Wapack Labs is providing this report as a situational awareness for Linux users. The Linux openSUSE Leap 42.3 kernel was updated to 4.4.126 to receive various security and bugfixes. These updates are important for proper security and function.
The following security bugs were fixed:
- CVE-2018-1091: In the “flush_tmregs_to_thread” function in
arch/powerpc/kernel/ptrace.c, a guest kernel crash can be triggered from unprivileged user space during a core dump on a POWER host. This due to a missing processor feature check and an erroneous use of transactional memory TM instructions in the core dump path. This leads to a denial of service (bnc#1087231).[1]
- CVE-2018-8043: The “unimac_mdio_probe” function in
drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource
availability, which allowed local users to cause a denial of service
(NULL pointer dereference) (bnc#1084829).[2]
- CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed local users to cause a denial of service (BUG) via a crafted application that made mmap system calls and has a large pgoff argument to the remap_file_pages system call (bnc#1084353[3]).
Prevention and Mitigation Strategies
It is strongly recommended that openSUSE users ensure that all systems in your environment receive the 4.4.126 update to fix the above outlined bugs and vulnerabilities. All three of the above-mentioned CVE’s (CVE-2018-1091, CVE-2018-8043, CVE-2018-7740) are addressed in this security updated along with numerous other non-security issues. This patch is available here from opensusue.org.
[1] https://bugzilla.suse.com/1087231
Comments