SUSE Security Update: Security update for dpdk
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:3179-1
Rating:             moderate
References:         #1134968 #1145713 #1151455 #1156146 #1157179 
                    
Cross-References:   CVE-2019-14818
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15
______________________________________________________________________________

   An update that solves one vulnerability and has four fixes
   is now available.

Description:

   This update of dpdk to version 18.11.3 provides the following fixes:

   dpdk was updated to 18.11.3 (fate#327817, bsc#1145713, jsc#ECO-274,
   fate#325916, fate#325951 fate#326025, fate#326992, bsc#1134968,
   jsc#SLE-4715)

   Security issue fixed:

   - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicius
     container may lead to to denial of service (bsc#1156146).

   Other issues addressed:

   - Fixed a regression by inserting version numbers to the drivers     (bsc#1157179).
   - Changed to multibuild (bsc#1151455).
   - Added support for using externally allocated memory in DPDK.
   - Added check for ensuring allocated memory is addressable by devices.
   - Updated the C11 memory model version of the ring library.
   - Added NXP CAAM JR PMD.
   - Added support for GEN3 devices to Intel QAT driver.
   - Added Distributed Software Eventdev PMD.
   - Updated KNI kernel module, rte_kni library, and KNI sample application.
   - Add a new sample application for vDPA.
   - Updated mlx5 driver.
     * Improved security of PMD to prevent the NIC from getting stuck when
       the application misbehaves.
     * Reworked flow engine to supported e-switch flow rules (transfer
       attribute).
     * Added support for header re-write(L2-L4), VXLAN encap/decap, count,
       match on TCP flags and multiple flow groups with e-switch flow rules.
     * Added support for match on metadata, VXLAN and MPLS encap/decap with
       flow rules.
     * Added support for RTE_ETH_DEV_CLOSE_REMOVE flag to provide better
       support for representors.
     * Added support for meson build.
     * Fixed build issue with PPC.
     * Added support for BlueField VF.
     * Added support for externally allocated static memory for DMA.


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-3179=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le x86_64):

      dpdk-18.11.3-3.16.1
      dpdk-debuginfo-18.11.3-3.16.1
      dpdk-debugsource-18.11.3-3.16.1
      dpdk-devel-18.11.3-3.16.1
      dpdk-devel-debuginfo-18.11.3-3.16.1
      dpdk-kmp-default-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-tools-18.11.3-3.16.1
      dpdk-tools-debuginfo-18.11.3-3.16.1
      libdpdk-18_11-18.11.3-3.16.1
      libdpdk-18_11-debuginfo-18.11.3-3.16.1

   - SUSE Linux Enterprise Module for Server Applications 15 (aarch64):

      dpdk-thunderx-18.11.3-3.16.1
      dpdk-thunderx-debuginfo-18.11.3-3.16.1
      dpdk-thunderx-debugsource-18.11.3-3.16.1
      dpdk-thunderx-devel-18.11.3-3.16.1
      dpdk-thunderx-devel-debuginfo-18.11.3-3.16.1
      dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-thunderx-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1


References:

   https://www.suse.com/security/cve/CVE-2019-14818.html
   https://bugzilla.suse.com/1134968
   https://bugzilla.suse.com/1145713
   https://bugzilla.suse.com/1151455
   https://bugzilla.suse.com/1156146
   https://bugzilla.suse.com/1157179

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2019:3179-1 moderate: dpdk

December 5, 2019
An update that solves one vulnerability and has four fixes is now available

Summary

This update of dpdk to version 18.11.3 provides the following fixes: dpdk was updated to 18.11.3 (fate#327817, bsc#1145713, jsc#ECO-274, fate#325916, fate#325951 fate#326025, fate#326992, bsc#1134968, jsc#SLE-4715) Security issue fixed: - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicius container may lead to to denial of service (bsc#1156146). Other issues addressed: - Fixed a regression by inserting version numbers to the drivers (bsc#1157179). - Changed to multibuild (bsc#1151455). - Added support for using externally allocated memory in DPDK. - Added check for ensuring allocated memory is addressable by devices. - Updated the C11 memory model version of the ring library. - Added NXP CAAM JR PMD. - Added support for GEN3 devices to Intel QAT driver. - Added Distributed Software Eventdev PMD. - Updated KNI kernel module, rte_kni library, and KNI sample application. - Add a new sample application for vDPA. - Updated mlx5 driver. * Improved security of PMD to prevent the NIC from getting stuck when the application misbehaves. * Reworked flow engine to supported e-switch flow rules (transfer attribute). * Added support for header re-write(L2-L4), VXLAN encap/decap, count, match on TCP flags and multiple flow groups with e-switch flow rules. * Added support for match on metadata, VXLAN and MPLS encap/decap with flow rules. * Added support for RTE_ETH_DEV_CLOSE_REMOVE flag to provide better support for representors. * Added support for meson build. * Fixed build issue with PPC. * Added support for BlueField VF. * Added support for externally allocated static memory for DMA. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-3179=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le x86_64): dpdk-18.11.3-3.16.1 dpdk-debuginfo-18.11.3-3.16.1 dpdk-debugsource-18.11.3-3.16.1 dpdk-devel-18.11.3-3.16.1 dpdk-devel-debuginfo-18.11.3-3.16.1 dpdk-kmp-default-18.11.3_k4.12.14_150.41-3.16.1 dpdk-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1 dpdk-tools-18.11.3-3.16.1 dpdk-tools-debuginfo-18.11.3-3.16.1 libdpdk-18_11-18.11.3-3.16.1 libdpdk-18_11-debuginfo-18.11.3-3.16.1 - SUSE Linux Enterprise Module for Server Applications 15 (aarch64): dpdk-thunderx-18.11.3-3.16.1 dpdk-thunderx-debuginfo-18.11.3-3.16.1 dpdk-thunderx-debugsource-18.11.3-3.16.1 dpdk-thunderx-devel-18.11.3-3.16.1 dpdk-thunderx-devel-debuginfo-18.11.3-3.16.1 dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.41-3.16.1 dpdk-thunderx-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1

References

#1134968 #1145713 #1151455 #1156146 #1157179

Cross- CVE-2019-14818

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

https://www.suse.com/security/cve/CVE-2019-14818.html

https://bugzilla.suse.com/1134968

https://bugzilla.suse.com/1145713

https://bugzilla.suse.com/1151455

https://bugzilla.suse.com/1156146

https://bugzilla.suse.com/1157179

Severity
Announcement ID: SUSE-SU-2019:3179-1
Rating: moderate

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved