SUSE-SU-2020:0649-1: moderate: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Mar 12 08:16:22 MDT 2020


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:0649-1
Rating:             moderate
References:         #1051510 #1061840 #1065600 #1065729 #1071995 
                    #1088810 #1105392 #1111666 #1112178 #1112504 
                    #1114279 #1118338 #1123328 #1133021 #1133147 
                    #1140025 #1154243 #1157424 #1157966 #1158013 
                    #1159271 #1160218 #1160979 #1161360 #1161702 
                    #1161907 #1162109 #1162139 #1162557 #1162617 
                    #1162618 #1162619 #1162623 #1162928 #1162943 
                    #1163383 #1163384 #1163762 #1163774 #1163836 
                    #1163840 #1163841 #1163842 #1163843 #1163844 
                    #1163845 #1163846 #1163849 #1163850 #1163851 
                    #1163852 #1163853 #1163855 #1163856 #1163857 
                    #1163858 #1163859 #1163860 #1163861 #1163862 
                    #1163863 #1163867 #1163869 #1163880 #1163971 
                    #1164069 #1164098 #1164115 #1164314 #1164315 
                    #1164388 #1164471 #1164632 #1164705 #1164712 
                    #1164727 #1164728 #1164729 #1164730 #1164731 
                    #1164732 #1164733 #1164734 #1164735 
Cross-References:   CVE-2020-2732 CVE-2020-8428 CVE-2020-8648
                    CVE-2020-8992
Affected Products:
                    SUSE Linux Enterprise Real Time Extension 12-SP4
______________________________________________________________________________

   An update that solves four vulnerabilities and has 80 fixes
   is now available.

Description:


   The SUSE Linux Enterprise 12-SP4 kernel-RT was updated to 4.12.14 to
   receive various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2020-8992: Fixed an issue in ext4_protect_reserved_inode in
     fs/ext4/block_validity.c that allowed attackers to cause a soft lockup
     via a crafted journal size (bsc#1164069).
   - CVE-2020-8648: Fixed a use-after-free vulnerability in the
     n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).
   - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may
     trick the L0 hypervisor into accessing sensitive L1 resources
     (bsc#1163971).
   - CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which
     allowed local users to cause a denial of service (OOPS) or possibly
     obtain sensitive information from kernel memory, aka CID-d0cb50185ae9
     (bsc#1162109).

   The following non-security bugs were fixed:

   - 6pack,mkiss: fix possible deadlock (bsc#1051510).
   - ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).
   - ACPI: PM: Avoid attaching ACPI PM domain to certain devices
     (bsc#1051510).
   - ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).
   - ACPI: video: Do not export a non working backlight interface on MSI
     MS-7721 boards (bsc#1051510).
   - ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557).
   - ACPI / watchdog: Fix init failure with overlapping register regions
     (bsc#1162557).
   - ACPI / watchdog: Set default timeout in probe (bsc#1162557).
   - ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).
   - ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666).
   - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
     (git-fixes).
   - ALSA: seq: Avoid concurrent access to queue flags (git-fixes).
   - ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes).
   - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes).
   - arm64: Revert support for execute-only user mappings (bsc#1160218).
   - ASoC: sun8i-codec: Fix setting DAI data format (git-fixes).
   - ata: ahci: Add shutdown to freeze hardware resources of ahci
     (bsc#1164388).
   - bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front()
     (bsc#1163762).
   - bcache: add code comments for state->pool in __btree_sort()
     (bsc#1163762).
   - bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).
   - bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).
   - bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).
   - bcache: add more accurate error messages in read_super() (bsc#1163762).
   - bcache: add readahead cache policy options via sysfs interface
     (bsc#1163762).
   - bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).
   - bcache: avoid unnecessary btree nodes flushing in btree_flush_write()
     (bsc#1163762).
   - bcache: check return value of prio_read() (bsc#1163762).
   - bcache: deleted code comments for dead code in bch_data_insert_keys()
     (bsc#1163762).
   - bcache: do not export symbols (bsc#1163762).
   - bcache: explicity type cast in bset_bkey_last() (bsc#1163762).
   - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
     (bsc#1163762).
   - bcache: Fix an error code in bch_dump_read() (bsc#1163762).
   - bcache: fix deadlock in bcache_allocator (bsc#1163762).
   - bcache: fix incorrect data type usage in btree_flush_write()
     (bsc#1163762).
   - bcache: fix memory corruption in bch_cache_accounting_clear()
     (bsc#1163762).
   - bcache: fix static checker warning in bcache_device_free() (bsc#1163762).
   - bcache: ignore pending signals when creating gc and allocator thread
     (bsc#1163762, bsc#1112504).
   - bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).
   - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan()
     (bsc#1163762).
   - bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762).
   - bcache: remove macro nr_to_fifo_front() (bsc#1163762).
   - bcache: remove member accessed from struct btree (bsc#1163762).
   - bcache: remove the extra cflags for request.o (bsc#1163762).
   - bcache: Revert "bcache: shrink btree node cache after bch_btree_check()"
     (bsc#1163762, bsc#1112504).
   - blk-mq: avoid sysfs buffer overflow with too many CPU cores
     (bsc#1163840).
   - blk-mq: make sure that line break can be printed (bsc#1164098).
   - Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510).
   - bonding: fix potential NULL deref in bond_update_slave_arr (bsc#1051510).
   - bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).
   - Btrfs: do not double lock the subvol_sem for rename exchange
     (bsc#1162943).
   - Btrfs: fix btrfs_write_inode vs delayed iput deadlock (bsc#1154243).
   - Btrfs: fix infinite loop during fsync after rename operations
     (bsc#1163383).
   - Btrfs: fix race between adding and putting tree mod seq elements and
     nodes (bsc#1163384).
   - Btrfs: send, skip backreference walking for extents with many references
     (bsc#1162139).
   - cdrom: respect device capabilities during opening action (boo#1164632).
   - chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849).
   - cifs: fix mount option display for sec=krb5i (bsc#1161907).
   - clk: mmp2: Fix the order of timer mux parents (bsc#1051510).
   - clk: qcom: rcg2: Do not crash if our parent can't be found; return an
     error (bsc#1051510).
   - clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510).
   - clk: tegra: Mark fuse clock as critical (bsc#1051510).
   - clocksource/drivers/bcm2835_timer: Fix memory leak of timer
     (bsc#1051510).
   - clocksource: Prevent double add_timer_on() for watchdog_timer
     (bsc#1051510).
   - closures: fix a race on wakeup from closure_sync (bsc#1163762).
   - crypto: api - Fix race condition in crypto_spawn_alg (bsc#1051510).
   - crypto: reexport crypto_shoot_alg() (bsc#1051510, kABI fix).
   - Documentation: Document arm64 kpti control (bsc#1162623).
   - drivers/base/memory.c: do not access uninitialized memmaps in
     soft_offline_page_store() (bsc#1051510).
   - drm/amdgpu: add function parameter description in 'amdgpu_gart_bind'
     (bsc#1051510).
   - drm/amdgpu: remove 4 set but not used variable in
     amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510).
   - drm/amdgpu: remove always false comparison in
     'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510).
   - drm/amdgpu: remove set but not used variable 'amdgpu_connector'
     (bsc#1051510).
   - drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).
   - drm/amdgpu: remove set but not used variable 'dig_connector'
     (bsc#1051510).
   - drm/amdgpu: remove set but not used variable 'mc_shared_chmap'
     (bsc#1051510).
   - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from
     'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510).
   - drm: bridge: dw-hdmi: constify copied structure (bsc#1051510).
   - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
     (bsc#1051510).
   - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
     (bsc#1051510).
   - drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510).
   - drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (bsc#1051510).
   - Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632).
   - enic: prevent waking up stopped tx queues over watchdog reset
     (bsc#1133147).
   - ext2: check err when partial != NULL (bsc#1163859).
   - ext4: check for directory entries too close to block end (bsc#1163861).
   - ext4: fix a bug in ext4_wait_for_tail_page_commit (bsc#1163841).
   - ext4: fix checksum errors with indexed dirs (bsc#1160979).
   - ext4: fix deadlock allocating crypto bounce page from mempool
     (bsc#1163842).
   - ext4: Fix mount failure with quota configured as module (bsc#1164471).
   - ext4: improve explanation of a mount failure caused by a misconfigured
     kernel (bsc#1163843).
   - ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853).
   - firestream: fix memory leaks (bsc#1051510).
   - fix autofs regression caused by follow_managed() changes (bsc#1159271).
   - fix dget_parent() fastpath race (bsc#1159271).
   - fix the locking in dcache_readdir() and friends (bsc#1123328).
   - fscrypt: do not set policy for a dead directory (bsc#1163846).
   - fs/namei.c: fix missing barriers when checking positivity (bsc#1159271).
   - fs/namei.c: pull positivity check into follow_managed() (bsc#1159271).
   - fs/open.c: allow opening only regular files during execve()
     (bsc#1163845).
   - ftrace: Add comment to why rcu_dereference_sched() is open coded
     (git-fixes).
   - ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes).
   - genirq/proc: Return proper error code when irq_set_affinity() fails
     (bnc#1105392).
   - gtp: avoid zero size hashtable (networking-stable-20_01_01).
   - gtp: do not allow adding duplicate tid and ms_addr pdp context
     (networking-stable-20_01_01).
   - gtp: fix an use-after-free in ipv4_pdp_find()
     (networking-stable-20_01_01).
   - gtp: fix wrong condition in gtp_genl_dump_pdp()
     (networking-stable-20_01_01).
   - hwmon: (adt7475) Make volt2reg return same reg as reg2volt input
     (bsc#1051510).
   - hwmon: (core) Do not use device managed functions for memory allocations
     (bsc#1051510).
   - hwmon: (nct7802) Fix voltage limits to wrong registers (bsc#1051510).
   - hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions
     (bsc#1051510).
   - iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162617).
   - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA
     (bsc#1164314).
   - iommu/io-pgtable-arm: Fix race handling in split_blk_unmap()
     (bsc#1164115).
   - iwlwifi: do not throw error when trying to remove IGTK (bsc#1051510).
   - iwlwifi: mvm: fix NVM check for 3168 devices (bsc#1051510).
   - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info
     when load journal (bsc#1163862).
   - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
     (bsc#1163836).
   - jbd2: Fix possible overflow in jbd2_log_space_left() (bsc#1163860).
   - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
     (bsc#1163863).
   - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
     (bsc#1163880).
   - jbd2: switch to use jbd2_journal_abort() when failed to submit the
     commit record (bsc#1163852).
   - kconfig: fix broken dependency in randconfig-generated .config
     (bsc#1051510).
   - kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure
     flavor (boo#1161360).
   - KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers
     (bsc#1133021).
   - KVM: fix spectrev1 gadgets (bsc#1164705).
   - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840).
   - KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840).
   - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
     (bsc#1061840).
   - KVM: SVM: Override default MMIO mask if memory encryption is enabled
     (bsc#1162618).
   - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF
     attacks (bsc#1164734).
   - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
     (bsc#1164728).
   - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
     (bsc#1164729).
   - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF
     attacks (bsc#1164712).
   - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
     (bsc#1164730).
   - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF
     attacks in x86.c (bsc#1164733).
   - KVM: x86: Protect MSR-based index computations in
     fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164731).
   - KVM: x86: Protect MSR-based index computations in pmu.h from
     Spectre-v1/L1TF attacks (bsc#1164732).
   - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735).
   - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
     (bsc#1164705).
   - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
     (bsc#1164727).
   - lib: crc64: include <linux/crc64.h> for 'crc64_be' (bsc#1163762).
   - lib/scatterlist.c: adjust indentation in __sg_alloc_table (bsc#1051510).
   - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
     (bsc#1051510).
   - livepatch/samples/selftest: Use klp_shadow_alloc() API correctly
     (bsc#1071995).
   - livepatch/selftest: Clean up shadow variable names and type
     (bsc#1071995).
   - mac80211: Fix TKIP replay protection immediately after key setup
     (bsc#1051510).
   - mac80211: mesh: restrict airtime metric to peered established plinks
     (bsc#1051510).
   - media: af9005: uninitialized variable printked (bsc#1051510).
   - media: cec: CEC 2.0-only bcast messages were ignored (git-fixes).
   - media: digitv: do not continue if remote control state can't be read
     (bsc#1051510).
   - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (bsc#1051510).
   - media: exynos4-is: fix wrong mdev and v4l2 dev order in error path
     (git-fixes).
   - media: gspca: zero usb_buf (bsc#1051510).
   - media: iguanair: fix endpoint sanity check (bsc#1051510).
   - media: ov6650: Fix crop rectangle alignment not passed back (git-fixes).
   - media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes).
   - media: pulse8-cec: fix lost cec_transmit_attempt_done() call.
   - media: uvcvideo: Avoid cyclic entity chains due to malformed USB
     descriptors (bsc#1051510).
   - media/v4l2-core: set pages dirty upon releasing DMA buffers
     (bsc#1051510).
   - media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (bsc#1051510).
   - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
     (bsc#1051510).
   - mfd: da9062: Fix watchdog compatible string (bsc#1051510).
   - mfd: dln2: More sanity checking for endpoints (bsc#1051510).
   - mfd: rn5t618: Mark ADC control register volatile (bsc#1051510).
   - mmc: spi: Toggle SPI polarity, do not hardcode it (bsc#1051510).
   - mod_devicetable: fix PHY module format (networking-stable-19_12_28).
   - mtd: fix mtd_oobavail() incoherent returned value (bsc#1051510).
   - namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1163851).
   - net: dst: Force 4-byte alignment of dst_metrics
     (networking-stable-19_12_28).
   - net: ena: fix napi handler misbehavior when the napi budget is zero
     (networking-stable-20_01_01).
   - net: hisilicon: Fix a BUG trigered by wrong bytes_compl
     (networking-stable-19_12_28).
   - net: nfc: nci: fix a possible sleep-in-atomic-context bug in
     nci_uart_tty_receive() (networking-stable-19_12_28).
   - net: qlogic: Fix error paths in ql_alloc_large_buffers()
     (networking-stable-19_12_28).
   - net: sched: correct flower port blocking (git-fixes).
   - net: usb: lan78xx: Fix suspend/resume PHY register access error
     (networking-stable-19_12_28).
   - new helper: lookup_positive_unlocked() (bsc#1159271).
   - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info
     (bsc#1163774).
   - PCI: Add DMA alias quirk for Intel VCA NTB (bsc#1051510).
   - PCI: Do not disable bridge BARs when assigning bus resources
     (bsc#1051510).
   - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes).
   - PCI/switchtec: Fix vep_vector_number ioread width (bsc#1051510).
   - percpu: Separate decrypted varaibles anytime encryption can be enabled
     (bsc#1114279).
   - perf/x86/intel: Fix inaccurate period in context switch for auto-reload
     (bsc#1164315).
   - phy: qualcomm: Adjust indentation in read_poll_timeout (bsc#1051510).
   - pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B
     (bsc#1051510).
   - powerpc: avoid adjusting memory_limit for capture kernel memory
     reservation (bsc#1140025 ltc#176086).
   - powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2
     (bsc#1061840).
   - powerpc/pseries: Advance pfn if section is not present in
     lmb_is_removable() (bsc#1065729).
   - powerpc/pseries: Allow not having ibm,
     hypertas-functions::hcall-multi-tce for DDW (bsc#1065729).
   - powerpc/pseries/hotplug-memory: Change rc variable to bool (bsc#1065729).
   - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning
     (bsc#1065729).
   - powerpc: reserve memory for capture kernel after hugepages init
     (bsc#1140025 ltc#176086).
   - powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal
     delivery (bsc#1118338 ltc#173734).
   - powerpc/xmon: do not access ASDR in VMs (bsc#1065729).
   - power: supply: ltc2941-battery-gauge: fix use-after-free (bsc#1051510).
   - pstore/ram: Write new dumps to start of recycled zones (bsc#1051510).
   - pwm: omap-dmtimer: Remove PWM chip in .remove before making it
     unfunctional (git-fixes).
   - pwm: Remove set but not set variable 'pwm' (git-fixes).
   - pxa168fb: Fix the function used to release some memory in an error
     (bsc#1114279)
   - qede: Fix multicast mac configuration (networking-stable-19_12_28).
   - qmi_wwan: Add support for Quectel RM500Q (bsc#1051510).
   - quota: Check that quota is not dirty before release (bsc#1163858).
   - quota: fix livelock in dquot_writeback_dquots (bsc#1163857).
   - r8152: get default setting of WOL before initializing (bsc#1051510).
   - README.BRANCH: Update the branch name to cve/linux-4.12
   - regulator: Fix return value of _set_load() stub (bsc#1051510).
   - regulator: rk808: Lower log level on optional GPIOs being not available
     (bsc#1051510).
   - reiserfs: Fix memory leak of journal device string (bsc#1163867).
   - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
     (bsc#1163869).
   - rpm/kabi.pl: support new (>=5.4) Module.symvers format (new symbol
     namespace field)
   - rpm/kernel-binary.spec.in: Replace Novell with SUSE
   - rtc: cmos: Stop using shared IRQ (bsc#1051510).
   - rtc: hym8563: Return -EINVAL if the time is known to be invalid
     (bsc#1051510).
   - rtlwifi: Fix MAX MPDU of VHT capability (git-fixes).
   - rtlwifi: Remove redundant semicolon in wifi.h (git-fixes).
   - scsi: qla2xxx: Fix a NULL pointer dereference in an error path
     (bsc#1157966 bsc#1158013 bsc#1157424).
   - scsi: qla2xxx: Fix unbound NVME response length (bsc#1157966 bsc#1158013
     bsc#1157424).
   - sctp: fully initialize v4 addr in some functions
     (networking-stable-19_12_28).
   - serial: 8250_bcm2835aux: Fix line mismatch on driver unbind
     (bsc#1051510).
   - serial: ifx6x60: add missed pm_runtime_disable (bsc#1051510).
   - serial: pl011: Fix DMA ->flush_buffer() (bsc#1051510).
   - serial: serial_core: Perform NULL checks for break_ctl ops (bsc#1051510).
   - serial: stm32: fix transmit_chars when tx is stopped (bsc#1051510).
   - sh_eth: check sh_eth_cpu_data::dual_port when dumping registers
     (bsc#1051510).
   - sh_eth: fix dumping ARSTR (bsc#1051510).
   - sh_eth: fix invalid context bug while calling auto-negotiation by
     ethtool (bsc#1051510).
   - sh_eth: fix invalid context bug while changing link options by ethtool
     (bsc#1051510).
   - sh_eth: fix TSU init on SH7734/R8A7740 (bsc#1051510).
   - sh_eth: fix TXALCR1 offsets (bsc#1051510).
   - sh_eth: TSU_QTAG0/1 registers the same as TSU_QTAGM0/1 (bsc#1051510).
   - soc: renesas: rcar-sysc: Add goto to of_node_put() before return
     (bsc#1051510).
   - soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
     (bsc#1051510).
   - soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot (bsc#1051510).
   - spi: tegra114: clear packed bit for unpacked mode (bsc#1051510).
   - spi: tegra114: configure dma burst size to fifo trig level (bsc#1051510).
   - spi: tegra114: fix for unpacked mode transfers (bsc#1051510).
   - spi: tegra114: flush fifos (bsc#1051510).
   - spi: tegra114: terminate dma and reset on transfer timeout (bsc#1051510).
   - sr_vendor: support Beurer GL50 evo CD-on-a-chip devices (boo#1164632).
   - staging: vt6656: correct packet types for CTS protect, mode
     (bsc#1051510).
   - staging: vt6656: Fix false Tx excessive retries reporting (bsc#1051510).
   - staging: vt6656: use NULLFUCTION stack on mac80211 (bsc#1051510).
   - staging: wlan-ng: ensure error return is actually returned (bsc#1051510).
   - stop_machine: Atomically queue and wake stopper threads (bsc#1088810,
     bsc#1161702).
   - stop_machine: Disable preemption after queueing stopper threads
     (bsc#1088810, bsc#1161702).
   - stop_machine: Disable preemption when waking two stopper threads
     (bsc#1088810, bsc#1161702).
   - stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock
     (bsc#1088810, bsc#1161702).
   - tcp: do not send empty skb from tcp_write_xmit()
     (networking-stable-20_01_01).
   - tracing: Annotate ftrace_graph_hash pointer with __rcu (git-fixes).
   - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu
     (git-fixes).
   - tracing: Fix tracing_stat return values in error handling paths
     (git-fixes).
   - tracing: Fix very unlikely race of registering two stat tracers
     (git-fixes).
   - tty: n_hdlc: fix build on SPARC (bsc#1051510).
   - tty/serial: atmel: Add is_half_duplex helper (bsc#1051510).
   - tty: serial: msm_serial: Fix lockup for sysrq and oops (bsc#1051510).
   - tty: vt: keyboard: reject invalid keycodes (bsc#1051510).
   - ubifs: do not trigger assertion on invalid no-key filename (bsc#1163850).
   - ubifs: Fix deadlock in concurrent bulk-read and writepage (bsc#1163856).
   - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag
     (bsc#1163855).
   - ubifs: Reject unsupported ioctl flags explicitly (bsc#1163844).
   - udp: fix integer overflow while computing available space in sk_rcvbuf
     (networking-stable-20_01_01).
   - USB: core: fix check for duplicate endpoints (git-fixes).
   - USB: dwc3: turn off VBUS when leaving host mode (bsc#1051510).
   - USB: EHCI: Do not return -EPIPE when hub is disconnected (git-fixes).
   - USB: gadget: f_ecm: Use atomic_t to track in-flight request
     (bsc#1051510).
   - USB: gadget: f_ncm: Use atomic_t to track in-flight request
     (bsc#1051510).
   - USB: gadget: legacy: set max_speed to super-speed (bsc#1051510).
   - USB: gadget: Zero ffs_io_data (bsc#1051510).
   - USB: host: xhci-hub: fix extra endianness conversion (bsc#1051510).
   - usbip: Fix error path of vhci_recv_ret_submit() (git-fixes).
   - USB: serial: ir-usb: add missing endpoint sanity check (bsc#1051510).
   - USB: serial: ir-usb: fix IrLAP framing (bsc#1051510).
   - USB: serial: ir-usb: fix link-speed handling (bsc#1051510).
   - USB: serial: option: add support for Quectel RM500Q in QDL mode
     (git-fixes).
   - USB: serial: option: add Telit ME910G1 0x110a composition (git-fixes).
   - USB: serial: option: add ZLP support for 0x1bc7/0x9010 (git-fixes).
   - usb-storage: Disable UAS on JMicron SATA enclosure (bsc#1051510).
   - USB: typec: tcpci: mask event interrupts when remove driver
     (bsc#1051510).
   - vhost/vsock: accept only packets with the right dst_cid
     (networking-stable-20_01_01).
   - watchdog: max77620_wdt: fix potential build errors (bsc#1051510).
   - watchdog: rn5t618_wdt: fix module aliases (bsc#1051510).
   - watchdog: wdat_wdt: fix get_timeleft call for wdat_wdt (bsc#1162557).
   - wireless: fix enabling channel 12 for custom regulatory domain
     (bsc#1051510).
   - wireless: wext: avoid gcc -O3 warning (bsc#1051510).
   - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
     (bsc#1162619).
   - x86/intel_rdt: Split resource group removal in two (bsc#1112178).
   - x86/resctrl: Check monitoring static key in the MBM overflow handler
     (bsc#1114279).
   - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178).
   - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup
     (bsc#1112178).
   - x86/resctrl: Fix use-after-free when deleting resource groups
     (bsc#1114279).
   - xen/balloon: Support xend-based toolstack take two (bsc#1065600).
   - xen: Enable interrupts when calling _cond_resched() (bsc#1065600).
   - xhci: Fix memory leak in xhci_add_in_port() (bsc#1051510).
   - xhci: fix USB3 device initiated resume race with roothub autosuspend
     (bsc#1051510).
   - xhci: make sure interrupts are restored to correct state (bsc#1051510).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time Extension 12-SP4:

      zypper in -t patch SUSE-SLE-RT-12-SP4-2020-649=1



Package List:

   - SUSE Linux Enterprise Real Time Extension 12-SP4 (x86_64):

      cluster-md-kmp-rt-4.12.14-8.15.1
      dlm-kmp-rt-4.12.14-8.15.1
      gfs2-kmp-rt-4.12.14-8.15.1
      kernel-rt-4.12.14-8.15.1
      kernel-rt-base-4.12.14-8.15.1
      kernel-rt-devel-4.12.14-8.15.1
      kernel-rt_debug-devel-4.12.14-8.15.1
      kernel-syms-rt-4.12.14-8.15.1
      ocfs2-kmp-rt-4.12.14-8.15.1

   - SUSE Linux Enterprise Real Time Extension 12-SP4 (noarch):

      kernel-devel-rt-4.12.14-8.15.1
      kernel-source-rt-4.12.14-8.15.1


References:

   https://www.suse.com/security/cve/CVE-2020-2732.html
   https://www.suse.com/security/cve/CVE-2020-8428.html
   https://www.suse.com/security/cve/CVE-2020-8648.html
   https://www.suse.com/security/cve/CVE-2020-8992.html
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1061840
   https://bugzilla.suse.com/1065600
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1071995
   https://bugzilla.suse.com/1088810
   https://bugzilla.suse.com/1105392
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1112504
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1118338
   https://bugzilla.suse.com/1123328
   https://bugzilla.suse.com/1133021
   https://bugzilla.suse.com/1133147
   https://bugzilla.suse.com/1140025
   https://bugzilla.suse.com/1154243
   https://bugzilla.suse.com/1157424
   https://bugzilla.suse.com/1157966
   https://bugzilla.suse.com/1158013
   https://bugzilla.suse.com/1159271
   https://bugzilla.suse.com/1160218
   https://bugzilla.suse.com/1160979
   https://bugzilla.suse.com/1161360
   https://bugzilla.suse.com/1161702
   https://bugzilla.suse.com/1161907
   https://bugzilla.suse.com/1162109
   https://bugzilla.suse.com/1162139
   https://bugzilla.suse.com/1162557
   https://bugzilla.suse.com/1162617
   https://bugzilla.suse.com/1162618
   https://bugzilla.suse.com/1162619
   https://bugzilla.suse.com/1162623
   https://bugzilla.suse.com/1162928
   https://bugzilla.suse.com/1162943
   https://bugzilla.suse.com/1163383
   https://bugzilla.suse.com/1163384
   https://bugzilla.suse.com/1163762
   https://bugzilla.suse.com/1163774
   https://bugzilla.suse.com/1163836
   https://bugzilla.suse.com/1163840
   https://bugzilla.suse.com/1163841
   https://bugzilla.suse.com/1163842
   https://bugzilla.suse.com/1163843
   https://bugzilla.suse.com/1163844
   https://bugzilla.suse.com/1163845
   https://bugzilla.suse.com/1163846
   https://bugzilla.suse.com/1163849
   https://bugzilla.suse.com/1163850
   https://bugzilla.suse.com/1163851
   https://bugzilla.suse.com/1163852
   https://bugzilla.suse.com/1163853
   https://bugzilla.suse.com/1163855
   https://bugzilla.suse.com/1163856
   https://bugzilla.suse.com/1163857
   https://bugzilla.suse.com/1163858
   https://bugzilla.suse.com/1163859
   https://bugzilla.suse.com/1163860
   https://bugzilla.suse.com/1163861
   https://bugzilla.suse.com/1163862
   https://bugzilla.suse.com/1163863
   https://bugzilla.suse.com/1163867
   https://bugzilla.suse.com/1163869
   https://bugzilla.suse.com/1163880
   https://bugzilla.suse.com/1163971
   https://bugzilla.suse.com/1164069
   https://bugzilla.suse.com/1164098
   https://bugzilla.suse.com/1164115
   https://bugzilla.suse.com/1164314
   https://bugzilla.suse.com/1164315
   https://bugzilla.suse.com/1164388
   https://bugzilla.suse.com/1164471
   https://bugzilla.suse.com/1164632
   https://bugzilla.suse.com/1164705
   https://bugzilla.suse.com/1164712
   https://bugzilla.suse.com/1164727
   https://bugzilla.suse.com/1164728
   https://bugzilla.suse.com/1164729
   https://bugzilla.suse.com/1164730
   https://bugzilla.suse.com/1164731
   https://bugzilla.suse.com/1164732
   https://bugzilla.suse.com/1164733
   https://bugzilla.suse.com/1164734
   https://bugzilla.suse.com/1164735



More information about the sle-security-updates mailing list