Bugzilla – Bug 942702
VUL-0: CVE-2015-6526: kernel: perf on ppp64 - unbounded checks in perf_callchain_user_64 denial of service.
Last modified: 2016-09-06 16:19:23 UTC
Via oss-security: http://seclists.org/oss-sec/2015/q3/410 A malicious user could create a special stack layout that fools the perf_callchain_user_64 function (called by perf record) into an infinite loop, tying up that particular CPU and the process can not be killed. A kernel patch was committed upstream capping the maximum user-level stacktrace collected by perf to PERF_MAX_STACK_DEPTH on 64bit powerpc architectures. https://bugzilla.redhat.com/show_bug.cgi?id=1218454 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a5cbce421a283e6aea3c4007f141735bf9da8c3 CVE-2015-6526 was assigned to this issue. This affects ppc64 kernels that support perf. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-6526 http://seclists.org/oss-sec/2015/q3/410 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-6526.html https://bugzilla.redhat.com/show_bug.cgi?id=1218454
bugbot adjusting priority
and opensuse ... ?
Ahh, right. I'll check those
dinar? did you check?
The openSUSE branches are missing 9a5cbce421a2 ("powerpc/perf: Cap 64bit userspace backtraces to PERF_MAX_STACK_DEPTH").
13.1: vulnerable (patch not there) linux-3.11.10 13.2: vulnerable linux-3.16.7 42.1: fixed, linux-4.1.26, fix went into 4.1 mainline at rc1 Michal: it got merged, so you won't see the ID.
SLE12-SP0 is fixed, patch-3.12.42-43. I fixed 13.2 now. Michal, do we need to do anything about Evergreen?
(In reply to Torsten Duwe from comment #10) > SLE12-SP0 is fixed, patch-3.12.42-43. > > I fixed 13.2 now. Michal, do we need to do anything about Evergreen? No, Evergreen 13.1 kernel merges SLE12-SP1 so that it already has the fix. Thank you for asking.
all fixed then
openSUSE-SU-2016:2144-1: An update that solves 53 vulnerabilities and has 28 fixes is now available. Category: security (important) Bug References: 901754,941113,942702,945219,955654,957052,957988,959709,960561,961512,963762,963765,966245,966437,966693,966849,967972,967973,967974,967975,968010,968011,968012,968013,968018,968670,969354,969355,970114,970275,970892,970909,970911,970948,970955,970956,970958,970970,971124,971125,971126,971360,971628,971799,971919,971944,972174,973378,973570,974308,974418,974646,975945,978401,978445,978469,978821,978822,979021,979213,979548,979867,979879,979913,980348,980363,980371,980725,981267,982706,983143,983213,984464,984755,984764,986362,986365,986377,986572,986573,986811 CVE References: CVE-2012-6701,CVE-2013-7446,CVE-2014-9904,CVE-2015-3288,CVE-2015-6526,CVE-2015-7566,CVE-2015-8709,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2015-8830,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2187,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3136,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3672,CVE-2016-3689,CVE-2016-3951,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4581,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-5244,CVE-2016-5829 Sources used: openSUSE 13.2 (src): bbswitch-0.8-3.20.3, cloop-2.639-14.20.3, crash-7.0.8-20.3, hdjmod-1.28-18.21.3, ipset-6.23-20.3, kernel-debug-3.16.7-42.1, kernel-default-3.16.7-42.1, kernel-desktop-3.16.7-42.1, kernel-docs-3.16.7-42.2, kernel-ec2-3.16.7-42.1, kernel-obs-build-3.16.7-42.2, kernel-obs-qa-3.16.7-42.1, kernel-obs-qa-xen-3.16.7-42.1, kernel-pae-3.16.7-42.1, kernel-source-3.16.7-42.1, kernel-syms-3.16.7-42.1, kernel-vanilla-3.16.7-42.1, kernel-xen-3.16.7-42.1, pcfclock-0.44-260.20.2, vhba-kmp-20140629-2.20.2, virtualbox-5.0.20-48.5, xen-4.4.4_02-46.2, xtables-addons-2.6-22.3