SUSE-SU-2021:1617-1: important: Security update for the Linux Kernel
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Mon May 17 13:15:48 UTC 2021
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1617-1
Rating: important
References: #1165629 #1173485 #1176720 #1178181 #1182715
#1182716 #1182717 #1183022 #1183069 #1183593
#1184120 #1184167 #1184168 #1184194 #1184198
#1184208 #1184211 #1184391 #1184393 #1184397
#1184509 #1184611 #1184952 #1185555 #1185556
#1185557
Cross-References: CVE-2020-0433 CVE-2020-1749 CVE-2020-25670
CVE-2020-25671 CVE-2020-25672 CVE-2020-25673
CVE-2020-36312 CVE-2020-36322 CVE-2021-20219
CVE-2021-27363 CVE-2021-27364 CVE-2021-27365
CVE-2021-28038 CVE-2021-28660 CVE-2021-28950
CVE-2021-28972 CVE-2021-29154 CVE-2021-29264
CVE-2021-29265 CVE-2021-29650 CVE-2021-30002
CVE-2021-3483
CVSS scores:
CVE-2020-0433 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-0433 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-1749 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2021-20219 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28038 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29650 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29650 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Server 12-SP2-LTSS-SAP
SUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON
SUSE Linux Enterprise Server 12-SP2-BCL
______________________________________________________________________________
An update that solves 22 vulnerabilities and has four fixes
is now available.
Description:
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a
kvm_io_bus_unregister_dev memory leak upon a kmalloc failure
(bnc#1184509).
- CVE-2021-29650: Fixed an issue inside the netfilter subsystem that
allowed attackers to cause a denial of service (panic) because
net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a
full memory barrier upon the assignment of a new table value
(bnc#1184208).
- CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute
arbitrary code within the kernel context (bnc#1184391).
- CVE-2020-25673: Fixed NFC endless loops caused by repeated
llcp_sock_connect() (bsc#1178181).
- CVE-2020-25672: Fixed NFC memory leak in llcp_sock_connect()
(bsc#1178181).
- CVE-2020-25671: Fixed NFC refcount leak in llcp_sock_connect()
(bsc#1178181).
- CVE-2020-25670: Fixed NFC refcount leak in llcp_sock_bind()
(bsc#1178181).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h where a "stall on
CPU" could have occured because a retry loop continually finds the same
bad inode (bnc#1184194, bnc#1184211).
- CVE-2021-30002: Fixed a memory leak issue when a webcam device exists
(bnc#1184120).
- CVE-2021-3483: Fixed a use-after-free bug in nosy_ioctl() (bsc#1184393).
- CVE-2021-20219: Fixed a denial of service vulnerability in
drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker
with a normal user privilege could have delayed the loop and cause a
threat to the system availability (bnc#1184397).
- CVE-2021-29265: Fixed an issue in usbip_sockfd_store in
drivers/usb/usbip/stub_dev.c that allowed attackers to cause a denial of
service (GPF) because the stub-up sequence has race conditions during an
update of the local and shared status (bnc#1184167).
- CVE-2021-29264: Fixed an issue in
drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar
Ethernet driver that allowed attackers to cause a system crash because a
negative fragment size is calculated in situations involving an rx queue
overrun when jumbo packets are used and NAPI is enabled (bnc#1184168).
- CVE-2021-28972: Fixed an issue in drivers/pci/hotplug/rpadlpar_sysfs.c
where the RPA PCI Hotplug driver had a user-tolerable buffer overflow
when writing a new device name to the driver from userspace, allowing
userspace to write data to the kernel stack frame directly. This occurs
because add_slot_store and remove_slot_store mishandle drc_name '\0'
termination (bnc#1184198).
- CVE-2021-28660: Fixed rtw_wx_set_scan in
drivers/staging/rtl8188eu/os_dep/ioctl_linux.c that allowed writing
beyond the end of the ssid array (bnc#1183593).
- CVE-2020-0433: Fixed blk_mq_queue_tag_busy_iter of blk-mq-tag.c, where a
possible use after free due to improper locking could have happened.
This could have led to local escalation of privilege with no additional
execution privileges needed. User interaction is not needed for
exploitation (bnc#1176720).
- CVE-2021-27365: Fixed an issue inside the iSCSI data structures that
does not have appropriate length constraints or checks, and can exceed
the PAGE_SIZE value. An unprivileged user can send a Netlink message
that is associated with iSCSI, and has a length up to the maximum length
of a Netlink message (bnc#1182715).
- CVE-2021-27363: Fixed an issue with a kernel pointer leak that could
have been used to determine the address of the iscsi_transport
structure. When an iSCSI transport is registered with the iSCSI
subsystem, the transport's handle is available to unprivileged users via
the sysfs file system, at
/sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the
show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c)
is called, which leaks the handle. This handle is actually the pointer
to an iscsi_transport struct in the kernel module's global variables
(bnc#1182716).
- CVE-2021-27364: Fixed an issue in drivers/scsi/scsi_transport_iscsi.c
where an unprivileged user can craft Netlink messages (bnc#1182717).
- CVE-2020-36322: Fixed an issue in the FUSE filesystem implementation
where fuse_do_getattr() calls make_bad_inode() in inappropriate
situations, causing a system crash. NOTE: the original fix for this
vulnerability was incomplete, and its incompleteness is tracked as
CVE-2021-28950 (bnc#1184211 bnc#1184952).
- CVE-2021-28038: Fixed an issue with Xen PV. A certain part of the
netback driver lacks necessary treatment of errors such as failed memory
allocations (as a result of changes to the handling of grant mapping
errors). A host OS denial of service may occur during misbehavior of a
networking frontend driver. NOTE: this issue exists because of an
incomplete fix for CVE-2021-26931 (bnc#1183022 bnc#1183069 ).
- CVE-2020-1749: Fixed a flaw with some networking protocols in IPsec,
such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is
created between two hosts, the kernel isn't correctly routing tunneled
data over the encrypted link; rather sending the data unencrypted. This
would allow anyone in between the two endpoints to read the traffic
unencrypted. The main threat from this vulnerability is to data
confidentiality (bnc#1165629).
The following non-security bugs were fixed:
- KVM: Add proper lockdep assertion in I/O bus unregister (bsc#1185555).
- KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU
(bsc#1185556).
- KVM: Stop looking for coalesced MMIO zones if the bus is destroyed
(bsc#1185557).
- Xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022
XSA-367).
- bluetooth: eliminate the potential race condition when removing the HCI
controller (bsc#1184611).
- ext4: check journal inode extents more carefully (bsc#1173485).
- ext4: do not allow overlapping system zones (bsc#1173485).
- ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485).
- xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022
XSA-367).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 12-SP2-LTSS-SAP:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-LTSS-SAP-2021-1617=1
- SUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-LTSS-ERICSSON-2021-1617=1
- SUSE Linux Enterprise Server 12-SP2-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-1617=1
Package List:
- SUSE Linux Enterprise Server 12-SP2-LTSS-SAP (noarch):
kernel-devel-4.4.121-92.155.1
kernel-macros-4.4.121-92.155.1
kernel-source-4.4.121-92.155.1
- SUSE Linux Enterprise Server 12-SP2-LTSS-SAP (x86_64):
cluster-md-kmp-default-4.4.121-92.155.1
cluster-md-kmp-default-debuginfo-4.4.121-92.155.1
cluster-network-kmp-default-4.4.121-92.155.1
cluster-network-kmp-default-debuginfo-4.4.121-92.155.1
dlm-kmp-default-4.4.121-92.155.1
dlm-kmp-default-debuginfo-4.4.121-92.155.1
gfs2-kmp-default-4.4.121-92.155.1
gfs2-kmp-default-debuginfo-4.4.121-92.155.1
kernel-default-4.4.121-92.155.1
kernel-default-base-4.4.121-92.155.1
kernel-default-base-debuginfo-4.4.121-92.155.1
kernel-default-debuginfo-4.4.121-92.155.1
kernel-default-debugsource-4.4.121-92.155.1
kernel-default-devel-4.4.121-92.155.1
kernel-syms-4.4.121-92.155.1
ocfs2-kmp-default-4.4.121-92.155.1
ocfs2-kmp-default-debuginfo-4.4.121-92.155.1
- SUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON (noarch):
kernel-devel-4.4.121-92.155.1
kernel-macros-4.4.121-92.155.1
kernel-source-4.4.121-92.155.1
- SUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON (x86_64):
cluster-md-kmp-default-4.4.121-92.155.1
cluster-md-kmp-default-debuginfo-4.4.121-92.155.1
cluster-network-kmp-default-4.4.121-92.155.1
cluster-network-kmp-default-debuginfo-4.4.121-92.155.1
dlm-kmp-default-4.4.121-92.155.1
dlm-kmp-default-debuginfo-4.4.121-92.155.1
gfs2-kmp-default-4.4.121-92.155.1
gfs2-kmp-default-debuginfo-4.4.121-92.155.1
kernel-default-4.4.121-92.155.1
kernel-default-base-4.4.121-92.155.1
kernel-default-base-debuginfo-4.4.121-92.155.1
kernel-default-debuginfo-4.4.121-92.155.1
kernel-default-debugsource-4.4.121-92.155.1
kernel-default-devel-4.4.121-92.155.1
kernel-syms-4.4.121-92.155.1
ocfs2-kmp-default-4.4.121-92.155.1
ocfs2-kmp-default-debuginfo-4.4.121-92.155.1
- SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
kernel-default-4.4.121-92.155.1
kernel-default-base-4.4.121-92.155.1
kernel-default-base-debuginfo-4.4.121-92.155.1
kernel-default-debuginfo-4.4.121-92.155.1
kernel-default-debugsource-4.4.121-92.155.1
kernel-default-devel-4.4.121-92.155.1
kernel-syms-4.4.121-92.155.1
- SUSE Linux Enterprise Server 12-SP2-BCL (noarch):
kernel-devel-4.4.121-92.155.1
kernel-macros-4.4.121-92.155.1
kernel-source-4.4.121-92.155.1
References:
https://www.suse.com/security/cve/CVE-2020-0433.html
https://www.suse.com/security/cve/CVE-2020-1749.html
https://www.suse.com/security/cve/CVE-2020-25670.html
https://www.suse.com/security/cve/CVE-2020-25671.html
https://www.suse.com/security/cve/CVE-2020-25672.html
https://www.suse.com/security/cve/CVE-2020-25673.html
https://www.suse.com/security/cve/CVE-2020-36312.html
https://www.suse.com/security/cve/CVE-2020-36322.html
https://www.suse.com/security/cve/CVE-2021-20219.html
https://www.suse.com/security/cve/CVE-2021-27363.html
https://www.suse.com/security/cve/CVE-2021-27364.html
https://www.suse.com/security/cve/CVE-2021-27365.html
https://www.suse.com/security/cve/CVE-2021-28038.html
https://www.suse.com/security/cve/CVE-2021-28660.html
https://www.suse.com/security/cve/CVE-2021-28950.html
https://www.suse.com/security/cve/CVE-2021-28972.html
https://www.suse.com/security/cve/CVE-2021-29154.html
https://www.suse.com/security/cve/CVE-2021-29264.html
https://www.suse.com/security/cve/CVE-2021-29265.html
https://www.suse.com/security/cve/CVE-2021-29650.html
https://www.suse.com/security/cve/CVE-2021-30002.html
https://www.suse.com/security/cve/CVE-2021-3483.html
https://bugzilla.suse.com/1165629
https://bugzilla.suse.com/1173485
https://bugzilla.suse.com/1176720
https://bugzilla.suse.com/1178181
https://bugzilla.suse.com/1182715
https://bugzilla.suse.com/1182716
https://bugzilla.suse.com/1182717
https://bugzilla.suse.com/1183022
https://bugzilla.suse.com/1183069
https://bugzilla.suse.com/1183593
https://bugzilla.suse.com/1184120
https://bugzilla.suse.com/1184167
https://bugzilla.suse.com/1184168
https://bugzilla.suse.com/1184194
https://bugzilla.suse.com/1184198
https://bugzilla.suse.com/1184208
https://bugzilla.suse.com/1184211
https://bugzilla.suse.com/1184391
https://bugzilla.suse.com/1184393
https://bugzilla.suse.com/1184397
https://bugzilla.suse.com/1184509
https://bugzilla.suse.com/1184611
https://bugzilla.suse.com/1184952
https://bugzilla.suse.com/1185555
https://bugzilla.suse.com/1185556
https://bugzilla.suse.com/1185557
More information about the sle-updates
mailing list