ea5f7f87..e72b790f9200  stable -> stable

Comment 9 Jiri Slaby 2014-05-05 08:46:06 UTC

And:
   e6234d719b63..dd7e5a3ee148  SLE11-SP3 -> SLE11-SP3

Comment 11 Marcus Meissner 2014-05-05 10:03:45 UTC

unembargoe.

Comment 14 Marcus Meissner 2014-05-06 06:24:52 UTC

Created attachment 588769 [details]
cve-2014-0196_local_dos.c

From http://pastebin.com/yTSFUBgZ

gcc -O2 -o cve-2014-0196_local_dos cve-2014-0196_local_dos.c -lutil
./cve-2014-0196_local_dos

Comment 17 Swamp Workflow Management 2014-05-07 09:23:16 UTC

The SWAMPID for this issue is 57234.
This issue was rated as important.
Please submit fixed packages until 2014-05-14.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 18 Swamp Workflow Management 2014-05-08 07:33:52 UTC

The SWAMPID for this issue is 57248.
This issue was rated as important.
Please submit fixed packages until 2014-05-15.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 20 Marcus Meissner 2014-05-12 09:36:44 UTC

Created attachment 589445 [details]
cve-2014-0196-md.c

gcc -pthread -o cve-2014-0196-md cve-2014-0196-md.c -lutil
./cve-2014-0196-md

Comment 23 Swamp Workflow Management 2014-05-14 10:06:52 UTC

The SWAMPID for this issue is 57397.
This issue was rated as important.
Please submit fixed packages until 2014-05-21.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 24 Swamp Workflow Management 2014-05-14 16:01:46 UTC

The SWAMPID for this issue is 57422.
This issue was rated as important.
Please submit fixed packages until 2014-05-21.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 25 Swamp Workflow Management 2014-05-15 12:48:37 UTC

The SWAMPID for this issue is 57447.
This issue was rated as important.
Please submit fixed packages until 2014-05-22.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.

Comment 26 Swamp Workflow Management 2014-05-15 18:51:48 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)

Comment 27 Swamp Workflow Management 2014-05-15 18:58:26 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)

Comment 28 Swamp Workflow Management 2014-05-15 19:19:38 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)

Comment 29 Swamp Workflow Management 2014-05-15 19:37:01 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)

Comment 30 Swamp Workflow Management 2014-05-15 21:49:39 UTC

Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)

Comment 31 Swamp Workflow Management 2014-05-16 02:05:23 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 32 Swamp Workflow Management 2014-05-16 02:05:47 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 33 Swamp Workflow Management 2014-05-16 02:06:29 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 34 Swamp Workflow Management 2014-05-16 02:07:10 UTC

Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)

Comment 35 Swamp Workflow Management 2014-05-16 02:07:32 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)

Comment 37 kolA flash 2014-05-16 11:16:06 UTC

What about an update for openSUSE?

Comment 39 Johannes Segitz 2014-05-16 11:47:12 UTC

(In reply to comment #37)
we're working on it and will release it soon, but I can't give you an exact time frame

Comment 41 Swamp Workflow Management 2014-05-19 12:10:14 UTC

openSUSE-SU-2014:0677-1: An update that solves 16 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 733022,811746,833968,837111,851426,852652,852967,858233,858638,858869,858870,858872,860835,862145,863335,864025,866102,868653,869414,869898,871148,871252,871325,873717,875690,875798
CVE References: CVE-2013-4254,CVE-2013-4579,CVE-2013-6885,CVE-2014-0101,CVE-2014-0196,CVE-2014-0691,CVE-2014-1438,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.32.2, kernel-source-3.7.10-1.32.1, kernel-syms-3.7.10-1.32.1

Comment 42 Swamp Workflow Management 2014-05-19 12:20:15 UTC

openSUSE-SU-2014:0678-1: An update that solves 17 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 639379,812592,81660,821619,833968,842553,849334,851244,851426,852656,852967,853350,856760,857643,858638,858872,859342,860502,860835,861750,862746,863235,863335,864025,864867,865075,866075,866102,867718,868653,869414,871148,871160,871252,871325,875440,875690,875798,876531,876699
CVE References: CVE-2013-4579,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7281,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1438,CVE-2014-1446,CVE-2014-1690,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2672
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.7.1, crash-7.0.2-2.7.1, hdjmod-1.28-16.7.1, ipset-6.19-2.7.1, iscsitarget-1.4.20.3-13.7.1, kernel-docs-3.11.10-11.3, kernel-source-3.11.10-11.1, kernel-syms-3.11.10-11.1, ndiswrapper-1.58-7.1, openvswitch-1.11.0-0.25.1, pcfclock-0.44-258.7.1, virtualbox-4.2.18-2.12.1, xen-4.3.2_01-15.1, xtables-addons-2.3-2.7.1

Comment 44 Marcus Meissner 2014-05-19 12:29:35 UTC

patches are all applied to GIT, so reassign back to us for tracking.

Comment 45 Swamp Workflow Management 2014-05-20 13:51:55 UTC

Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)

Comment 46 Swamp Workflow Management 2014-05-20 17:04:47 UTC

SUSE-SU-2014:0683-1: An update that fixes three vulnerabilities is now available.

Category: security (important)
Bug References: 875690,875798
CVE References: CVE-2014-0196,CVE-2014-1737,CVE-2014-1738
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.65, drbd-kmp-8.4.4-0.22.31, iscsitarget-1.4.20-0.38.50, kernel-rt-3.0.101.rt130-0.16.1, kernel-rt_trace-3.0.101.rt130-0.16.1, kernel-source-rt-3.0.101.rt130-0.16.1, kernel-syms-rt-3.0.101.rt130-0.16.1, lttng-modules-2.1.1-0.11.45, ocfs2-1.6-0.20.65, ofed-1.5.4.1-0.13.56

Comment 47 Swamp Workflow Management 2014-05-21 18:52:06 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-SERVER 11-SP2-LTSS (i386)

Comment 48 Swamp Workflow Management 2014-05-21 19:01:42 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-SERVER 11-SP2-LTSS (s390x)

Comment 49 Swamp Workflow Management 2014-05-21 19:52:57 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-SERVER 11-SP2-LTSS (x86_64)

Comment 50 Swamp Workflow Management 2014-05-22 00:17:11 UTC

SUSE-SU-2014:0696-1: An update that solves 21 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 708296,736697,746500,814788,819351,831029,836347,843185,844513,847672,849364,851426,852488,852553,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867953,868528,868653,869033,869563,870801,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2013-4470,CVE-2013-4579,CVE-2013-6382,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.19.1, kernel-ec2-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-source-3.0.101-0.7.19.1, kernel-syms-3.0.101-0.7.19.1, kernel-trace-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1

Comment 51 Swamp Workflow Management 2014-05-22 00:22:39 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 52 Swamp Workflow Management 2014-05-22 01:09:40 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 53 Swamp Workflow Management 2014-05-22 02:09:23 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 54 Swamp Workflow Management 2014-06-06 10:23:11 UTC

openSUSE-SU-2014:0766-1: An update that solves 30 vulnerabilities and has 37 fixes is now available.

Category: security (moderate)
Bug References: 708296,736697,746500,758813,813733,814788,817377,819351,823260,831029,836347,840226,841402,843185,844513,847672,849021,849364,850263,851426,852488,852553,852558,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862023,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867139,867255,867953,868049,868528,868653,869033,869563,870801,871252,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2012-2313,CVE-2013-0343,CVE-2013-1929,CVE-2013-2015,CVE-2013-2147,CVE-2013-4345,CVE-2013-4470,CVE-2013-4511,CVE-2013-4579,CVE-2013-6382,CVE-2013-6383,CVE-2013-6763,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-00691,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.101-83.3, kernel-source-3.0.101-83.1, kernel-syms-3.0.101-83.1, preload-1.2-6.61.1

Comment 55 Swamp Workflow Management 2014-06-17 18:50:02 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (i386)
SLE-SERVER 11-SP1-LTSS (i386)

Comment 56 Swamp Workflow Management 2014-06-17 18:54:34 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP1 (s390x)
SLE-SERVER 11-SP1-LTSS (s390x)

Comment 57 Swamp Workflow Management 2014-06-17 19:52:02 UTC

Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP1 (x86_64)
SLE-SERVER 11-SP1-LTSS (x86_64)

Comment 58 Swamp Workflow Management 2014-06-17 23:10:00 UTC

SUSE-SU-2014:0807-1: An update that solves 17 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 630970,661605,663516,761774,792407,852553,852967,854634,854743,856756,857643,863335,865310,866102,868049,868488,868653,869563,871561,873070,874108,875690,875798,876102,878289,880892
CVE References: CVE-2012-6647,CVE-2013-6382,CVE-2013-6885,CVE-2013-7027,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0101,CVE-2014-0196,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122,CVE-2014-3153
Sources used:
SUSE Linux Enterprise Server 11 SP1 LTSS (src):    btrfs-0-0.3.163, ext4dev-0-7.9.130, hyper-v-0-0.18.39, kernel-default-2.6.32.59-0.13.1, kernel-ec2-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-source-2.6.32.59-0.13.1, kernel-syms-2.6.32.59-0.13.1, kernel-trace-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-2.6.32.59-0.13.1, kernel-pae-2.6.32.59-0.13.1, kernel-xen-2.6.32.59-0.13.1

Comment 59 Swamp Workflow Management 2014-06-17 23:12:44 UTC

Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)

Comment 60 Swamp Workflow Management 2014-06-17 23:14:04 UTC

Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)

Comment 61 Swamp Workflow Management 2014-06-17 23:16:30 UTC

Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)

Comment 62 Marcus Meissner 2014-06-23 09:11:41 UTC

all done I think