SUSE-SU-2019:0298-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0298-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2019:0298-1
Related
Published
2019-02-08T13:45:30Z
Modified
2019-02-08T13:45:30Z
Summary
Security update for the Linux Kernel (Live Patch 0 for SLE 12 SP4)
Details

This update for the Linux Kernel 4.12.14-94_41 fixes one issue.

The following security issue was fixed:

  • CVE-2018-16884: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time could make bcsvcprocess() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out (bsc#1119947).
References

Affected packages

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_8

Package

Name
kgraft-patch-SLE12-SP3_Update_8
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_11-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_11

Package

Name
kgraft-patch-SLE12-SP3_Update_11
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_126-94_22-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_10

Package

Name
kgraft-patch-SLE12-SP3_Update_10
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_120-94_17-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_9

Package

Name
kgraft-patch-SLE12-SP3_Update_9
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_14-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_12

Package

Name
kgraft-patch-SLE12-SP3_Update_12
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_131-94_29-default": "8-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_8

Package

Name
kgraft-patch-SLE12-SP3_Update_8
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_11-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_11

Package

Name
kgraft-patch-SLE12-SP3_Update_11
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_126-94_22-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_10

Package

Name
kgraft-patch-SLE12-SP3_Update_10
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_120-94_17-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_9

Package

Name
kgraft-patch-SLE12-SP3_Update_9
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_14-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_12

Package

Name
kgraft-patch-SLE12-SP3_Update_12
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_131-94_29-default": "8-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_8

Package

Name
kgraft-patch-SLE12-SP3_Update_8
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_11-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_11

Package

Name
kgraft-patch-SLE12-SP3_Update_11
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_126-94_22-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_10

Package

Name
kgraft-patch-SLE12-SP3_Update_10
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_120-94_17-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_9

Package

Name
kgraft-patch-SLE12-SP3_Update_9
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_14-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_12

Package

Name
kgraft-patch-SLE12-SP3_Update_12
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_131-94_29-default": "8-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_8

Package

Name
kgraft-patch-SLE12-SP3_Update_8
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_11-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_11

Package

Name
kgraft-patch-SLE12-SP3_Update_11
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_126-94_22-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_10

Package

Name
kgraft-patch-SLE12-SP3_Update_10
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_120-94_17-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_9

Package

Name
kgraft-patch-SLE12-SP3_Update_9
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_14-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_12

Package

Name
kgraft-patch-SLE12-SP3_Update_12
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_131-94_29-default": "8-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_8

Package

Name
kgraft-patch-SLE12-SP3_Update_8
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_11-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_11

Package

Name
kgraft-patch-SLE12-SP3_Update_11
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_126-94_22-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_10

Package

Name
kgraft-patch-SLE12-SP3_Update_10
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_10&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_120-94_17-default": "10-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_9

Package

Name
kgraft-patch-SLE12-SP3_Update_9
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_9&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_114-94_14-default": "11-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_12

Package

Name
kgraft-patch-SLE12-SP3_Update_12
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP3_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
8-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_4_131-94_29-default": "8-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kgraft-patch-SLE12-SP4_Update_1

Package

Name
kgraft-patch-SLE12-SP4_Update_1
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_3-default": "2-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kgraft-patch-SLE12-SP4_Update_0

Package

Name
kgraft-patch-SLE12-SP4_Update_0
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP4_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3-2.7.2

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-94_41-default": "3-2.7.2"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kgraft-patch-SLE12-SP4_Update_1

Package

Name
kgraft-patch-SLE12-SP4_Update_1
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP4_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2-2.1

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-95_3-default": "2-2.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP4 / kgraft-patch-SLE12-SP4_Update_0

Package

Name
kgraft-patch-SLE12-SP4_Update_0
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP4_Update_0&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3-2.7.2

Ecosystem specific 

{
    "binaries": [
        {
            "kgraft-patch-4_12_14-94_41-default": "3-2.7.2"
        }
    ]
}