SUSE-IU-2021:660-1: Security update of sles-15-sp2-chost-byos-v20210913

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Sep 14 10:39:16 UTC 2021


SUSE Image Update Advisory: sles-15-sp2-chost-byos-v20210913
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2021:660-1
Image Tags        : sles-15-sp2-chost-byos-v20210913:20210913
Image Release     : 
Severity          : critical
Type              : security
References        : 1027519 1065729 1085224 1094840 1113295 1137251 1153274 1154353
                        1155518 1156395 1160462 1165198 1172505 1176189 1176940 1177695
                        1179148 1179243 1179246 1180092 1180491 1181989 1183871 1183877
                        1184114 1184124 1184350 1184614 1184631 1184804 1185232 1185261
                        1185377 1185420 1185441 1185615 1185621 1185646 1185682 1185991
                        1185993 1186194 1186206 1186347 1186397 1186428 1186429 1186433
                        1186434 1186482 1186483 1186687 1187071 1187115 1187260 1187470
                        1187476 1187696 1187774 1187921 1187937 1188050 1188101 1188127
                        1188179 1188405 1188445 1188504 1188571 1188620 1188683 1188746
                        1188747 1188748 1188763 1188770 1188771 1188772 1188773 1188774
                        1188777 1188838 1188868 1188876 1188881 1188885 1188904 1188973
                        1189097 1189206 1189373 1189376 1189378 1189380 1189381 1189465
                        1189465 1189520 1189521 1189521 1189683 1189743 1189882 1190225
                        CVE-2019-19977 CVE-2020-12049 CVE-2021-0089 CVE-2021-21781 CVE-2021-22543
                        CVE-2021-28690 CVE-2021-28692 CVE-2021-28693 CVE-2021-28694 CVE-2021-28695
                        CVE-2021-28696 CVE-2021-28697 CVE-2021-28698 CVE-2021-28699 CVE-2021-28700
                        CVE-2021-36222 CVE-2021-3659 CVE-2021-3672 CVE-2021-3711 CVE-2021-3712
                        CVE-2021-3712 CVE-2021-37576 CVE-2021-38185 CVE-2021-38185 
-----------------------------------------------------------------

The container sles-15-sp2-chost-byos-v20210913 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2465-1
Released:    Fri Jul 23 14:56:48 2021
Summary:     Recommended update for shim
Type:        recommended
Severity:    moderate
References:  1185232,1185261,1185441,1185621,1187071,1187260,1187696
This update for shim fixes the following issues:

Update to shim to 15.4-4.7.1, Version: 15.4, 'Thu Jul 15 2021'
Update the SLE signatures

Includes fixes for various bugs in MOK handling and booting
(bsc#1187696, bsc#1185261, bsc#1185441, bsc#1187071, bsc#1185621,
bsc#1185261, bsc#1185232, bsc#1185261, bsc#1187260, bsc#1185232)

Remove shim-install because the shim-install is updated in the RPM.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2477-1
Released:    Tue Jul 27 13:32:50 2021
Summary:     Recommended update for growpart-rootgrow
Type:        recommended
Severity:    important
References:  1165198,1188179
This update for growpart-rootgrow fixes the following issues:

- Change the logic to determine the partition ID of the root filesystem
  (bsc#1188179)
  + Previously the algorithm depended on the order of the output
  from lsblk using an index to keep track of the known partitions.
  The new implementation is order independent, it depends on the
  partition ID being numerical in nature and at the end of the device
  string.

- Add coverage config.
  Omit version module from coverage check.

- Fix string formatting for flake8 formatting.

- Replace travis testing with GitHub actions.
  Add ci testing workflow action.

- Switch implementation to use Popen for Python 3.4 compatibility (bsc#1165198)

- Bump version: 1.0.2 → 1.0.3

- Fixed unit tests and style
  This clobbers several fixes into one. Sorry about it but I
  started on already made changes done by other people.
  This commit includes several pep8 style fixes mostly on
  the indentation level. In addition it fixes the unit
  tests to really cover all code and to make the exception
  tests really effective.

- Switch to use Popen instead of run
  The run() fuction in the subprocess module was implemented after
  Python 3.4. However, we need to support Python 3.4 for SLES 12

- Bump version: 1.0.1 → 1.0.2

- Package LICENSE file
  The LICENSE file is part of the source repo but was not
  packaged with the rpm package

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2481-1
Released:    Tue Jul 27 14:20:27 2021
Summary:     Recommended update for sysconfig
Type:        recommended
Severity:    moderate
References:  1184124
This update for sysconfig fixes the following issues:

- Link as Position Independent Executable (bsc#1184124).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2573-1
Released:    Thu Jul 29 14:21:52 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1188127
This update for timezone fixes the following issue:
- From systemd v249: when enumerating time zones the timedatectl tool will now consult the 'tzdata.zi' file shipped by
the IANA time zone database package, in addition to 'zone1970.tab', as before. This makes sure time zone aliases are
now correctly supported. This update adds the 'tzdata.zi' file (bsc#1188127).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2593-1
Released:    Mon Aug  2 15:40:22 2021
Summary:     Recommended update for suse-module-tools
Type:        recommended
Severity:    moderate
References:  1177695
This update for suse-module-tools provides the following fix:

- modprobe.d: Remove dma=none setting for parport_pc. (bsc#1177695)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2603-1
Released:    Wed Aug  4 10:09:08 2021
Summary:     Recommended update for sca-appliance-common, supportutils
Type:        recommended
Severity:    moderate
References:  1185991,1185993,1186347,1186397,1186687
This update for sca-appliance-common, supportutils fixes the following issues:

- Adding ethtool options to the supportconfigt. (jsc#SLE-18239, jsc#SLE-18344)
- Fixed and issue when 'lsof' causes performance problems. (bsc#1186687)
- Exclude 'rhn.conf' from 'etc.txt' to prevent supportconfig capturing passwords in clear text. (bsc#1186347)
- Fix 'analyzevmcore' to supports local directories. (bsc#1186397)
- Fix for 'getappcore' checking for valid compression binary. (bsc#1185991)
- Fixed 'getappcore' to prevent triggering errors with help message. (bsc#1185993)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2623-1
Released:    Thu Aug  5 11:54:08 2021
Summary:     Recommended update for samba
Type:        recommended
Severity:    moderate
References:  1185420
This update for samba fixes the following issues:

- Add 'msDS-AdditionalDnsHostName' to the keytab. (bsc#1185420)
- Add 'net-ads-join dnshostname' option. (bsc#1185420)
- Fix adding 'msDS-AdditionalDnsHostName' to keytab with Windows DC. (bsc#1185420)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2681-1
Released:    Thu Aug 12 14:59:06 2021
Summary:     Recommended update for growpart-rootgrow
Type:        recommended
Severity:    important
References:  1188868,1188904
This update for growpart-rootgrow fixes the following issues:

- Fix root partition ID lookup. Only consider trailing digits to be part of the paritition ID. (bsc#1188868) (bsc#1188904)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2689-1
Released:    Mon Aug 16 10:54:52 2021
Summary:     Security update for cpio
Type:        security
Severity:    important
References:  1189206,CVE-2021-38185
This update for cpio fixes the following issues:

It was possible to trigger Remote code execution due to a integer overflow (CVE-2021-38185, bsc#1189206)


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2756-1
Released:    Tue Aug 17 13:24:52 2021
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1065729,1085224,1094840,1113295,1153274,1154353,1155518,1156395,1176940,1179243,1180092,1183871,1184114,1184350,1184631,1184804,1185377,1186194,1186206,1186482,1186483,1187476,1188101,1188405,1188445,1188504,1188620,1188683,1188746,1188747,1188748,1188770,1188771,1188772,1188773,1188774,1188777,1188838,1188876,1188885,1188973,CVE-2021-21781,CVE-2021-22543,CVE-2021-3659,CVE-2021-37576
The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
- CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM SIGPAGE (bsc#1188445).
- CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM, which could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bsc#1186482).
- CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM guest OS user could cause host OS memory corruption via rtas_args.nargs (bsc#1188838).

The following non-security bugs were fixed:

- ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
- ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
- ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
- ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
- ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
- ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
- ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
- ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
- ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
- ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes).
- ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
- ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes).
- ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes).
- ARM: ensure the signal page contains defined contents (bsc#1188445).
- ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes).
- ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
- ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
- ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes).
- ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
- Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
- Bluetooth: Shutdown controller after workqueues are flushed or cancelled (git-fixes).
- Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip (git-fixes).
- Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc (git-fixes).
- Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes).
- Input: ili210x - add missing negation for touch indication on ili210x (git-fixes).
- KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771).
- KVM: nVMX: Consult only the 'basic' exit reason when routing nested exit (bsc#1188773).
- KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
- KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777).
- PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: Leave Apple Thunderbolt controllers on for s2idle or standby (git-fixes).
- PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: aardvark: Implement workaround for the readback value of VEND_ID (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
- PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
- PCI: quirks: fix false kABI positive (git-fixes).
- PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
- RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
- RDMA/cma: Protect RMW with qp_mutex (git-fixes).
- Revert 'ACPI: resources: Add checks for ACPI IRQ override' (git-fixes).
- Revert 'USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem' (git-fixes).
- Revert 'be2net: disable bh with spin_lock in be_process_mcc' (git-fixes).
- USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
- USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
- USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
- USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
- backlight: lm3630a: Fix return code of .update_status() callback (git-fixes).
- bcache: avoid oversized read request in cache missing code path (bsc#1184631).
- bcache: remove bcache device self-defined readahead (bsc#1184631).
- blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
- blk-mq: In blk_mq_dispatch_rq_list() 'no budget' is a reason to kick (bsc#1180092).
- blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (bsc#1180092).
- blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
- blk-mq: insert flush request to the front of dispatch queue (bsc#1180092).
- blk-mq: insert passthrough request into hctx->dispatch directly (bsc#1180092).
- bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274).
- bnxt_en: do not disable an already disabled PCI device (git-fixes).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353).
- bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
- cadence: force nonlinear buffers to be cloned (git-fixes).
- can: ems_usb: fix memory leak (git-fixes).
- can: esd_usb2: fix memory leak (git-fixes).
- can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
- can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes).
- can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
- can: usb_8dev: fix memory leak (git-fixes).
- ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
- clk: tegra: Ensure that PLLU configuration is applied properly (git-fixes).
- clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround (git-fixes).
- cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
- crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
- crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
- crypto: sun4i-ss - initialize need_fallback (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- crypto: virtio: Fix src/dst scatterlist calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
- cxgb4: fix IRQ free race during driver unload (git-fixes).
- dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
- dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
- drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
- drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
- drm/amd/display: Update scaling settings on modeset (git-fixes).
- drm/amd/display: Verify Gamma & Degamma LUT sizes in amdgpu_dm_atomic_check (git-fixes).
- drm/amd/display: fix incorrrect valid irq check (git-fixes).
- drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
- drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
- drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
- drm/arm/malidp: Always list modifiers (git-fixes).
- drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer() (git-fixes).
- drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init() (git-fixes).
- drm/msm/mdp4: Fix modifier support enabling (git-fixes).
- drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
- drm/radeon: Add the missed drm_gem_object_put() in radeon_user_framebuffer_create() (git-fixes).
- drm/sched: Avoid data corruptions (git-fixes).
- drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
- drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
- drm/virtio: Fix double free on probe failure (git-fixes).
- drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
- drm: Return -ENOTTY for non-drm ioctls (git-fixes).
- e1000e: Check the PCIm state (git-fixes).
- e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
- fbmem: Do not delete the mode that is still in use (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
- firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes).
- firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes).
- gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
- gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
- gtp: fix an use-before-init in gtp_newlink() (git-fixes).
- gve: Add DQO fields for core data structures (bsc#1176940).
- gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags (bsc#1176940).
- gve: Add dqo descriptors (bsc#1176940).
- gve: Add stats for gve (bsc#1176940).
- gve: Add support for DQO RX PTYPE map (bsc#1176940).
- gve: Add support for raw addressing device option (bsc#1176940).
- gve: Add support for raw addressing in the tx path (bsc#1176940).
- gve: Add support for raw addressing to the rx path (bsc#1176940).
- gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
- gve: Check TX QPL was actually assigned (bsc#1176940).
- gve: DQO: Add RX path (bsc#1176940).
- gve: DQO: Add TX path (bsc#1176940).
- gve: DQO: Add core netdev features (bsc#1176940).
- gve: DQO: Add ring allocation and initialization (bsc#1176940).
- gve: DQO: Configure interrupts on device up (bsc#1176940).
- gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
- gve: DQO: Remove incorrect prefetch (bsc#1176940).
- gve: Enable Link Speed Reporting in the driver (bsc#1176940).
- gve: Fix warnings reported for DQO patchset (bsc#1176940).
- gve: Get and set Rx copybreak via ethtool (bsc#1176940).
- gve: Introduce a new model for device options (bsc#1176940).
- gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
- gve: Make gve_rx_slot_page_info.page_offset an absolute offset (bsc#1176940).
- gve: Move some static functions to a common file (bsc#1176940).
- gve: NIC stats for report-stats and for ethtool (bsc#1176940).
- gve: Propagate error codes to caller (bsc#1176940).
- gve: Replace zero-length array with flexible-array member (bsc#1176940).
- gve: Rx Buffer Recycling (bsc#1176940).
- gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
- gve: Update adminq commands to support DQO queues (bsc#1176940).
- gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
- gve: Use link status register to report link status (bsc#1176940).
- gve: adminq: DQO specific device descriptor logic (bsc#1176940).
- gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
- i2c: core: Disable client irq on reboot/shutdown (git-fixes).
- i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
- i40e: Fix error handling in i40e_vsi_open (git-fixes).
- iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
- ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
- ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533).
- ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926).
- igb: Check if num of q_vectors is smaller than max before array access (git-fixes).
- igb: Fix an error handling path in 'igb_probe()' (git-fixes).
- igb: Fix position of assignment to *ring (git-fixes).
- igb: Fix use-after-free error during reset (git-fixes).
- igc: Fix an error handling path in 'igc_probe()' (git-fixes).
- igc: Fix use-after-free error during reset (git-fixes).
- igc: change default return of igc_read_phy_reg() (git-fixes).
- iio: accel: bma180: Use explicit member assignment (git-fixes).
- iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes).
- iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
- iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
- ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
- ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
- kABI workaround for pci/quirks.c (git-fixes).
- kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
- kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler (git-fixes).
- kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
- kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() (git-fixes).
- kprobes: fix kill kprobe which has been marked as gone (git-fixes).
- kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772).
- kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
- lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes).
- libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
- liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes).
- mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
- media, bpf: Do not copy more entries than user space requested (git-fixes).
- media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes).
- media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K (git-fixes).
- mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
- mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
- misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes).
- misc: alcor_pci: fix inverted branch condition (git-fixes).
- misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes).
- mmc: core: Allow UHS-I voltage switch for SDSC cards if supported (git-fixes).
- mt76: mt7603: set 0 as min coverage_class value (git-fixes).
- mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
- mt76: mt7615: increase MCU command timeout (git-fixes).
- mt76: set dma-done flag for flushed descriptors (git-fixes).
- mvpp2: suppress warning (git-fixes).
- net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
- net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
- net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
- net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
- net: dp83867: Fix OF_MDIO config check (git-fixes).
- net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
- net: gve: convert strlcpy to strscpy (bsc#1176940).
- net: gve: remove duplicated allowed (bsc#1176940).
- net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes).
- net: marvell: Fix OF_MDIO config check (git-fixes).
- net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
- net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes).
- net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
- net: wilc1000: clean up resource in error path of init mon interface (git-fixes).
- nfc: nfcsim: fix use after free during module unload (git-fixes).
- pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
- pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq() (git-fixes).
- pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
- platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes).
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes).
- platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes).
- platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes).
- platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
- power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: ab8500: Avoid NULL pointers (git-fixes).
- power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes).
- power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
- powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722).
- powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722).
- powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
- powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes).
- powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
- powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722).
- powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722).
- powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722).
- powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722).
- powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722).
- powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722).
- powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722).
- powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722).
- powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722).
- powerpc/stacktrace: Fix spurious 'stale' traces in raise_backtrace_ipi() (bsc#1156395).
- powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
- powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
- pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
- pwm: imx1: Do not disable clocks at device remove time (git-fixes).
- pwm: spear: Do not modify HW state in .remove callback (git-fixes).
- qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
- r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
- r8152: Fix potential PM refcount imbalance (bsc#1186194).
- r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM (git-fixes).
- ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
- rbd: always kick acquire on 'acquired' and 'released' notifications (bsc#1188746).
- rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747).
- regulator: hi6421: Fix getting wrong drvdata (git-fixes).
- regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes).
- replaced with upstream security mitigation cleanup
- reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
- rpm/kernel-binary.spec.in: Do not install usrmerged kernel on Leap (boo#1184804).
- rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes).
- rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
- rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
- scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
- sfp: Fix error handing in sfp_probe() (git-fixes).
- soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
- spi: cadence: Correct initialisation of runtime PM again (git-fixes).
- spi: imx: add a check for speed_hz before calculating the clock (git-fixes).
- spi: mediatek: fix fifo rx mode (git-fixes).
- staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
- thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes).
- tpm: efi: Use local variable for calculating final log size (git-fixes).
- tracing: Do not reference char * as a string in histograms (git-fixes).
- tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes).
- tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes).
- usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes).
- usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
- usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
- usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes).
- usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes).
- usb: max-3421: Prevent corruption of freed memory (git-fixes).
- usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes).
- uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes).
- virtio_console: Assure used length from device is limited (git-fixes).
- virtio_net: move tx vq operation under tx queue lock (git-fixes).
- vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
- w1: ds2438: fixing bug that would always get page0 (git-fixes).
- watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes).
- watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
- watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
- watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes).
- wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
- wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
- wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
- wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
- workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
- xen/events: reset active flag for lateeoi events later (git-fixes).
- xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
- xhci: Fix lost USB 2 remote wake (git-fixes).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2760-1
Released:    Tue Aug 17 17:11:14 2021
Summary:     Security update for c-ares
Type:        security
Severity:    important
References:  1188881,CVE-2021-3672
This update for c-ares fixes the following issues:

Version update to git snapshot 1.17.1+20200724:

- CVE-2021-3672: fixed missing input validation on hostnames returned by DNS servers (bsc#1188881)
- If ares_getaddrinfo() was terminated by an ares_destroy(), it would cause crash
- Crash in sortaddrinfo() if the list size equals 0 due to an unexpected DNS response
- Expand number of escaped characters in DNS replies as per RFC1035 5.1 to prevent spoofing
- Use unbuffered /dev/urandom for random data to prevent early startup performance issues

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2763-1
Released:    Tue Aug 17 17:16:22 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465
This update for cpio fixes the following issues:

- A regression in last update would cause builds to hang on various architectures(bsc#1189465)
  
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2780-1
Released:    Thu Aug 19 16:09:15 2021
Summary:     Recommended update for cpio
Type:        recommended
Severity:    critical
References:  1189465,CVE-2021-38185
This update for cpio fixes the following issues:

- A regression in the previous update could lead to crashes (bsc#1189465)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2800-1
Released:    Fri Aug 20 10:43:04 2021
Summary:     Security update for krb5
Type:        security
Severity:    important
References:  1188571,CVE-2021-36222
This update for krb5 fixes the following issues:

- CVE-2021-36222: Fixed KDC null deref on bad encrypted challenge. (bsc#1188571)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2805-1
Released:    Mon Aug 23 07:01:37 2021
Summary:     Recommended update for dracut
Type:        recommended
Severity:    moderate
References:  1185615,1185646,1187115,1187470,1187774
This update for dracut fixes the following issues:

- Correct man pages regarding the 'INITRD_MODULES' as some parts already invalid. (bsc#1187115)
- Fixed an issue when running mkinitrd inproper arch is being expanded. (bsc#1185615)
- Fix for 'suse-initrd' exclude modules that are built-in to prevent failing modules to be installed. (bsc#1185646)
- Fix informing on usage of obsolete -f parameter. (bsc#1187470)
- Fix reference to 'insmodpost module' in the documentation. (bsc#1187774)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2810-1
Released:    Mon Aug 23 12:14:30 2021
Summary:     Security update for dbus-1
Type:        security
Severity:    moderate
References:  1172505,CVE-2020-12049
This update for dbus-1 fixes the following issues:

- CVE-2020-12049: truncated messages lead to resource exhaustion. (bsc#1172505)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2830-1
Released:    Tue Aug 24 16:20:18 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1189520,1189521,CVE-2021-3711,CVE-2021-3712
This update for openssl-1_1 fixes the following security issues:

- CVE-2021-3711: A bug in the implementation of the SM2 decryption code
  could lead to buffer overflows. [bsc#1189520]

- CVE-2021-3712: a bug in the code for printing certificate details could
  lead to a buffer overrun that a malicious actor could exploit to crash
  the application, causing a denial-of-service attack. [bsc#1189521]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2871-1
Released:    Mon Aug 30 15:46:25 2021
Summary:     Recommended update for bind
Type:        recommended
Severity:    moderate
References:  1187921,1188763
This update for bind fixes the following issues:
    
- Fix an assertion failure in the 'rehash()' function (bsc#1188763)
  When calculating the new hashtable bitsize, there was an off-by-one error
  that would allow the new bitsize to be larger than maximum allowed.
- tsig-keygen is now used to generate DDNS keys (bsc#1187921)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2922-1
Released:    Thu Sep  2 10:10:17 2021
Summary:     Security update for xen
Type:        security
Severity:    important
References:  1027519,1137251,1176189,1179148,1179246,1180491,1181989,1183877,1185682,1186428,1186429,1186433,1186434,1188050,1189373,1189376,1189378,1189380,1189381,1189882,CVE-2021-0089,CVE-2021-28690,CVE-2021-28692,CVE-2021-28693,CVE-2021-28694,CVE-2021-28695,CVE-2021-28696,CVE-2021-28697,CVE-2021-28698,CVE-2021-28699,CVE-2021-28700
This update for xen fixes the following issues:

Update to Xen 4.13.3 general bug fix release (bsc#1027519).

Security issues fixed:

- CVE-2021-28693: xen/arm: Boot modules are not scrubbed (bsc#1186428)
- CVE-2021-28692: xen: inappropriate x86 IOMMU timeout detection / handling (bsc#1186429)
- CVE-2021-0089: xen: Speculative Code Store Bypass (bsc#1186433)
- CVE-2021-28690: xen: x86: TSX Async Abort protections not restored after S3 (bsc#1186434)
- CVE-2021-28694,CVE-2021-28695,CVE-2021-28696: IOMMU page mapping issues on x86 (XSA-378)(bsc#1189373).
- CVE-2021-28697: grant table v2 status pages may remain accessible after de-allocation (XSA-379)(bsc#1189376).
- CVE-2021-28698: long running loops in grant table handling (XSA-380)(bsc#1189378).
- CVE-2021-28699: inadequate grant-v2 status frames array bounds check (XSA-382)(bsc#1189380).
- CVE-2021-28700: No memory limit for dom0less domUs (XSA-383)(bsc#1189381).

Other issues fixed:

- Fixed 'Panic on CPU 0: IO-APIC + timer doesn't work!' (bsc#1180491)
- Fixed an issue with xencommons, where file format expecations by fillup did not allign (bsc#1185682)
- Fixed shell macro expansion in the spec file, so that ExecStart=
  in xendomains-wait-disks.service is created correctly (bsc#1183877)
- Upstream bug fixes (bsc#1027519)
- Fixed Xen SLES11SP4 guest hangs on cluster (bsc#1188050).
- xl monitoring process exits during xl save -p|-c keep the monitoring process running to cleanup the domU during shutdown (bsc#1176189).
- Dom0 hangs when pinning CPUs for dom0 with HVM guest (bsc#1179246).
- Prevent superpage allocation in the LAPIC and ACPI_INFO range (bsc#1189882).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2937-1
Released:    Fri Sep  3 09:18:45 2021
Summary:     Security update for libesmtp
Type:        security
Severity:    important
References:  1160462,1189097,CVE-2019-19977
This update for libesmtp fixes the following issues:

- CVE-2019-19977: Fixed stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2938-1
Released:    Fri Sep  3 09:19:36 2021
Summary:     Recommended update for openldap2
Type:        recommended
Severity:    moderate
References:  1184614

This update for openldap2 fixes the following issue:

- openldap2-contrib is shipped to the Legacy Module. (bsc#1184614)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2950-1
Released:    Fri Sep  3 11:59:19 2021
Summary:     Recommended update for pcre2
Type:        recommended
Severity:    moderate
References:  1187937
This update for pcre2 fixes the following issue:

- Equalizes the result of a function that may have different output on s390x if compared to older (bsc#1187937)
PHP versions.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:2962-1
Released:    Mon Sep  6 18:23:01 2021
Summary:     Recommended update for runc
Type:        recommended
Severity:    critical
References:  1189743
This update for runc fixes the following issues:

- Fixed an issue when toolbox container fails to start. (bsc#1189743)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:2966-1
Released:    Tue Sep  7 09:49:14 2021
Summary:     Security update for openssl-1_1
Type:        security
Severity:    low
References:  1189521,CVE-2021-3712
This update for openssl-1_1 fixes the following issues:

- CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. 
  Read buffer overruns processing ASN.1 strings (bsc#1189521).

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3001-1
Released:    Thu Sep  9 15:08:13 2021
Summary:     Recommended update for netcfg
Type:        recommended
Severity:    moderate
References:  1189683
This update for netcfg fixes the following issues:

- add submissions port/protocol to services file for message submission over TLS protocol [bsc#1189683]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:3022-1
Released:    Mon Sep 13 10:48:16 2021
Summary:     Recommended update for c-ares
Type:        recommended
Severity:    important
References:  1190225
This update for c-ares fixes the following issue:

- Allow '_' as part of DNS response. (bsc#1190225)
  - 'c-ares' 1.17.2 introduced response validation to prevent a security issue, however it was not listing '_' as a 
    valid character for domain name responses which caused issues when a 'CNAME' referenced a 'SRV' record which 
    contained underscores.



More information about the sle-security-updates mailing list