copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.0967 - [SUSE] kernel: Root compromise - Existing account

Date: 12 June 2014
References: ESB-2014.0893  ESB-2014.0894.2  ESB-2014.1028  ESB-2014.1044  ESB-2014.1062  ESB-2014.1183  ESB-2014.1208  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.0967
          SUSE Security Update: Security update for Linux Kernel
                               12 June 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:          kernel
Publisher:        SUSE
Operating System: SUSE
Impact/Access:    Root Compromise -- Existing Account
Resolution:       Patch/Upgrade
CVE Names:        CVE-2014-3153  

Reference:        ESB-2014.0894
                  ESB-2014.0893

- --------------------------BEGIN INCLUDED TEXT--------------------

   SUSE Security Update: Security update for Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2014:0775-1
Rating:             critical
References:         #880892 
Cross-References:   CVE-2014-3153
Affected Products:
                    SUSE Linux Enterprise Server 11 SP3 for VMware
                    SUSE Linux Enterprise Server 11 SP3
                    SUSE Linux Enterprise High Availability Extension 11 SP3
                    SUSE Linux Enterprise Desktop 11 SP3
                    SLE 11 SERVER Unsupported Extras
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:


   The SUSE Linux Enterprise 11 Service Pack 3 kernel was updated to fix a
   critical privilege escalation security issue:

       * CVE-2014-3153: The futex acquisition code in kernel/futex.c can be
         used to gain ring0 access via the futex syscall. This could be used
         for privilege escalation by non-root users. (bnc#880892)

   Security Issue reference:

       * CVE-2014-3153
         <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3153>

Indications:

   Everyone using the Linux Kernel on x86_64 architecture should update.

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11 SP3 for VMware:

      zypper in -t patch slessp3-kernel-9328 slessp3-kernel-9329

   - SUSE Linux Enterprise Server 11 SP3:

      zypper in -t patch slessp3-kernel-9328 slessp3-kernel-9329 slessp3-kernel-9330 slessp3-kernel-9331 slessp3-kernel-9346

   - SUSE Linux Enterprise High Availability Extension 11 SP3:

      zypper in -t patch slehasp3-kernel-9328 slehasp3-kernel-9329 slehasp3-kernel-9330 slehasp3-kernel-9331 slehasp3-kernel-9346

   - SUSE Linux Enterprise Desktop 11 SP3:

      zypper in -t patch sledsp3-kernel-9328 sledsp3-kernel-9329

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-3.0.101-0.31.1
      kernel-trace-base-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 for VMware (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-3.0.101-0.31.1
      kernel-trace-base-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586 x86_64) [New Version: 3.0.101]:

      kernel-ec2-3.0.101-0.31.1
      kernel-ec2-base-3.0.101-0.31.1
      kernel-ec2-devel-3.0.101-0.31.1
      kernel-xen-3.0.101-0.31.1
      kernel-xen-base-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1
      xen-kmp-default-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise Server 11 SP3 (s390x) [New Version: 3.0.101]:

      kernel-default-man-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (ppc64) [New Version: 3.0.101]:

      kernel-ppc64-3.0.101-0.31.1
      kernel-ppc64-base-3.0.101-0.31.1
      kernel-ppc64-devel-3.0.101-0.31.1

   - SUSE Linux Enterprise Server 11 SP3 (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1
      xen-kmp-pae-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 ia64 ppc64 s390x x86_64):

      cluster-network-kmp-default-1.4_3.0.101_0.31-2.27.69
      cluster-network-kmp-trace-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-default-2_3.0.101_0.31-0.16.75
      gfs2-kmp-trace-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-default-1.6_3.0.101_0.31-0.20.69
      ocfs2-kmp-trace-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586 x86_64):

      cluster-network-kmp-xen-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-xen-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-xen-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (ppc64):

      cluster-network-kmp-ppc64-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-ppc64-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-ppc64-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise High Availability Extension 11 SP3 (i586):

      cluster-network-kmp-pae-1.4_3.0.101_0.31-2.27.69
      gfs2-kmp-pae-2_3.0.101_0.31-0.16.75
      ocfs2-kmp-pae-1.6_3.0.101_0.31-0.20.69

   - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64) [New Version: 3.0.101]:

      kernel-default-3.0.101-0.31.1
      kernel-default-base-3.0.101-0.31.1
      kernel-default-devel-3.0.101-0.31.1
      kernel-default-extra-3.0.101-0.31.1
      kernel-source-3.0.101-0.31.1
      kernel-syms-3.0.101-0.31.1
      kernel-trace-devel-3.0.101-0.31.1
      kernel-xen-3.0.101-0.31.1
      kernel-xen-base-3.0.101-0.31.1
      kernel-xen-devel-3.0.101-0.31.1
      kernel-xen-extra-3.0.101-0.31.1
      xen-kmp-default-4.2.4_02_3.0.101_0.31-0.7.33

   - SUSE Linux Enterprise Desktop 11 SP3 (i586) [New Version: 3.0.101]:

      kernel-pae-3.0.101-0.31.1
      kernel-pae-base-3.0.101-0.31.1
      kernel-pae-devel-3.0.101-0.31.1
      kernel-pae-extra-3.0.101-0.31.1
      xen-kmp-pae-4.2.4_02_3.0.101_0.31-0.7.33

   - SLE 11 SERVER Unsupported Extras (i586 ia64 ppc64 s390x x86_64):

      kernel-default-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (i586 x86_64):

      kernel-xen-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (ppc64):

      kernel-ppc64-extra-3.0.101-0.31.1

   - SLE 11 SERVER Unsupported Extras (i586):

      kernel-pae-extra-3.0.101-0.31.1


References:

   http://support.novell.com/security/cve/CVE-2014-3153.html
   https://bugzilla.novell.com/880892
   http://download.suse.com/patch/finder/?keywords=0cdcfea3b263f03fc7b11c9e27c68106
   http://download.suse.com/patch/finder/?keywords=2394b6ce8b434732566fe3cbf2a956f7
   http://download.suse.com/patch/finder/?keywords=5d5df6a9a600dbe5fe09c19d8dc24b0e
   http://download.suse.com/patch/finder/?keywords=8a869bd2122273831bd282fab2377076
   http://download.suse.com/patch/finder/?keywords=a8f8feb5552e1da3b52f48f677f467cf
   http://download.suse.com/patch/finder/?keywords=a9d9490d68822582cd43af9c0c2aa6d7
   http://download.suse.com/patch/finder/?keywords=c905f5237a7e0ae4f9fdf0c325c0dbb2
   http://download.suse.com/patch/finder/?keywords=f6e7ea94e8ad3ddbdf3d897e2a3ff6b8
   http://download.suse.com/patch/finder/?keywords=fab06fd0fffc9ae59673101aeace943a
   http://download.suse.com/patch/finder/?keywords=fd1bf222c9f9ff4cc32dae8bac451528

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBU5lFYBLndAQH1ShLAQJ1Eg//bhIPU57Z5zD7V6wiO8qH1RMZI7BpvsQw
7Fluy4YcknzBj4voKu9Ctfjq5EEfgDtCguSWMjkxoAdjvavW4oZrQEZhDNn7PAHP
ywicEFCNq95bknwC/zzb8ZfQO/swp58oinOmiAs5yP3cX1WeCoB6HEsGmlUqxXPT
PS2fsao+O4J+O1xlGGM8y4e3ir+f2BSmALa8/MklSgmWcxvEcm74ghcGfB4jxAe0
Lb+jhQVGKJzGankM3f5zSPbaeAn5bq1mFEyGD7pHnr1wCN+gS06Py+k2mk2YugVG
enlNtKqBpAQBAyJZQsfX3gA7NOmdB6LDEGcendwG5mMsBUFgqgRSCf/fsQKoIoXa
rjjqeLlXDtEy7iZ+3syf2ab4/7wdw2icqq5LOpWXxS47pCOnLHr+nHK+/0e2athv
RD2sxK3RCffix+B1c8cVRm1YLalSV5hTsJKQGx4cpAHqwntsgxk934A6RBDQ3Bh1
ypsBz7kcUo3fmdnHHHeSYPhHqQqy7xyhOGOAPCeXhIez8+4aJI+2KtpBxsDXuA5h
mpowHgV5nGVNCDBVp5x4yzL7IFxQE1QQwTLttVV0LOP8GzvvJWTwVIbLobn8Nrj3
w30XbIlnz0/C0y9GZhMkWSGgZNe/E9Q3Hk/xnVpuyjEuh2Rblw0sUZ5DJg9gygzs
7c83F2T+uTQ=
=FmLe
-----END PGP SIGNATURE-----