SUSE-SU-2021:1175-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Tue Apr 13 19:27:10 UTC 2021
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1175-1
Rating: important
References: #1065600 #1065729 #1103990 #1103991 #1103992
#1104270 #1104353 #1109837 #1111981 #1112374
#1113994 #1118657 #1118661 #1119113 #1126390
#1129770 #1132477 #1142635 #1152446 #1154048
#1169709 #1172455 #1173485 #1175165 #1176720
#1176855 #1178163 #1179243 #1179428 #1179454
#1179660 #1179755 #1180846 #1181507 #1181515
#1181544 #1181655 #1181674 #1181747 #1181753
#1181843 #1182011 #1182175 #1182485 #1182574
#1182715 #1182716 #1182717 #1183018 #1183022
#1183023 #1183378 #1183379 #1183380 #1183381
#1183382 #1183416 #1183509 #1183593 #1183646
#1183662 #1183686 #1183692 #1183696 #1183775
#1183861 #1183871 #1184114 #1184167 #1184168
#1184170 #1184192 #1184193 #1184196 #1184198
Cross-References: CVE-2020-0433 CVE-2020-27170 CVE-2020-27171
CVE-2020-27815 CVE-2020-29368 CVE-2020-29374
CVE-2020-35519 CVE-2021-26930 CVE-2021-26931
CVE-2021-26932 CVE-2021-27363 CVE-2021-27364
CVE-2021-27365 CVE-2021-28038 CVE-2021-28660
CVE-2021-28688 CVE-2021-28964 CVE-2021-28971
CVE-2021-28972 CVE-2021-29264 CVE-2021-29265
CVE-2021-29647 CVE-2021-3428 CVE-2021-3444
CVSS scores:
CVE-2020-0433 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-0433 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-27170 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-27171 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
CVE-2020-27815 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29368 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29368 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29374 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29374 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-26930 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-26930 (SUSE): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-26931 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-26931 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-26932 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-26932 (SUSE): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-28964 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28971 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3428 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3444 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3444 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________
An update that solves 24 vulnerabilities and has 51 fixes
is now available.
Description:
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184170).
- CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent
(bsc#1173485).
- CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed
attackers to obtain sensitive information from kernel memory because of
a partially uninitialized data structure (bsc#1184192 ).
- CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have
allowed attackers to cause a denial of service due to race conditions
during an update of the local and shared status (bsc#1184167).
- CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver
which could have allowed attackers to cause a system crash due to a
calculation of negative fragment size (bsc#1184168).
- CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a
new device name to the driver from userspace, allowing userspace to
write data to the kernel stack frame directly (bsc#1184198).
- CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could
have caused a system crash because the PEBS status in a PEBS record was
mishandled (bsc#1184196 ).
- CVE-2021-28964: Fixed a race condition in get_old_root which could have
allowed attackers to cause a denial of service (bsc#1184193).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).
- CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
(bsc#1183593 ).
- CVE-2021-28038: Fixed an issue with the netback driver which was lacking
necessary treatment of errors such as failed memory allocations
(bsc#1183022).
- CVE-2021-27365: Fixed an issue where an unprivileged user can send a
Netlink message that is associated with iSCSI, and has a length up to
the maximum length of a Netlink message (bsc#1182715).
- CVE-2021-27364: Fixed an issue where an attacker could craft Netlink
messages (bsc#1182717).
- CVE-2021-27363: Fixed a kernel pointer leak which could have been used
to determine the address of the iscsi_transport structure (bsc#1182716).
- CVE-2020-35519: Fixed an out-of-bounds memory access was found in
x25_bind (bsc#1183696).
- CVE-2020-27815: Fixed an issue in JFS filesystem where could have
allowed an attacker to execute code (bsc#1179454).
- CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory (bsc#1183775).
- CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre
mitigations and obtain sensitive information from kernel memory
(bsc#1183686).
- CVE-2021-26930: Fixed an improper error handling in blkback's grant
mapping (XSA-365 bsc#1181843).
- CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
mapping errors as bugs (XSA-362 bsc#1181753).
- CVE-2021-26932: Fixed improper error handling issues in Linux grant
mapping (XSA-361 bsc#1181747).
- CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write
implementation which could have granted unintended write access because
of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).
- CVE-2020-0433: Fixed a use after free due to improper locking which
could have led to local escalation of privilege (bsc#1176720).
The following non-security bugs were fixed:
- ACPI: scan: Rearrange memory allocation in acpi_device_add() (git-fixes).
- ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (git-fixes).
- ALSA: hda: Drop the BATCH workaround for AMD controllers (git-fixes).
- ALSA: hda/realtek: modify EAPD in the ALC886 (git-fixes).
- amba: Fix resource leak for drivers without .remove (git-fixes).
- bfq: Fix kABI for update internal depth state when queue depth changes
(bsc#1172455).
- bfq: update internal depth state when queue depth changes (bsc#1172455).
- block: rsxx: fix error return code of rsxx_pci_probe() (git-fixes).
- Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
(git-fixes).
- Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).
- Bluetooth: hci_uart: Fix a race for write_work scheduling (git-fixes).
- bpf: Add sanity check for upper ptr_limit (bsc#1183686 bsc#1183775).
- bpf: Fix 32 bit src register truncation on div/mod (bsc#1184170).
- bpf: fix subprog verifier bypass by div/mod by 0 exception (bsc#1184170).
- bpf: fix x64 JIT code generation for jmp to 1st insn (bsc#1178163).
- bpf_lru_list: Read double-checked variable once without lock (git-fixes).
- bpf: Simplify alu_limit masking for pointer arithmetic (bsc#1183686
bsc#1183775).
- bpf,x64: Pad NOPs to make images converge more easily (bsc#1178163).
- bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (git-fixes).
- can: c_can: move runtime PM enable/disable to c_can_platform (git-fixes).
- can: c_can_pci: c_can_pci_remove(): fix use-after-free (git-fixes).
- can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
(git-fixes).
- can: peak_usb: add forgotten supported devices (git-fixes).
- can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
(git-fixes).
- can: skb: can_skb_set_owner(): fix ref counting if socket was closed
before setting skb ownership (git-fixes).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs: check all path components in resolved dfs target (bsc#1179755).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- cifs: fix nodfs mount option (bsc#1179755).
- cifs: introduce helper for finding referral server (bsc#1179755).
- cifs: New optype for session operations (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
cxgb4 and ulds (bsc#1104270).
- dmaengine: hsu: disable spurious interrupt (git-fixes).
- drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if
(bsc#1129770) Backporting notes: * context changes
- drm/atomic: Create __drm_atomic_helper_crtc_reset() for subclassing
(bsc#1142635) Backporting notes: * taken for 427c4a0680a2 ("drm/vc4:
crtc: Rework a bit the CRTC state code") * renamed
drm_atomic_state_helper.{c,h} to drm_atomic_helper.{c,h} * context
changes
- drm: bridge: dw-hdmi: Avoid resetting force in the detect function
(bsc#1129770) Backporting notes: * context changes
- drm/compat: Clear bounce structures (bsc#1129770) Backporting notes: *
context changes
- drm/etnaviv: replace MMU flush marker with flush sequence (bsc#1154048)
Backporting notes: * context changes
- drm/gma500: Fix error return code in psb_driver_load() (bsc#1129770)
- drm/mediatek: Add missing put_device() call in mtk_drm_kms_init()
(bsc#1152446) Backporting notes: * context changes
- drm/mediatek: Fix aal size config (bsc#1129770) Backporting notes: *
access I/O memory with writel()
- drm: meson_drv add shutdown function (git-fixes).
- drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
(git-fixes).
- drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (bsc#1129770)
- drm/msm: fix shutdown hook in case GPU components failed to bind
(git-fixes).
- drm: mxsfb: check framebuffer pitch (bsc#1129770) Backporting notes: *
context changes
- drm/omap: fix max fclk divider for omap36xx (bsc#1152446)
- drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel (bsc#1129770)
- drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
(bsc#1129770) Backporting notes: * context changes
- drm/radeon: fix AGP dependency (git-fixes).
- drm: rcar-du: Put reference to VSP device (bsc#1129770) Backporting
notes: * context changes
- drm/vc4: crtc: Rework a bit the CRTC state code (bsc#1129770)
Backporting notes: * context changes
- drm/vc4: hdmi: Avoid sleeping in atomic context (bsc#1129770)
Backporting notes: * context changes
- ethernet: alx: fix order of calls on resume (git-fixes).
- fbdev: aty: SPARC64 requires FB_ATY_CT (bsc#1129770)
- firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
(git-fixes).
- futex: Prevent robust futex exit race (git-fixes).
- gma500: clean up error handling in init (bsc#1129770)
- gpiolib: acpi: Add missing IRQF_ONESHOT (git-fixes).
- HID: make arrays usage and value to be the same (git-fixes).
- i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (git-fixes).
- i40e: Add zero-initialization of AQ command structures (bsc#1109837
bsc#1111981).
- i40e: Fix add TC filter for IPv6 (bsc#1109837 bsc#1111981 ).
- i40e: Fix endianness conversions (bsc#1109837 bsc#1111981 ).
- IB/mlx5: Return appropriate error code instead of ENOMEM (bsc#1103991).
- ibmvnic: add comments for spinlock_t definitions (bsc#1184114 ltc#192237
bsc#1183871 ltc#192139).
- ibmvnic: add memory barrier to protect long term buffer (bsc#1184114
ltc#192237 bsc#1182485 ltc#191591).
- ibmvnic: always store valid MAC address (bsc#1182011 ltc#191844).
- ibmvnic: avoid multiple line dereference (bsc#1184114 ltc#192237
bsc#1183871 ltc#192139).
- ibmvnic: compare adapter->init_done_rc with more readable
ibmvnic_rc_codes (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: Correctly re-enable interrupts in NAPI polling routine
(bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: create send_control_ip_offload (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: create send_query_ip_offload (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: Do not replenish RX buffers after every polling loop
(bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: Ensure that CRQ entry read are correctly ordered (bsc#1184114
ltc#192237 bsc#1182485 ltc#191591).
- ibmvnic: Ensure that device queue memory is cache-line aligned
(bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: Ensure that SCRQ entry reads are correctly ordered (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: fix block comments (bsc#1184114 ltc#192237 bsc#1183871
ltc#192139).
- ibmvnic: fix braces (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: fix miscellaneous checks (bsc#1184114 ltc#192237 bsc#1183871
ltc#192139).
- ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: Fix possibly uninitialized old_num_tx_queues variable warning
(bsc#1184114 ltc#192237).
- ibmvnic: Fix TX completion error handling (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: Fix use-after-free of VNIC login response buffer (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: handle inconsistent login with reset (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: Harden device Command Response Queue handshake (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: improve ibmvnic_init and ibmvnic_reset_init (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: merge do_change_param_reset into do_reset (bsc#1184114
ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: merge ibmvnic_reset_init and ibmvnic_init (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: no reset timeout for 5 seconds after reset (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: prefer strscpy over strlcpy (bsc#1184114 ltc#192237 bsc#1183871
ltc#192139).
- ibmvnic: prefer 'unsigned long' over 'unsigned long int' (bsc#1184114
ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: reduce wait for completion time (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: remove excessive irqsave (bsc#1065729).
- ibmvnic: remove never executed if statement (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: remove unnecessary rmb() inside ibmvnic_poll (bsc#1184114
ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: remove unused spinlock_t stats_lock definition (bsc#1184114
ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: rename ibmvnic_send_req_caps to send_request_cap (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: rename send_cap_queries to send_query_cap (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: rename send_map_query to send_query_map (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: rework to ensure SCRQ entry reads are properly ordered
(bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
- ibmvnic: send_login should check for crq errors (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: simplify reset_long_term_buff function (bsc#1184114 ltc#192237
bsc#1183023 ltc#191791).
- ibmvnic: skip send_request_unmap for timeout reset (bsc#1184114
ltc#192237 bsc#1182485 ltc#191591).
- ibmvnic: skip tx timeout reset while in resetting (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: stop free_all_rwi on failed reset (bsc#1184114 ltc#192237
bsc#1179243 ltc#189290).
- ibmvnic: store RX and TX subCRQ handle array in ibmvnic_adapter struct
(bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: substitute mb() with dma_wmb() for send_*crq* functions
(bsc#1184114 ltc#192237 bsc#1183023 ltc#191791).
- ibmvnic: track pending login (bsc#1184114 ltc#192237 bsc#1179243
ltc#189290).
- ibmvnic: Use netdev_alloc_skb instead of alloc_skb to replenish RX
buffers (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
- ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114
ltc#192237).
- ice: Account for port VLAN in VF max packet size calculation
(bsc#1118661).
- igc: check return value of ret_val in igc_config_fc_after_link_up
(bsc#1118657).
- igc: Report speed and duplex as unknown when device is runtime suspended
(jsc#SLE-4799).
- igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr
(bsc#1118657).
- iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel
(git-fixes).
- iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler
(git-fixes).
- iio: hid-sensor-humidity: Fix alignment issue of timestamp channel
(git-fixes).
- iio: hid-sensor-prox: Fix scale not correct issue (git-fixes).
- iio: hid-sensor-temperature: Fix issues of timestamp channel (git-fixes).
- Input: i8042 - add ASUS Zenbook Flip to noselftest list (git-fixes).
- Input: i8042 - unbreak Pegatron C15B (git-fixes).
- Input: raydium_ts_i2c - do not send zero length (git-fixes).
- Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox
Series X|S (git-fixes).
- Input: xpad - sync supported devices with fork on GitHub (git-fixes).
- iommu/amd: Fix sleeping in atomic in increase_address_space()
(bsc#1183378).
- iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183379).
- iommu/vt-d: Avoid panic if iommu init fails in tboot system
(bsc#1183380).
- iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183381).
- ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (bsc#1113994).
- kABI: Fix kABI after modifying struct __call_single_data (bsc#1180846).
- kabi/severities: Add rtas_online_cpus_mask, rtas_offline_cpus_mask
- kernel/smp: add boot parameter for controlling CSD lock debugging
(bsc#1180846).
- kernel/smp: add more data to CSD lock debugging (bsc#1180846).
- kernel/smp: prepare more CSD lock debugging (bsc#1180846).
- kernel/smp: Provide CSD lock timeout diagnostics (bsc#1180846).
- KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
(bsc#1183382).
- lib/crc32test: remove extra local_irq_disable/enable (git-fixes).
- mac80211: fix double free in ibss_leave (git-fixes).
- mac80211: fix rate mask reset (git-fixes).
- media: usbtv: Fix deadlock on suspend (git-fixes).
- media: uvcvideo: Allow entities with no pads (git-fixes).
- misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
(git-fixes).
- mmc: core: Fix partition switch time for eMMC (git-fixes).
- mmc: core: Use DEFINE_DEBUGFS_ATTRIBUTE instead of
DEFINE_SIMPLE_ATTRIBUTE.
- mmc: cqhci: Fix random crash when remove mmc module/card (git-fixes).
- mmc: sdhci-esdhc-imx: fix kernel panic when remove module (git-fixes).
- mmc: sdhci-of-arasan: Add missed checks for devm_clk_register()
(git-fixes).
- mwifiex: pcie: skip cancel_work_sync() on reset failure path (git-fixes).
- net: bridge: use switchdev for port flags set through sysfs too
(bsc#1112374).
- net: cdc-phonet: fix data-interface release on probe failure (git-fixes).
- net: core: introduce __netdev_notify_peers (bsc#1184114 ltc#192237
bsc#1183871 ltc#192139).
- net: ethernet: ibm: ibmvnic: Fix some kernel-doc misdemeanours
(bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
- net: hns3: add a check for index in hclge_get_rss_key() (bsc#1126390).
- net: hns3: add a check for queue_id in hclge_reset_vf_queue()
(bsc#1104353).
- net: hns3: fix bug when calculating the TCAM table info (bsc#1104353).
- net: hns3: fix query vlan mask value error for flow director
(bsc#1104353).
- net/mlx5e: Update max_opened_tc also when channels are closed
(bsc#1103990).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for
KSZ8081 (bsc#1119113).
- net: re-solve some conflicts after net -> net-next merge (bsc#1184114
ltc#192237 bsc#1176855 ltc#187293).
- net: usb: ax88179_178a: fix missing stop entry in driver_info
(git-fixes).
- net: usb: qmi_wwan: allow qmimux add/del with master up (git-fixes).
- PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
(git-fixes).
- PCI: Align checking of syscall user config accessors (git-fixes).
- phy: rockchip-emmc: emmc_phy_init() always return 0 (git-fixes).
- platform/x86: i2c-multi-instantiate: Do not create platform device for
INT3515 ACPI nodes (git-fixes).
- powerpc/book3s64/radix: Remove WARN_ON in destroy_context() (bsc#1183692
ltc#191963).
- powerpc: Convert to using %pOFn instead of device_node.name (bsc#1181674
ltc#189159).
- powerpc: Fix some spelling mistakes (bsc#1181674 ltc#189159).
- powerpc/hvcall: add token and codes for H_VASI_SIGNAL (bsc#1181674
ltc#189159).
- powerpc: kABI: add back suspend_disable_cpu in machdep_calls
(bsc#1181674 ltc#189159).
- powerpc/machdep: remove suspend_disable_cpu() (bsc#1181674 ltc#189159).
- powerpc/mm/pkeys: Make pkey access check work on execute_only_key
(bsc#1181544 ltc#191080 git-fixes).
- powerpc/numa: Fix build when CONFIG_NUMA=n (bsc#1132477 ltc#175530).
- powerpc/numa: make vphn_enabled, prrn_enabled flags const (bsc#1181674
ltc#189159).
- powerpc/numa: remove ability to enable topology updates (bsc#1181674
ltc#189159).
- powerpc/numa: remove arch_update_cpu_topology (bsc#1181674 ltc#189159).
- powerpc/numa: Remove late request for home node associativity
(bsc#1181674 ltc#189159).
- powerpc/numa: remove prrn_is_enabled() (bsc#1181674 ltc#189159).
- powerpc/numa: remove start/stop_topology_update() (bsc#1181674
ltc#189159).
- powerpc/numa: remove timed_topology_update() (bsc#1181674 ltc#189159).
- powerpc/numa: remove unreachable topology timer code (bsc#1181674
ltc#189159).
- powerpc/numa: remove unreachable topology update code (bsc#1181674
ltc#189159).
- powerpc/numa: remove unreachable topology workqueue code (bsc#1181674
ltc#189159).
- powerpc/numa: remove vphn_enabled and prrn_enabled internal flags
(bsc#1181674 ltc#189159).
- powerpc/numa: stub out numa_update_cpu_topology() (bsc#1181674
ltc#189159).
- powerpc/numa: Suppress "VPHN is not supported" messages (bsc#1181674
ltc#189159).
- powerpc/pseries: Add empty update_numa_cpu_lookup_table() for NUMA=n
(bsc#1181674 ltc#189159).
- powerpc/pseries: Do not enforce MSI affinity with kdump (bsc#1181655
ltc#190855).
- powerpc/pseries: Generalize hcall_vphn() (bsc#1181674 ltc#189159).
- powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend
ops (bsc#1181674 ltc#189159).
- powerpc/pseries/hibernation: pass stream id via function arguments
(bsc#1181674 ltc#189159).
- powerpc/pseries/hibernation: perform post-suspend fixups later
(bsc#1181674 ltc#189159).
- powerpc/pseries/hibernation: remove prepare_late() callback (bsc#1181674
ltc#189159).
- powerpc/pseries/hibernation: remove pseries_suspend_cpu() (bsc#1181674
ltc#189159).
- powerpc/pseries/hibernation: switch to rtas_ibm_suspend_me()
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: add missing break to default case (bsc#1181674
ltc#189159).
- powerpc/pseries/mobility: Add pr_debug() for device tree changes
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: do not error on absence of ibm, update-nodes
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: error message improvements (bsc#1181674
ltc#189159).
- powerpc/pseries/mobility: extract VASI session polling logic
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: handle premature return from H_JOIN
(bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/mobility: refactor node lookup during DT update
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: retry partition suspend after error
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: Set pr_fmt() (bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: signal suspend cancellation to platform
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: use rtas_activate_firmware() on resume
(bsc#1181674 ltc#189159).
- powerpc/pseries/mobility: use stop_machine for join/suspend (bsc#1181674
ltc#189159).
- powerpc/pseries/mobility: use struct for shared state (bsc#1181674
ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries: remove dlpar_cpu_readd() (bsc#1181674 ltc#189159).
- powerpc/pseries: remove memory "re-add" implementation (bsc#1181674
ltc#189159).
- powerpc/pseries: remove obsolete memory hotplug DT notifier code
(bsc#1181674 ltc#189159).
- powerpc/pseries: remove prrn special case from DT update path
(bsc#1181674 ltc#189159).
- powerpc/rtas: add rtas_activate_firmware() (bsc#1181674 ltc#189159).
- powerpc/rtas: add rtas_ibm_suspend_me() (bsc#1181674 ltc#189159).
- powerpc/rtas: complete ibm,suspend-me status codes (bsc#1181674
ltc#189159).
- powerpc/rtas: dispatch partition migration requests to pseries
(bsc#1181674 ltc#189159).
- powerpc/rtasd: simplify handle_rtas_event(), emit message on events
(bsc#1181674 ltc#189159).
- powerpc/rtas: prevent suspend-related sys_rtas use on LE (bsc#1181674
ltc#189159).
- powerpc/rtas: remove rtas_ibm_suspend_me_unsafe() (bsc#1181674
ltc#189159).
- powerpc/rtas: remove rtas_suspend_cpu() (bsc#1181674 ltc#189159).
- powerpc/rtas: remove unused rtas_suspend_last_cpu() (bsc#1181674
ltc#189159).
- powerpc/rtas: remove unused rtas_suspend_me_data (bsc#1181674
ltc#189159).
- powerpc/rtas: rtas_ibm_suspend_me -> rtas_ibm_suspend_me_unsafe
(bsc#1181674 ltc#189159).
- powerpc/rtas: Unexport rtas_online_cpus_mask, rtas_offline_cpus_mask
(bsc#1181674 ltc#189159).
- powerpc/vio: Use device_type to detect family (bsc#1181674 ltc#189159).
- printk: fix deadlock when kernel panic (bsc#1183018).
- pseries/drmem: do not cache node id in drmem_lmb struct (bsc#1132477
ltc#175530).
- pseries/hotplug-memory: hot-add: skip redundant LMB lookup (bsc#1132477
ltc#175530).
- pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
(git-fixes).
- qxl: Fix uninitialised struct field head.surface_id (git-fixes).
- random: fix the RNDRESEEDCRNG ioctl (git-fixes).
- rcu: Allow only one expedited GP to run concurrently with (git-fixes)
- rcu: Fix missed wakeup of exp_wq waiters (git-fixes)
- RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation (bsc#1103991).
- RDMA/rxe: Remove useless code in rxe_recv.c (bsc#1103992 ).
- RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
(bsc#1169709)
- RDMA/uverbs: Fix kernel-doc warning of _uverbs_alloc (bsc#1103992).
- Revert "ibmvnic: remove never executed if statement" (bsc#1184114
ltc#192237 bsc#1179243 ltc#189290).
- rpadlpar: fix potential drc_name corruption in store functions
(bsc#1183416 ltc#191079).
- rsxx: Return -EFAULT if copy_to_user() fails (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/crypto: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/dasd: fix hanging offline processing due to canceled worker
(bsc#1175165).
- s390/dasd: fix hanging offline processing due to canceled worker
(bsc#1175165).
- s390/vtime: fix increased steal time accounting (bsc#1183861).
- sched/fair: Fix wrong cpu selecting from isolated domain (git-fixes)
- sched/vtime: Fix guest/system mis-accounting on task switch (git-fixes)
- scsi: lpfc: Change wording of invalid pci reset log message
(bsc#1182574).
- scsi: lpfc: Correct function header comments related to ndlp reference
counting (bsc#1182574).
- scsi: lpfc: Fix ADISC handling that never frees nodes (bsc#1182574).
- scsi: lpfc: Fix ancient double free (bsc#1182574).
- scsi: lpfc: Fix crash caused by switch reboot (bsc#1182574).
- scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery
(bsc#1182574).
- scsi: lpfc: Fix EEH encountering oops with NVMe traffic (bsc#1182574).
- scsi: lpfc: Fix FLOGI failure due to accessing a freed node
(bsc#1182574).
- scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
(bsc#1182574).
- scsi: lpfc: Fix kerneldoc inconsistency in lpfc_sli4_dump_page_a0()
(bsc#1182574).
- scsi: lpfc: Fix lpfc_els_retry() possible null pointer dereference
(bsc#1182574).
- scsi: lpfc: Fix nodeinfo debugfs output (bsc#1182574).
- scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
(bsc#1182574).
- scsi: lpfc: Fix 'physical' typos (bsc#1182574).
- scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN (bsc#1182574).
- scsi: lpfc: Fix pt2pt connection does not recover after LOGO
(bsc#1182574).
- scsi: lpfc: Fix pt2pt state transition causing rmmod hang (bsc#1182574).
- scsi: lpfc: Fix reftag generation sizing errors (bsc#1182574).
- scsi: lpfc: Fix stale node accesses on stale RRQ request (bsc#1182574).
- scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
(bsc#1182574).
- scsi: lpfc: Fix unnecessary null check in lpfc_release_scsi_buf
(bsc#1182574).
- scsi: lpfc: Fix use after free in lpfc_els_free_iocb (bsc#1182574).
- scsi: lpfc: Fix vport indices in lpfc_find_vport_by_vpid() (bsc#1182574).
- scsi: lpfc: Reduce LOG_TRACE_EVENT logging for vports (bsc#1182574).
- scsi: lpfc: Update copyrights for 12.8.0.7 and 12.8.0.8 changes
(bsc#1182574).
- scsi: lpfc: Update lpfc version to 12.8.0.8 (bsc#1182574).
- selinux: never allow relabeling on context mounts (git-fixes).
- smb3: add dynamic trace point to trace when credits obtained
(bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight
(bsc#1181507).
- smp: Add source and destination CPUs to __call_single_data (bsc#1180846).
- Update config files: activate CONFIG_CSD_LOCK_WAIT_DEBUG for x86
(bsc#1180846).
- Update config files: disable CONFIG_CSD_LOCK_WAIT_DEBUG (bsc#1180846).
- USB: gadget: f_uac2: always increase endpoint max_packet_size by one
audio slot (git-fixes).
- USBip: fix stub_dev to check for stream socket (git-fixes).
- USBip: fix stub_dev usbip_sockfd_store() races leading to gpf
(git-fixes).
- USBip: Fix unsafe unaligned pointer usage (git-fixes).
- USBip: fix vhci_hcd attach_store() races leading to gpf (git-fixes).
- USBip: fix vhci_hcd to check for stream socket (git-fixes).
- USBip: tools: fix build error for multiple definition (git-fixes).
- USB: quirks: add quirk to start video capture on ELMO L-12F document
camera reliable (git-fixes).
- USB: replace hardcode maximum usb string length by definition
(git-fixes).
- USB: serial: io_edgeport: fix memory leak in edge_startup (git-fixes).
- USB: serial: option: add Quectel EM160R-GL (git-fixes).
- USB-storage: Add quirk to defeat Kindle's automatic unload (git-fixes).
- USB: usblp: do not call usb_set_interface if there's a single alt
(git-commit).
- use __netdev_notify_peers in ibmvnic (bsc#1184114 ltc#192237 bsc#1183871
ltc#192139).
- video: fbdev: acornfb: remove free_unused_pages() (bsc#1129770)
- video: fbdev: atmel_lcdfb: fix return error code in (bsc#1129770)
Backporting notes: * context changes * fallout from trailing
whitespaces
- wlcore: Fix command execute failure 19 for wl12xx (git-fixes).
- xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022
XSA-367).
- xen/netback: avoid race in xenvif_rx_ring_slots_available()
(bsc#1065600).
- xen/netback: fix spurious event detection for common event case
(bsc#1182175).
- xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022
XSA-367).
- xfs: Fix assert failure in xfs_setattr_size() (git-fixes).
- xsk: Remove dangling function declaration from header file (bsc#1109837).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1175=1
Package List:
- SUSE Linux Enterprise Server 12-SP5 (x86_64):
kernel-azure-4.12.14-16.50.1
kernel-azure-base-4.12.14-16.50.1
kernel-azure-base-debuginfo-4.12.14-16.50.1
kernel-azure-debuginfo-4.12.14-16.50.1
kernel-azure-debugsource-4.12.14-16.50.1
kernel-azure-devel-4.12.14-16.50.1
kernel-syms-azure-4.12.14-16.50.1
- SUSE Linux Enterprise Server 12-SP5 (noarch):
kernel-devel-azure-4.12.14-16.50.1
kernel-source-azure-4.12.14-16.50.1
References:
https://www.suse.com/security/cve/CVE-2020-0433.html
https://www.suse.com/security/cve/CVE-2020-27170.html
https://www.suse.com/security/cve/CVE-2020-27171.html
https://www.suse.com/security/cve/CVE-2020-27815.html
https://www.suse.com/security/cve/CVE-2020-29368.html
https://www.suse.com/security/cve/CVE-2020-29374.html
https://www.suse.com/security/cve/CVE-2020-35519.html
https://www.suse.com/security/cve/CVE-2021-26930.html
https://www.suse.com/security/cve/CVE-2021-26931.html
https://www.suse.com/security/cve/CVE-2021-26932.html
https://www.suse.com/security/cve/CVE-2021-27363.html
https://www.suse.com/security/cve/CVE-2021-27364.html
https://www.suse.com/security/cve/CVE-2021-27365.html
https://www.suse.com/security/cve/CVE-2021-28038.html
https://www.suse.com/security/cve/CVE-2021-28660.html
https://www.suse.com/security/cve/CVE-2021-28688.html
https://www.suse.com/security/cve/CVE-2021-28964.html
https://www.suse.com/security/cve/CVE-2021-28971.html
https://www.suse.com/security/cve/CVE-2021-28972.html
https://www.suse.com/security/cve/CVE-2021-29264.html
https://www.suse.com/security/cve/CVE-2021-29265.html
https://www.suse.com/security/cve/CVE-2021-29647.html
https://www.suse.com/security/cve/CVE-2021-3428.html
https://www.suse.com/security/cve/CVE-2021-3444.html
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1103990
https://bugzilla.suse.com/1103991
https://bugzilla.suse.com/1103992
https://bugzilla.suse.com/1104270
https://bugzilla.suse.com/1104353
https://bugzilla.suse.com/1109837
https://bugzilla.suse.com/1111981
https://bugzilla.suse.com/1112374
https://bugzilla.suse.com/1113994
https://bugzilla.suse.com/1118657
https://bugzilla.suse.com/1118661
https://bugzilla.suse.com/1119113
https://bugzilla.suse.com/1126390
https://bugzilla.suse.com/1129770
https://bugzilla.suse.com/1132477
https://bugzilla.suse.com/1142635
https://bugzilla.suse.com/1152446
https://bugzilla.suse.com/1154048
https://bugzilla.suse.com/1169709
https://bugzilla.suse.com/1172455
https://bugzilla.suse.com/1173485
https://bugzilla.suse.com/1175165
https://bugzilla.suse.com/1176720
https://bugzilla.suse.com/1176855
https://bugzilla.suse.com/1178163
https://bugzilla.suse.com/1179243
https://bugzilla.suse.com/1179428
https://bugzilla.suse.com/1179454
https://bugzilla.suse.com/1179660
https://bugzilla.suse.com/1179755
https://bugzilla.suse.com/1180846
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181515
https://bugzilla.suse.com/1181544
https://bugzilla.suse.com/1181655
https://bugzilla.suse.com/1181674
https://bugzilla.suse.com/1181747
https://bugzilla.suse.com/1181753
https://bugzilla.suse.com/1181843
https://bugzilla.suse.com/1182011
https://bugzilla.suse.com/1182175
https://bugzilla.suse.com/1182485
https://bugzilla.suse.com/1182574
https://bugzilla.suse.com/1182715
https://bugzilla.suse.com/1182716
https://bugzilla.suse.com/1182717
https://bugzilla.suse.com/1183018
https://bugzilla.suse.com/1183022
https://bugzilla.suse.com/1183023
https://bugzilla.suse.com/1183378
https://bugzilla.suse.com/1183379
https://bugzilla.suse.com/1183380
https://bugzilla.suse.com/1183381
https://bugzilla.suse.com/1183382
https://bugzilla.suse.com/1183416
https://bugzilla.suse.com/1183509
https://bugzilla.suse.com/1183593
https://bugzilla.suse.com/1183646
https://bugzilla.suse.com/1183662
https://bugzilla.suse.com/1183686
https://bugzilla.suse.com/1183692
https://bugzilla.suse.com/1183696
https://bugzilla.suse.com/1183775
https://bugzilla.suse.com/1183861
https://bugzilla.suse.com/1183871
https://bugzilla.suse.com/1184114
https://bugzilla.suse.com/1184167
https://bugzilla.suse.com/1184168
https://bugzilla.suse.com/1184170
https://bugzilla.suse.com/1184192
https://bugzilla.suse.com/1184193
https://bugzilla.suse.com/1184196
https://bugzilla.suse.com/1184198
More information about the sle-security-updates
mailing list