Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:3032-2 Final 1 1 2019-03-22T09:42:51Z current 2019-03-22T09:42:51Z 2019-03-22T09:42:51Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive a security fix. The following security bug was fixed: - CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-SAP-12-SP1-2019-526 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20183032-2/ Link for SUSE-SU-2018:3032-2 https://lists.suse.com/pipermail/sle-security-updates/2019-March/005220.html E-Mail link for SUSE-SU-2018:3032-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1108399 SUSE Bug 1108399 https://www.suse.com/security/cve/CVE-2018-17182/ SUSE CVE CVE-2018-17182 page SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-default-3.12.74-60.64.107.1 kernel-default-base-3.12.74-60.64.107.1 kernel-default-devel-3.12.74-60.64.107.1 kernel-devel-3.12.74-60.64.107.1 kernel-macros-3.12.74-60.64.107.1 kernel-source-3.12.74-60.64.107.1 kernel-syms-3.12.74-60.64.107.1 kernel-xen-3.12.74-60.64.107.1 kernel-xen-base-3.12.74-60.64.107.1 kernel-xen-devel-3.12.74-60.64.107.1 kgraft-patch-3_12_74-60_64_107-default-1-2.3.1 kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1 kernel-default-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-default-base-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-default-devel-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-devel-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-macros-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-source-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-syms-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-xen-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-xen-base-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kernel-xen-devel-3.12.74-60.64.107.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kgraft-patch-3_12_74-60_64_107-default-1-2.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP1 An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. CVE-2018-17182 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20183032-2/ https://www.suse.com/security/cve/CVE-2018-17182.html CVE-2018-17182 https://bugzilla.suse.com/1108399 SUSE Bug 1108399 https://bugzilla.suse.com/1110233 SUSE Bug 1110233