SUSE-SU-2021:0742-1: important: Security update for the Linux Kernel

sle-security-updates at sle-security-updates at
Tue Mar 9 21:34:54 UTC 2021

   SUSE Security Update: Security update for the Linux Kernel

Announcement ID:    SUSE-SU-2021:0742-1
Rating:             important
References:         #1065600 #1065729 #1078720 #1081134 #1084610 
                    #1114648 #1163617 #1163930 #1169514 #1170442 
                    #1176855 #1177440 #1178049 #1179082 #1179142 
                    #1179612 #1179709 #1180058 #1181346 #1181504 
                    #1181574 #1181671 #1181809 #1181854 #1181896 
                    #1181931 #1181960 #1181985 #1181987 #1181996 
                    #1181998 #1182038 #1182047 #1182118 #1182130 
                    #1182140 #1182171 #1182173 #1182175 #1182182 
                    #1182184 #1182195 #1182242 #1182243 #1182248 
                    #1182269 #1182302 #1182307 #1182310 #1182438 
                    #1182447 #1182448 #1182449 #1182460 #1182461 
                    #1182462 #1182463 #1182464 #1182465 #1182466 
                    #1182560 #1182561 #1182571 #1182590 #1182610 
                    #1182612 #1182650 #1182652 
Cross-References:   CVE-2021-3348
CVSS scores:
                    CVE-2021-3348 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3348 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP5
                    SUSE Linux Enterprise Software Development Kit 12-SP5
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Live Patching 12-SP5
                    SUSE Linux Enterprise High Availability 12-SP5

   An update that solves one vulnerability and has 67 fixes is
   now available.


   The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
   security and bugfixes.

   The following security bug was fixed:

   - CVE-2021-3348: Fixed a use-after-free read in nbd_queue_rq (bsc#1181504).

   The following non-security bugs were fixed:

   - ACPI: configfs: add missing check after
     configfs_register_default_group() (git-fixes).
   - ACPI: property: Fix fwnode string properties matching (git-fixes).
   - ACPI: property: Satisfy kernel doc validator (part 1) (git-fixes).
   - ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode
   - arm64: Update config file. Set CONFIG_WATCHDOG_SYSFS to true
   - ASoC: cs42l56: fix up error handling in probe (git-fixes).
   - ath9k: fix data bus crash when setting nf_override via debugfs
   - block: fix use-after-free in disk_part_iter_next (bsc#1182610).
   - Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the
     probe function (git-fixes).
   - Bluetooth: drop HCI device reference before return (git-fixes).
   - Bluetooth: Fix initializing response id after clearing struct
   - Bluetooth: Put HCI device if inquiry procedure interrupts (git-fixes).
   - bonding: Fix reference count leak in bond_sysfs_slave_add (git-fixes).
   - bonding: wait for sysfs kobject destruction before freeing struct slave
   - BTRFS: Cleanup try_flush_qgroup (bsc#1182047).
   - BTRFS: correctly calculate item size used when item key collision
     happens (bsc#1181996).
   - BTRFS: correctly validate compression type (bsc#1182269).
   - BTRFS: delete the ordered isize update code (bsc#1181998).
   - BTRFS: Do not flush from btrfs_delayed_inode_reserve_metadata
   - BTRFS: do not set path->leave_spinning for truncate (bsc#1181998).
   - BTRFS: factor out extent dropping code from hole punch handler
   - BTRFS: fix cloning range with a hole when using the NO_HOLES feature
   - BTRFS: fix data bytes_may_use underflow with fallocate due to failed
     quota reserve (bsc#1182130)
   - BTRFS: fix ENOSPC errors, leading to transaction aborts, when cloning
     extents (bsc#1182038).
   - BTRFS: fix hole extent items with a zero size after range cloning
   - BTRFS: fix lost i_size update after cloning inline extent (bsc#1181998).
   - BTRFS: fix mount failure caused by race with umount (bsc#1182248).
   - BTRFS: Fix race between extent freeing/allocation when using bitmaps
   - BTRFS: fix unexpected cow in run_delalloc_nocow (bsc#1181987).
   - BTRFS: fix unexpected failure of nocow buffered writes after
     snapshotting when low on space (bsc#1181987).
   - BTRFS: Free correct amount of space in
     btrfs_delayed_inode_reserve_metadata (bsc#1182047).
   - BTRFS: incremental send, fix file corruption when no-holes feature is
     enabled (bsc#1182184).
   - BTRFS: Introduce extent_io_tree::owner to distinguish different io_trees
   - BTRFS: introduce per-inode file extent tree (bsc#1181998).
   - BTRFS: prepare for extensions in compression options (bsc#1182269).
   - BTRFS: prop: fix vanished compression property after failed set
   - BTRFS: prop: fix zstd compression parameter validation (bsc#1182269).
   - BTRFS: Remove btrfs_inode from btrfs_delayed_inode_reserve_metadata
   - BTRFS: replace all uses of btrfs_ordered_update_i_size (bsc#1181998).
   - BTRFS: send, allow clone operations within the same file (bsc#1182173)
   - BTRFS: send, do not issue unnecessary truncate operations (bsc#1182173)
   - BTRFS: send, fix emission of invalid clone operations within the same
     file (bsc#1182173)
   - BTRFS: send, fix incorrect file layout after hole punching beyond eof
   - BTRFS: send: fix invalid clone operations when cloning from the same
     file and root (bsc#1182173)
   - BTRFS: send, fix missing truncate for inode with prealloc extent past
     eof (bsc#1182173).
   - BTRFS: send, orphanize first all conflicting inodes when processing
     references (bsc#1182243 bsc#1182242).
   - BTRFS: send, recompute reference path after orphanization of a directory
   - BTRFS: Simplify code flow in btrfs_delayed_inode_reserve_metadata
   - BTRFS: transaction: Avoid deadlock due to bad initialization timing of
     fs_info::journal_info (bsc#1181931).
   - BTRFS: Unlock extents in btrfs_zero_range in case of errors
   - BTRFS: Use bd_dev to generate index when dev_state_hashtable add items
   - BTRFS: use btrfs_ordered_update_i_size in clone_finish_inode_update
   - BTRFS: use the file extent tree infrastructure (bsc#1181998).
   - cifs: report error instead of invalid when revalidating a dentry fails
   - dm: avoid filesystem lookup in dm_get_dev_t() (bsc#1178049).
   - Drivers: hv: vmbus: Avoid use-after-free in vmbus_onoffer_rescind()
   - Exclude Symbols.list again. Removing the exclude builds
     vanilla/linux-next builds. Fixes: 55877625c800 ("
     Package the obj_install_dir as explicit filelist.")
   - ext4: do not remount read-only with errors=continue on reboot
   - ext4: fix a memory leak of ext4_free_data (bsc#1182447).
   - ext4: fix bug for rename with RENAME_WHITEOUT (bsc#1182449).
   - ext4: fix deadlock with fs freezing and EA inodes (bsc#1182463).
   - ext4: fix superblock checksum failure when setting password salt
   - fgraph: Initialize tracing_graph_pause at task creation (git-fixes).
   - firmware: imx: select SOC_BUS to fix firmware build (git-fixes).
   - Fix unsynchronized access to sev members through svm_register_enc_region
   - fs: fix lazytime expiration handling in __writeback_single_inode()
   - fs: move I_DIRTY_INODE to fs.h (bsc#1182612).
   - HID: core: detect and skip invalid inputs to snto32() (git-fixes).
   - HID: wacom: Ignore attempts to overwrite the touch_max value from HID
   - hwrng: timeriomem - Fix cooldown period calculation (git-fixes).
   - ibmvnic: Clear failover_pending if unable to schedule (bsc#1181960
   - ibmvnic: device remove has higher precedence over reset (bsc#1065729).
   - ibmvnic: fix a race between open and reset (bsc#1176855 ltc#187293).
   - ibmvnic: fix login buffer memory leak (bsc#1081134 ltc#164631).
   - ibmvnic: serialize access to work queue on remove (bsc#1065729).
   - ibmvnic: Set to CLOSED state even on error (bsc#1084610 ltc#165122
   - Input: elo - fix an error code in elo_connect() (git-fixes).
   - Input: joydev - prevent potential read overflow in ioctl (git-fixes).
   - iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
   - kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing
     PCI_COMMAND_MEMORY (bsc#1179612).
   - kernel-binary.spec: Add back initrd and image symlink ghosts to filelist
     (bsc#1182140). Fixes: 76a9256314c3 ("rpm/kernel-{source,binary}.spec: do
     not include ghost symlinks (boo#1179082).")
   - kernfs: deal with kernfs_fill_super() failures (bsc#1181809).
   - KVM: apic: Flush TLB after APIC mode/address change if VPIDs are in use
   - KVM: Fix kABI for set_virtual_apic_mode (bsc#1182310).
   - KVM: Fix kABI for tlb_flush (bsc#1182195).
   - kvm-vmx-Basic-APIC-virtualization-controls-have-thre.patch:
   - KVM: VMX: check for existence of secondary exec controls before
     accessing (bsc#1182438).
   - KVM: VMX: hide flexpriority from guest when disabled at the module level
   - kvm-vmx-Introduce-lapic_mode-enumeration.patch: (bsc#1182307).
   - KVM: x86: emulate RDPID (bsc#1182182).
   - KVM: x86: emulating RDPID failure shall return #UD rather than
   - KVM: X86: introduce invalidate_gpa argument to tlb flush (bsc#1182195).
   - libfs: fix error cast of negative value in simple_attr_write()
   - libnvdimm/dimm: Avoid race between probe and available_slots_show()
   - mac80211: fix potential overflow when multiplying to u32 integers
   - media: cx25821: Fix a bug when reallocating some dma memory (git-fixes).
   - media: media/pci: Fix memleak in empress_init (git-fixes).
   - media: pwc: Use correct device for DMA (git-fixes).
   - media: pxa_camera: declare variable when DEBUG is defined (git-fixes).
   - media: qm1d1c0042: fix error return code in qm1d1c0042_init()
   - media: tm6000: Fix memleak in tm6000_start_stream (git-fixes).
   - media: vsp1: Fix an error handling path in the probe function
   - mfd: wm831x-auxadc: Prevent use after free in wm831x_auxadc_read_irq()
   - misc: eeprom_93xx46: Add module alias to avoid breaking support for non
     device tree users (git-fixes).
   - misc: eeprom_93xx46: Fix module alias to enable module autoprobe
   - mmc: usdhi6rol0: Fix a resource leak in the error handling path of the
     probe (git-fixes).
   - mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage
     support is disabled (bsc#1181896 ltc#191273).
   - mm: thp: kABI: move the added flag to the end of enum (bsc#1181896
   - nbd: Fix memory leak in nbd_add_socket (bsc#1181504).
   - net: bcmgenet: add support for ethtool rxnfc flows (git-fixes).
   - net: bcmgenet: code movement (git-fixes).
   - net: bcmgenet: fix mask check in bcmgenet_validate_flow() (git-fixes).
   - net: bcmgenet: Fix WoL with password after deep sleep (git-fixes).
   - net: bcmgenet: re-remove bcmgenet_hfb_add_filter (git-fixes).
   - net: bcmgenet: set Rx mode before starting netif (git-fixes).
   - net: bcmgenet: use __be16 for htons(ETH_P_IP) (git-fixes).
   - net: bcmgenet: Use correct I/O accessors (git-fixes).
   - net: lpc-enet: fix error return code in lpc_mii_init() (git-fixes).
   - net/mlx4_en: Handle TX error CQE (bsc#1181854).
   - net: moxa: Fix a potential double 'free_irq()' (git-fixes).
   - net: sun: fix missing release regions in cas_init_one() (git-fixes).
   - nvme-multipath: Early exit if no path is available (git-fixes).
   - objtool: Do not fail on missing symbol table (bsc#1169514).
   - PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1179612).
   - powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning
     (bsc#1182571 ltc#191345).
   - powerpc: Fix alignment bug within the init sections (bsc#1065729).
   - powerpc/perf: Exclude kernel samples while counting events in user space
   - powerpc/perf/hv-24x7: Dont create sysfs event files for dummy events
     (bsc#1182118 ltc#190624).
   - powerpc/pseries/dlpar: handle ibm, configure-connector delay status
     (bsc#1181985 ltc#188074).
   - powerpc/pseries/eeh: Make pseries_pcibios_bus_add_device() static
     (bsc#1078720, git-fixes).
   - powerpc/pseries: extract host bridge from pci_bus prior to bus removal
     (bsc#1182171 ltc#190900).
   - powerpc/pseries/ras: Make init_ras_hotplug_IRQ() static (bsc#1065729.
   - power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (git-fixes).
   - ptrace: reintroduce usage of subjective credentials in ptrace_has_cap()
   - ptrace: Set PF_SUPERPRIV when checking capability (bsc#1163930).
   - quota: Fix error codes in v2_read_file_info() (bsc#1182652).
   - quota: Fix memory leak when handling corrupted quota file (bsc#1182650).
   - quota: Sanity-check quota file headers on load (bsc#1182461).
   - regulator: axp20x: Fix reference cout leak (git-fixes).
   - reiserfs: add check for an invalid ih_entry_count (bsc#1182462).
   - reset: hisilicon: correct vendor prefix (git-fixes).
   - rpm/ Avoid purge-kernel for the first installed kernel
   - s390/pci: adaptation of iommu to multifunction (bsc#1179612).
   - s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY
   - scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit
   - scsi: target: Fix truncated PR-in ReadKeys response (bsc#1182590).
   - scsi: target: fix unmap_zeroes_data boolean initialisation (bsc#1163617).
   - staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory
     rules (git-fixes).
   - tools lib traceevent: Fix "robust" test of do_generate_dynamic_list_file
   - tpm_tis: Clean up locality release (git-fixes).
   - tpm_tis: Fix check_locality for correct locality acquisition (git-fixes).
   - tracing: Check length before giving out the filter buffer (git-fixes).
   - tracing: Do not count ftrace events in top level enable output
   - USB: cdc-acm: blacklist another IR Droid device (git-fixes).
   - USB: dwc2: Abort transaction after errors with unknown reason
   - USB: dwc2: Make "trimming xfer length" a debug message (git-fixes).
   - USB: musb: Fix runtime PM race in mUSB_queue_resume_work (git-fixes).
   - USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000
   - USB: serial: cp210x: add pid/vid for WSDA-200-USB (git-fixes).
   - USB: serial: mos7720: fix error code in mos7720_write() (git-fixes).
   - USB: serial: mos7720: improve OOM-handling in read_mos_reg() (git-fixes).
   - USB: serial: mos7840: fix error code in mos7840_write() (git-fixes).
   - USB: serial: option: Adding support for Cinterion MV31 (git-fixes).
   - USB: serial: option: add LongSung M5710 module support (git-fixes).
   - USB: uas: Add PNY USB Portable SSD to unusual_uas (git-fixes).
   - USB: usblp: fix DMA to stack (git-fixes).
   - vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn
   - vmxnet3: Remove buf_info from device accessible structures (bsc#1181671).
   - writeback: Drop I_DIRTY_TIME_EXPIRE (bsc#1182460).
   - x86/apic: Add extra serialization for non-serializing MSRs (bsc#1114648).
   - x86/efistub: Disable paging at mixed mode entry (bsc#1114648).
   - x86/entry/64/compat: Fix "x86/entry/64/compat: Preserve r8-r11 in int
     $0x80" (bsc#1114648).
   - x86/entry/64/compat: Preserve r8-r11 in int $0x80 (bsc#1114648).
   - x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled
   - x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1114648).
   - xen-blkfront: allow discard-* nodes to be optional (bsc#1181346).
   - xen/netback: avoid race in xenvif_rx_ring_slots_available()
   - xen/netback: fix spurious event detection for common event case
   - xfs: reduce quota reservation when doing a dax unwritten extent
     conversion (git-fixes bsc#1182561).
   - xhci: fix bounce buffer usage for non-sg list case (git-fixes).

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP5:

      zypper in -t patch SUSE-SLE-WE-12-SP5-2021-742=1

   - SUSE Linux Enterprise Software Development Kit 12-SP5:

      zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-742=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-742=1

   - SUSE Linux Enterprise Live Patching 12-SP5:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2021-742=1

   - SUSE Linux Enterprise High Availability 12-SP5:

      zypper in -t patch SUSE-SLE-HA-12-SP5-2021-742=1

Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):


   - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):


   - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):


   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):


   - SUSE Linux Enterprise Server 12-SP5 (noarch):


   - SUSE Linux Enterprise Server 12-SP5 (x86_64):


   - SUSE Linux Enterprise Server 12-SP5 (s390x):


   - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):


   - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):



More information about the sle-security-updates mailing list