SUSE-SU-2019:2262-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2019/suse-su-20192262-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2262-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2019:2262-1
Related
Published
2019-09-02T07:05:01Z
Modified
2025-05-02T04:08:11.580056Z
Upstream
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2019-1125: Enable Spectre v1 swapgs mitigations (bsc#1139358).
  • CVE-2018-20855: An issue was discovered in createqpcommon in drivers/infiniband/hw/mlx5/qp.c, mlx5ibcreateqpresp was never initialized, resulting in a leak of stack memory to userspace (bsc#1143045).
  • CVE-2019-14284: The drivers/block/floppy.c allowed a denial of service by setupformatparams division-by-zero. Two consecutive ioctls can trigger the bug: the first one should set the drive geometry with .sect and .rate values that make FSECTPER_TRACK be zero. Next, the floppy format operation should be called. It can be triggered by an unprivileged local user even when a floppy disk has not been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143189).
  • CVE-2019-14283: The function set_geometry in drivers/block/floppy.c did not validate the sect and head fields, as demonstrated by an integer overflow and out-of-bounds read. It can be triggered by an unprivileged local user when a floppy disk has been inserted. NOTE: QEMU creates the floppy device by default (bsc#1143191).
  • CVE-2019-11810: A NULL pointer dereference can occur when megasascreateframepool() fails in megasasalloccmds() in drivers/scsi/megaraid/megaraidsas_base.c. This causes a Denial of Service, related to a use-after-free (bsc#1134399).
  • CVE-2019-13648: In the Linux kernel on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal32.c and arch/powerpc/kernel/signal64.c (bnc#1142254).
  • CVE-2019-13631: In parsehidreport_descriptor in drivers/input/tablet/gtco.c, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages (bsc#1142023).

The following non-security bugs were fixed:

  • bcache: Revert 'bcache: fix high CPU occupancy during journal' (bsc#1140652, bsc#1144288).
  • bcache: Revert 'bcache: free heap cacheset->flushbtree in bchjournalfree' (bsc#1140652, bsc#1144288).
  • bcache: add reclaimedjournalbuckets to struct cache_set (bsc#1140652, bsc#1144288).
  • bcache: fix race in btreeflushwrite() (bsc#1140652, bsc#1144288).
  • bcache: fix stack corruption by PRECEDING_KEY() (bsc#1130972, bsc#1144257).
  • bcache: only set BCACHEDEVWB_RUNNING when cached device attached (bsc#1130972, bsc#1144273).
  • bcache: performance improvement for btreeflushwrite() (bsc#1140652, bsc#1144288).
  • bcache: remove retryflushwrite from struct cache_set (bsc#1140652, bsc#1144288).
  • mm: check VMA flags to avoid invalid PROT_NONE NUMA balancing (bsc#1142098).
  • powerpc/watchpoint: Restore NV GPRs while returning from exception (bsc#1140945, bsc#1141401, bsc#1141402, bsc#1141452, bsc#1141453, bsc#1141454).
  • xen-netfront: use napi_complete() correctly to prevent Rx stalling (bsc#1138744).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 12 / kernel-ec2

Package

Name
kernel-ec2
Purl
pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-ec2-extra": "3.12.74-60.64.121.1",
            "kernel-ec2": "3.12.74-60.64.121.1",
            "kernel-ec2-devel": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-xen

Package

Name
kernel-xen
Purl
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kgraft-patch-SLE12-SP1_Update_36

Package

Name
kgraft-patch-SLE12-SP1_Update_36
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_36&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-default-man": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-default-man": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-default-man": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-xen

Package

Name
kernel-xen
Purl
pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.121.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-default-man": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kgraft-patch-SLE12-SP1_Update_36

Package

Name
kgraft-patch-SLE12-SP1_Update_36
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_36&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.3.1

Ecosystem specific 

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.121.1",
            "kernel-devel": "3.12.74-60.64.121.1",
            "kernel-default-base": "3.12.74-60.64.121.1",
            "kernel-default-man": "3.12.74-60.64.121.1",
            "kernel-xen-devel": "3.12.74-60.64.121.1",
            "kernel-default": "3.12.74-60.64.121.1",
            "kernel-source": "3.12.74-60.64.121.1",
            "kernel-xen-base": "3.12.74-60.64.121.1",
            "kernel-syms": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-default": "1-2.3.1",
            "kernel-default-devel": "3.12.74-60.64.121.1",
            "kgraft-patch-3_12_74-60_64_121-xen": "1-2.3.1",
            "kernel-xen": "3.12.74-60.64.121.1"
        }
    ]
}