SUSE Security Update: Security update for dpdk
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:3179-1
Rating:             moderate
References:         #1134968 #1145713 #1151455 #1156146 #1157179 
                    
Cross-References:   CVE-2019-14818
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15
______________________________________________________________________________

   An update that solves one vulnerability and has four fixes
   is now available.

Description:

   This update of dpdk to version 18.11.3 provides the following fixes:

   dpdk was updated to 18.11.3 (fate#327817, bsc#1145713, jsc#ECO-274,
   fate#325916, fate#325951 fate#326025, fate#326992, bsc#1134968,
   jsc#SLE-4715)

   Security issue fixed:

   - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicius
     container may lead to to denial of service (bsc#1156146).

   Other issues addressed:

   - Fixed a regression by inserting version numbers to the drivers     (bsc#1157179).
   - Changed to multibuild (bsc#1151455).
   - Added support for using externally allocated memory in DPDK.
   - Added check for ensuring allocated memory is addressable by devices.
   - Updated the C11 memory model version of the ring library.
   - Added NXP CAAM JR PMD.
   - Added support for GEN3 devices to Intel QAT driver.
   - Added Distributed Software Eventdev PMD.
   - Updated KNI kernel module, rte_kni library, and KNI sample application.
   - Add a new sample application for vDPA.
   - Updated mlx5 driver.
     * Improved security of PMD to prevent the NIC from getting stuck when
       the application misbehaves.
     * Reworked flow engine to supported e-switch flow rules (transfer
       attribute).
     * Added support for header re-write(L2-L4), VXLAN encap/decap, count,
       match on TCP flags and multiple flow groups with e-switch flow rules.
     * Added support for match on metadata, VXLAN and MPLS encap/decap with
       flow rules.
     * Added support for RTE_ETH_DEV_CLOSE_REMOVE flag to provide better
       support for representors.
     * Added support for meson build.
     * Fixed build issue with PPC.
     * Added support for BlueField VF.
     * Added support for externally allocated static memory for DMA.


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-3179=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le x86_64):

      dpdk-18.11.3-3.16.1
      dpdk-debuginfo-18.11.3-3.16.1
      dpdk-debugsource-18.11.3-3.16.1
      dpdk-devel-18.11.3-3.16.1
      dpdk-devel-debuginfo-18.11.3-3.16.1
      dpdk-kmp-default-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-tools-18.11.3-3.16.1
      dpdk-tools-debuginfo-18.11.3-3.16.1
      libdpdk-18_11-18.11.3-3.16.1
      libdpdk-18_11-debuginfo-18.11.3-3.16.1

   - SUSE Linux Enterprise Module for Server Applications 15 (aarch64):

      dpdk-thunderx-18.11.3-3.16.1
      dpdk-thunderx-debuginfo-18.11.3-3.16.1
      dpdk-thunderx-debugsource-18.11.3-3.16.1
      dpdk-thunderx-devel-18.11.3-3.16.1
      dpdk-thunderx-devel-debuginfo-18.11.3-3.16.1
      dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.41-3.16.1
      dpdk-thunderx-kmp-default-debuginfo-18.11.3_k4.12.14_150.41-3.16.1


References:

   https://www.suse.com/security/cve/CVE-2019-14818.html
   https://bugzilla.suse.com/1134968
   https://bugzilla.suse.com/1145713
   https://bugzilla.suse.com/1151455
   https://bugzilla.suse.com/1156146
   https://bugzilla.suse.com/1157179

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2019:3179-1 moderate: dpdk

December 5, 2019
An update that solves one vulnerability and has four fixes is now available

Summary

This update of dpdk to version 18.11.3 provides the following fixes: dpdk was updated to 18.11.3 (fate#327817, bsc#1145713, jsc#ECO-274, fate#325916, fate#325951 fate#326025, fate#326992, bsc#1134968, jsc#SLE-4715) Security issue fixed: - CVE-2019-14818: Fixed a memory leak vulnerability caused by a malicius container may lead to to denial of service (bsc#1156146). Other issues addressed: - Fixed a regression by inserting version numbers to the drivers (bsc#1157179). - Changed to multibuild (bsc#1151455). - Added support for using externally allocated memory in DPDK. - Added check for ensuring allocated memory is addressable by devices. - Updated the C11 memory model version of the ring library. - Added NXP CAAM JR PMD. - Added support for GEN3 devices to Intel QAT driver. - Added Distributed Software Eventdev PMD. - Updated KNI kernel module, rte_kni library, and KNI sample application. - Add a new sample applicatio...

Read the Full Advisory

References

#1134968 #1145713 #1151455 #1156146 #1157179

Cross- CVE-2019-14818

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

https://www.suse.com/security/cve/CVE-2019-14818.html

https://bugzilla.suse.com/1134968

https://bugzilla.suse.com/1145713

https://bugzilla.suse.com/1151455

https://bugzilla.suse.com/1156146

https://bugzilla.suse.com/1157179

Severity
Announcement ID: SUSE-SU-2019:3179-1
Rating: moderate

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved