SUSE-SU-2019:0919-1

Опубликовано: 09 апр. 2019

Источник: suse-cvrf

Описание

Security update for blktrace

This update for blktrace fixes the following issues:

CVE-2018-10689: Prevent buffer overflow in the dev_map_read function because the device and devno arrays were too small (bsc#1091942)

Список пакетов

Image SLES15-SP3-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-BYOS-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-EC2-ECS-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-HPC-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-HPC-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-HPC-BYOS-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-HPC-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-BYOS-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAP-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAPCAL-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAPCAL-EC2-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-SAPCAL-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Azure-Basic

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Azure-Standard

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-EC2-ECS-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-HPC-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Hardened-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Azure-LI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Azure-VLI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAP-Hardened-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAPCAL

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAPCAL-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAPCAL-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP4-SAPCAL-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Azure-Basic

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Azure-Standard

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-EC2-ECS-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-HPC-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure-LI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure-LI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure-VLI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAP-Hardened-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAPCAL-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAPCAL-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP5-SAPCAL-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Azure-Basic

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Azure-Standard

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-EC2-ECS-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-HPC-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Hardened-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure-LI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure-LI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure-VLI-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-BYOS

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAP-Hardened-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAPCAL

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAPCAL-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAPCAL-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP6-SAPCAL-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Azure-Basic

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Azure-Standard

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-EC2-ECS-HVM

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-HPC-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-HPC-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-HPC-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-HPC-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Azure-3P

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Azure-LI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Azure-VLI-BYOS-Production

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Hardened-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Hardened-BYOS-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Hardened-BYOS-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Hardened-BYOS-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAP-Hardened-GCE

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAPCAL-Azure

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAPCAL-EC2

blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP7-SAPCAL-GCE

blktrace-1.1.0+git.20170126-3.3.28

SUSE Linux Enterprise Module for Development Tools 15

blktrace-1.1.0+git.20170126-3.3.28

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20190919-1/
Link for SUSE-SU-2019:0919-1
https://lists.suse.com/pipermail/sle-security-updates/2019-April/005319.html
E-Mail link for SUSE-SU-2019:0919-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1091942
SUSE Bug 1091942
https://www.suse.com/security/cve/CVE-2018-10689/
SUSE CVE CVE-2018-10689 page

Описание

blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file.

Затронутые продукты

Image SLES15-SP3-BYOS-Azure:blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-BYOS-EC2-HVM:blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-BYOS-GCE:blktrace-1.1.0+git.20170126-3.3.28

Image SLES15-SP3-EC2-ECS-HVM:blktrace-1.1.0+git.20170126-3.3.28

Ссылки

https://www.suse.com/security/cve/CVE-2018-10689.html
CVE-2018-10689
https://bugzilla.suse.com/1091942
SUSE Bug 1091942