SUSE-SU-2020:3326-1: moderate: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Nov 13 13:21:32 MST 2020
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2020:3326-1
Rating: moderate
References: #1055014 #1058115 #1061843 #1065600 #1065729
#1066382 #1077428 #1112178 #1114648 #1131277
#1134760 #1157424 #1163592 #1167030 #1170415
#1171558 #1172538 #1173432 #1174748 #1175520
#1175721 #1176354 #1176485 #1176560 #1176723
#1176907 #1176946 #1177086 #1177101 #1177271
#1177281 #1177410 #1177411 #1177470 #1177719
#1177740 #1177749 #1177750 #1177753 #1177754
#1177755 #1177766 #1177855 #1177856 #1177861
#1178003 #1178027 #1178166 #1178185 #1178187
#1178188 #1178202 #1178234 #1178330 SLE-10886
Cross-References: CVE-2020-0430 CVE-2020-14351 CVE-2020-16120
CVE-2020-25285 CVE-2020-25656 CVE-2020-25705
CVE-2020-8694
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Live Patching 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
______________________________________________________________________________
An update that solves 7 vulnerabilities, contains one
feature and has 47 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bug fixes.
The following security bugs were fixed:
- CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl
(bnc#1177766).
- CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers
in mm/hugetlb.c (bnc#1176485).
- CVE-2020-0430: Fixed an OOB read in skb_headlen of
/include/linux/skbuff.h (bnc#1176723).
- CVE-2020-14351: Fixed a race in the perf_mmap_close() function
(bsc#1177086).
- CVE-2020-16120: Fixed a permissions issue in ovl_path_open()
(bsc#1177470).
- CVE-2020-8694: Restricted energy meter to root access (bsc#1170415).
- CVE-2020-25705: A ICMP global rate limiting side-channel was removed
which could lead to e.g. the SADDNS attack (bsc#1175721)
The following non-security bugs were fixed:
- ACPI: dock: fix enum-conversion warning (git-fixes).
- ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
- ALSA: compress_offload: remove redundant initialization (git-fixes).
- ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
- ALSA: core: pcm: simplify locking for timers (git-fixes).
- ALSA: core: timer: clarify operator precedence (git-fixes).
- ALSA: core: timer: remove redundant assignment (git-fixes).
- ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock
(git-fixes).
- ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
- ALSA: hda - Do not register a cb func if it is registered already
(git-fixes).
- ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
(git-fixes).
- ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
(git-fixes).
- ALSA: hda/realtek - The front Mic on a HP machine does not work
(git-fixes).
- ALSA: hda: use semicolons rather than commas to separate statements
(git-fixes).
- ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
- ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
- ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
- ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
- ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
- ALSA: usb-audio: fix spelling mistake "Frequence" -> "Frequency"
(git-fixes).
- ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
- ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
- ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).
- ath10k: Fix the size used in a 'dma_free_coherent()' call in an error
handling path (git-fixes).
- ath10k: provide survey info as accumulated data (git-fixes).
- ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
(git-fixes).
- ath6kl: wmi: prevent a shift wrapping bug in
ath6kl_wmi_delete_pstream_cmd() (git-fixes).
- ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
(git-fixes).
- ath9k: hif_usb: fix race condition between usb_get_urb() and
usb_kill_anchored_urbs() (git-fixes).
- blk-mq: order adding requests to hctx->dispatch and checking
SCHED_RESTART (bsc#1177750).
- block: ensure bdi->io_pages is always initialized (bsc#1177749).
- Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
- Bluetooth: Only mark socket zapped after unlocking (git-fixes).
- bnxt: do not enable NAPI until rings are ready
(networking-stable-20_09_11).
- bnxt_en: Check for zero dir entries in NVRAM
(networking-stable-20_09_11).
- brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).
- brcmfmac: check ndev pointer (git-fixes).
- brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
- btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
- btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations
(bsc#1177856).
- btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode
(bsc#1177855).
- btrfs: remove root usage from can_overcommit (bsc#1131277).
- btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560).
- btrfs: tree-checker: fix false alert caused by legacy btrfs root item
(bsc#1177861).
- can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).
- can: flexcan: flexcan_chip_stop(): add error handling and propagate
error value (git-fixes).
- can: softing: softing_card_shutdown(): add braces around empty body in
an 'if' statement (git-fixes).
- ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234).
- ceph: map snapid to anonymous bdev ID (bsc#1178234).
- ceph: promote to unsigned long long before shifting (bsc#1178187).
- clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).
- clk: at91: remove the checking of parent_name (git-fixes).
- clk: bcm2835: add missing release if devm_clk_hw_register fails
(git-fixes).
- clk: imx8mq: Fix usdhc parents order (git-fixes).
- coredump: fix crash when umh is disabled (bsc#1177753).
- crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
- crypto: ccp - fix error handling (git-fixes).
- crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
(git-fixes).
- crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
(git-fixes).
- crypto: omap-sham - fix digcnt register handling with export/import
(git-fixes).
- cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
- cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
- device property: Do not clear secondary pointer for shared primary
firmware node (git-fixes).
- device property: Keep secondary firmware node secondary by type
(git-fixes).
- Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not
really useful for KMP, and rather confusing, so let's disable it at
building out-of-tree codes
- dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).
- drm/gma500: fix error check (git-fixes).
- drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes).
- EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178).
- eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
- Fix use after free in get_capset_info callback (git-fixes).
- gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
(networking-stable-20_08_24).
- gtp: add GTPA_LINK info to msg sent to userspace
(networking-stable-20_09_11).
- HID: roccat: add bounds checking in kone_sysfs_write_settings()
(git-fixes).
- HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery
(git-fixes).
- i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
- ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
- ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
- ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
- ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760
ltc#177449 git-fixes).
- iio:accel:bma180: Fix use of true when should be iio_shared_by enum
(git-fixes).
- iio:adc:max1118 Fix alignment of timestamp and data leak issues
(git-fixes).
- iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
- iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
- iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).
- iio:gyro:itg3200: Fix timestamp alignment and prevent data leak
(git-fixes).
- iio:light:si1145: Fix timestamp alignment and prevent data leak
(git-fixes).
- iio:magn:hmc5843: Fix passing true where iio_shared_by enum required
(git-fixes).
- ima: Remove semicolon at the end of ima_get_binary_runtime_size()
(git-fixes).
- Input: ep93xx_keypad - fix handling of platform_get_irq() error
(git-fixes).
- Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
(git-fixes).
- Input: omap4-keypad - fix handling of platform_get_irq() error
(git-fixes).
- Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).
- Input: twl4030_keypad - fix handling of platform_get_irq() error
(git-fixes).
- iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).
- ip: fix tos reflection in ack and reset packets
(networking-stable-20_09_24).
- ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
(git-fixes).
- iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
- kbuild: enforce -Werror=return-type (bsc#1177281).
- libceph: clear con->out_msg on Policy::stateful_server faults
(bsc#1178188).
- lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
- livepatch: Test if -fdump-ipa-clones is really available As of now we
add -fdump-ipa-clones unconditionally. It does not cause a trouble if
the kernel is build with the supported toolchain. Otherwise it could
fail easily. Do the correct thing and test for the availability.
- mac80211: handle lack of sband->bitrates in rates (git-fixes).
- mailbox: avoid timer start from callback (git-fixes).
- media: ati_remote: sanity check for both endpoints (git-fixes).
- media: bdisp: Fix runtime PM imbalance on error (git-fixes).
- media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
(git-fixes).
- media: exynos4-is: Fix a reference count leak (git-fixes).
- media: exynos4-is: Fix several reference count leaks due to
pm_runtime_get_sync (git-fixes).
- media: firewire: fix memory leak (git-fixes).
- media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).
- media: media/pci: prevent memory leak in bttv_probe (git-fixes).
- media: omap3isp: Fix memleak in isp_probe (git-fixes).
- media: platform: fcp: Fix a reference count leak (git-fixes).
- media: platform: s3c-camif: Fix runtime PM imbalance on error
(git-fixes).
- media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
- media: Revert "media: exynos4-is: Add missed check for
pinctrl_lookup_state()" (git-fixes).
- media: s5p-mfc: Fix a reference count leak (git-fixes).
- media: saa7134: avoid a shift overflow (git-fixes).
- media: st-delta: Fix reference count leak in delta_run_work (git-fixes).
- media: sti: Fix reference count leaks (git-fixes).
- media: tc358743: initialize variable (git-fixes).
- media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
- media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).
- media: usbtv: Fix refcounting mixup (git-fixes).
- media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
- media: vsp1: Fix runtime PM imbalance on error (git-fixes).
- memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
(git-fixes).
- memory: omap-gpmc: Fix a couple off by ones (git-fixes).
- mic: vop: copy data to kernel space then write to io memory (git-fixes).
- misc: mic: scif: Fix error handling path (git-fixes).
- misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
- misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
(git-fixes).
- mlx5 PPC ringsize workaround (bsc#1173432).
- mlx5: remove support for ib_get_vector_affinity (bsc#1174748).
- mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
- mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
- mtd: lpddr: fix excessive stack usage with clang (git-fixes).
- mtd: mtdoops: Do not write panic data twice (git-fixes).
- mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).
- mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
- mwifiex: fix double free (git-fixes).
- mwifiex: remove function pointer check (git-fixes).
- mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO
(git-fixes).
- net: disable netpoll on fresh napis (networking-stable-20_09_11).
- net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
(git-fixes).
- net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes).
- net: Fix potential wrong skb->protocol in skb_vlan_untag()
(networking-stable-20_08_24).
- net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).
- net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC
(networking-stable-20_09_24).
- netlabel: fix problems with mapping removal (networking-stable-20_09_11).
- net/mlx5e: Take common TIR context settings into a function
(bsc#1177740).
- net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740).
- net: phy: Avoid NPD upon phy_detach() when driver is unbound
(networking-stable-20_09_24).
- net: qrtr: fix usage of idr in port assignment to socket
(networking-stable-20_08_24).
- net: systemport: Fix memleak in bcm_sysport_probe
(networking-stable-20_09_11).
- net: usb: dm9601: Add USB ID of Keenetic Plus DSL
(networking-stable-20_09_11).
- net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
- net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
(git-fixes).
- nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
nfc_genl_fw_download() (git-fixes).
- nl80211: fix non-split wiphy information (git-fixes).
- NTB: hw: amd: fix an issue about leak system resources (git-fixes).
- nvme: do not update disk info for multipathed device (bsc#1171558).
- nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
- nvme-rdma: fix crash when connect rejected (bsc#1174748).
- perf/x86/amd: Fix sampling Large Increment per Cycle events
(bsc#1114648).
- perf/x86: Fix n_pair for cancelled txn (bsc#1114648).
- powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load
emulation (bsc#1065729).
- powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
- powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).
- powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
- powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
- powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
- powerpc/powernv/elog: Fix race while processing OPAL error log event
(bsc#1065729).
- powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
(bsc#1077428 ltc#163882 git-fixes).
- powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).
- pwm: lpss: Add range limit check for the base_unit register value
(git-fixes).
- pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
(git-fixes).
- ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).
- rtl8xxxu: prevent potential memory leak (git-fixes).
- scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
- scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166
ltc#188226).
- sctp: not disable bh in the whole sctp_get_port_local()
(networking-stable-20_09_11).
- tg3: Fix soft lockup when tg3_reset_task() fails
(networking-stable-20_09_11).
- tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
- tipc: fix shutdown() of connectionless socket
(networking-stable-20_09_11).
- tipc: fix shutdown() of connection oriented socket
(networking-stable-20_09_24).
- tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
- tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
(networking-stable-20_08_24).
- tipc: use skb_unshare() instead in tipc_buf_append()
(networking-stable-20_09_24).
- tty: ipwireless: fix error handling (git-fixes).
- tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
- usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
- usb: cdc-acm: handle broken union descriptors (git-fixes).
- usb: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync()
(git-fixes).
- usb: core: Solve race condition in anchor cleanup functions (git-fixes).
- usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
- usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
- usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
- usb: dwc3: core: do not trigger runtime pm when remove driver
(git-fixes).
- usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
- usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets
(git-fixes).
- usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).
- usb: gadget: function: printer: fix use-after-free in __lock_acquire
(git-fixes).
- usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
(git-fixes).
- usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).
- usb: ohci: Default to per-port over-current protection (git-fixes).
- usb: serial: qcserial: fix altsetting probing (git-fixes).
- vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202).
- video: fbdev: sis: fix null ptr dereference (git-fixes).
- video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value
error (git-fixes).
- VMCI: check return value of get_user_pages_fast() for errors (git-fixes).
- w1: mxc_w1: Fix timeout resolution problem leading to bus error
(git-fixes).
- watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101).
- watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101).
- wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
(git-fixes).
- writeback: Avoid skipping inode writeback (bsc#1177755).
- writeback: Fix sync livelock due to b_dirty_time processing
(bsc#1177755).
- writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755).
- x86/apic: Unify duplicated local apic timer clockevent initialization
(bsc#1112178).
- x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178).
- xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411).
- xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332
bsc#1177411).
- xen/events: avoid removing an event channel while handling it (XSA-331
bsc#1177410).
- xen/events: block rogue events for some time (XSA-332 bsc#1177411).
- xen/events: defer eoi in case of excessive number of events (XSA-332
bsc#1177411).
- xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600).
- xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).
- xen/events: switch user event channels to lateeoi model (XSA-332
bsc#1177411).
- xen/events: use a common cpu hotplug hook for event channels (XSA-332
bsc#1177411).
- xen/gntdev.c: Mark pages as dirty (bsc#1065600).
- xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
- xen: XEN uses irqdesc::irq_data_common::handler_data to store a per
interrupt XEN data pointer which contains XEN specific information
(XSA-332 bsc#1065600).
- xfs: avoid infinite loop when cancelling CoW blocks after writeback
failure (bsc#1178027).
- xfs: don't update mtime on COW faults (bsc#1167030).
- xfs: limit entries returned when counting fsmap records (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP5:
zypper in -t patch SUSE-SLE-WE-12-SP5-2020-3326=1
- SUSE Linux Enterprise Software Development Kit 12-SP5:
zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-3326=1
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3326=1
- SUSE Linux Enterprise Live Patching 12-SP5:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-3326=1
- SUSE Linux Enterprise High Availability 12-SP5:
zypper in -t patch SUSE-SLE-HA-12-SP5-2020-3326=1
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):
kernel-default-debuginfo-4.12.14-122.51.2
kernel-default-debugsource-4.12.14-122.51.2
kernel-default-extra-4.12.14-122.51.2
kernel-default-extra-debuginfo-4.12.14-122.51.2
- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-4.12.14-122.51.2
kernel-obs-build-debugsource-4.12.14-122.51.2
- SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):
kernel-docs-4.12.14-122.51.2
- SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-122.51.2
kernel-default-base-4.12.14-122.51.2
kernel-default-base-debuginfo-4.12.14-122.51.2
kernel-default-debuginfo-4.12.14-122.51.2
kernel-default-debugsource-4.12.14-122.51.2
kernel-default-devel-4.12.14-122.51.2
kernel-syms-4.12.14-122.51.2
- SUSE Linux Enterprise Server 12-SP5 (x86_64):
kernel-default-devel-debuginfo-4.12.14-122.51.2
- SUSE Linux Enterprise Server 12-SP5 (noarch):
kernel-devel-4.12.14-122.51.2
kernel-macros-4.12.14-122.51.2
kernel-source-4.12.14-122.51.2
- SUSE Linux Enterprise Server 12-SP5 (s390x):
kernel-default-man-4.12.14-122.51.2
- SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
kernel-default-debuginfo-4.12.14-122.51.2
kernel-default-debugsource-4.12.14-122.51.2
kernel-default-kgraft-4.12.14-122.51.2
kernel-default-kgraft-devel-4.12.14-122.51.2
kgraft-patch-4_12_14-122_51-default-1-8.5.2
- SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-122.51.2
cluster-md-kmp-default-debuginfo-4.12.14-122.51.2
dlm-kmp-default-4.12.14-122.51.2
dlm-kmp-default-debuginfo-4.12.14-122.51.2
gfs2-kmp-default-4.12.14-122.51.2
gfs2-kmp-default-debuginfo-4.12.14-122.51.2
kernel-default-debuginfo-4.12.14-122.51.2
kernel-default-debugsource-4.12.14-122.51.2
ocfs2-kmp-default-4.12.14-122.51.2
ocfs2-kmp-default-debuginfo-4.12.14-122.51.2
References:
https://www.suse.com/security/cve/CVE-2020-0430.html
https://www.suse.com/security/cve/CVE-2020-14351.html
https://www.suse.com/security/cve/CVE-2020-16120.html
https://www.suse.com/security/cve/CVE-2020-25285.html
https://www.suse.com/security/cve/CVE-2020-25656.html
https://www.suse.com/security/cve/CVE-2020-25705.html
https://www.suse.com/security/cve/CVE-2020-8694.html
https://bugzilla.suse.com/1055014
https://bugzilla.suse.com/1058115
https://bugzilla.suse.com/1061843
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1066382
https://bugzilla.suse.com/1077428
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1114648
https://bugzilla.suse.com/1131277
https://bugzilla.suse.com/1134760
https://bugzilla.suse.com/1157424
https://bugzilla.suse.com/1163592
https://bugzilla.suse.com/1167030
https://bugzilla.suse.com/1170415
https://bugzilla.suse.com/1171558
https://bugzilla.suse.com/1172538
https://bugzilla.suse.com/1173432
https://bugzilla.suse.com/1174748
https://bugzilla.suse.com/1175520
https://bugzilla.suse.com/1175721
https://bugzilla.suse.com/1176354
https://bugzilla.suse.com/1176485
https://bugzilla.suse.com/1176560
https://bugzilla.suse.com/1176723
https://bugzilla.suse.com/1176907
https://bugzilla.suse.com/1176946
https://bugzilla.suse.com/1177086
https://bugzilla.suse.com/1177101
https://bugzilla.suse.com/1177271
https://bugzilla.suse.com/1177281
https://bugzilla.suse.com/1177410
https://bugzilla.suse.com/1177411
https://bugzilla.suse.com/1177470
https://bugzilla.suse.com/1177719
https://bugzilla.suse.com/1177740
https://bugzilla.suse.com/1177749
https://bugzilla.suse.com/1177750
https://bugzilla.suse.com/1177753
https://bugzilla.suse.com/1177754
https://bugzilla.suse.com/1177755
https://bugzilla.suse.com/1177766
https://bugzilla.suse.com/1177855
https://bugzilla.suse.com/1177856
https://bugzilla.suse.com/1177861
https://bugzilla.suse.com/1178003
https://bugzilla.suse.com/1178027
https://bugzilla.suse.com/1178166
https://bugzilla.suse.com/1178185
https://bugzilla.suse.com/1178187
https://bugzilla.suse.com/1178188
https://bugzilla.suse.com/1178202
https://bugzilla.suse.com/1178234
https://bugzilla.suse.com/1178330
More information about the sle-security-updates
mailing list