openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:1682-1
Rating:             important
References:         #1065729 #1140683 #1172538 #1174748 #1175520 
                    #1176381 #1176400 #1176946 #1177340 #1177511 
                    #1177685 #1177724 #1177725 
Cross-References:   CVE-2020-12351 CVE-2020-12352 CVE-2020-25212
                    CVE-2020-25645
Affected Products:
                    openSUSE Leap 15.1
______________________________________________________________________________

   An update that solves four vulnerabilities and has 9 fixes
   is now available.

Description:



   The openSUSE Leap 15.1 kernel was updated to receive various security and
   bugfixes.

   The following security bugs were fixed:

   - CVE-2020-12351: A type confusion while processing AMP packets could be
     used by physical close attackers to crash the kernel or potentially
     execute code was fixed (bsc#1177724).
   - CVE-2020-12352: A stack information leak when handling certain AMP
     packets could be used by physical close attackers to leak information
     from the kernel was fixed (bsc#1177725).
   - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used
     by local attackers to corrupt memory or possibly have unspecified other
     impact because a size check is in fs/nfs/nfs4proc.c instead of
     fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381).
   - CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted
     when IPsec is configured to encrypt traffic for the specific UDP port
     used by the GENEVE tunnel allowing anyone between the two endpoints to
     read the traffic unencrypted. The main threat from this vulnerability is
     to data confidentiality (bnc#1177511).

   The following non-security bugs were fixed:

   - 59c7c3caaaf8 ("nvme: fix possible hang when ns scanning fails during
     error recovery")
   - NFS: On fatal writeback errors, we need to call
     nfs_inode_remove_request() (bsc#1177340).
   - NFS: Revalidate the file mapping on all fatal writeback errors     (bsc#1177340).
   - drm/sun4i: mixer: Extend regmap max_register (git-fixes).
   - ea43d9709f72 ("nvme: fix identify error status silent ignore")
   - i2c: meson: fix clock setting overwrite (git-fixes).
   - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
   - mac80211: do not allow bigger VHT MPDUs than the hardware supports
     (git-fixes).
   - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
   - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
     (bsc#1177685).
   - mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
   - nvme-multipath: do not reset on unknown status (bsc#1174748).
   - nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
   - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
   - nvme: Namepace identification descriptor list is optional (bsc#1174748).
   - nvme: add a Identify Namespace Identification Descriptor list quirk
     (bsc#1174748).
   - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
   - nvme: fix possible io failures when removing multipathed ns
     (bsc#1174748).
   - nvme: make nvme_identify_ns propagate errors back (bsc#1174748).
   - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
   - nvme: pass status to nvme_error_status (bsc#1174748).
   - nvme: return error from nvme_alloc_ns() (bsc#1174748).
   - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
   - scsi: hisi_sas: Add debugfs ITCT file and add file operations
     (bsc#1140683).
   - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
   - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32()
     (bsc#1140683).
   - scsi: hisi_sas: Change return variable type in phy_up_v3_hw()
     (bsc#1140683).
   - scsi: hisi_sas: Correct memory allocation size for DQ debugfs
     (bsc#1140683).
   - scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
   - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO
     (bsc#1140683).
   - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs
     code (bsc#1140683). Refresh:
   - scsi: hisi_sas: No need to check return value of debugfs_create
     functions (bsc#1140683). Update:
   - scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
   - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix I/O failures during remote port toggle testing
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Make tgt_port_database available in initiator mode
     (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946
     bsc#1175520 bsc#1172538).
   - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520
     bsc#1172538).
   - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520
     bsc#1172538).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:

      zypper in -t patch openSUSE-2020-1682=1



Package List:

   - openSUSE Leap 15.1 (x86_64):

      kernel-debug-4.12.14-lp151.28.75.1
      kernel-debug-base-4.12.14-lp151.28.75.1
      kernel-debug-base-debuginfo-4.12.14-lp151.28.75.1
      kernel-debug-debuginfo-4.12.14-lp151.28.75.1
      kernel-debug-debugsource-4.12.14-lp151.28.75.1
      kernel-debug-devel-4.12.14-lp151.28.75.1
      kernel-debug-devel-debuginfo-4.12.14-lp151.28.75.1
      kernel-default-4.12.14-lp151.28.75.1
      kernel-default-base-4.12.14-lp151.28.75.1
      kernel-default-base-debuginfo-4.12.14-lp151.28.75.1
      kernel-default-debuginfo-4.12.14-lp151.28.75.1
      kernel-default-debugsource-4.12.14-lp151.28.75.1
      kernel-default-devel-4.12.14-lp151.28.75.1
      kernel-default-devel-debuginfo-4.12.14-lp151.28.75.1
      kernel-kvmsmall-4.12.14-lp151.28.75.1
      kernel-kvmsmall-base-4.12.14-lp151.28.75.1
      kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.75.1
      kernel-kvmsmall-debuginfo-4.12.14-lp151.28.75.1
      kernel-kvmsmall-debugsource-4.12.14-lp151.28.75.1
      kernel-kvmsmall-devel-4.12.14-lp151.28.75.1
      kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.75.1
      kernel-obs-build-4.12.14-lp151.28.75.1
      kernel-obs-build-debugsource-4.12.14-lp151.28.75.1
      kernel-obs-qa-4.12.14-lp151.28.75.1
      kernel-syms-4.12.14-lp151.28.75.1
      kernel-vanilla-4.12.14-lp151.28.75.1
      kernel-vanilla-base-4.12.14-lp151.28.75.1
      kernel-vanilla-base-debuginfo-4.12.14-lp151.28.75.1
      kernel-vanilla-debuginfo-4.12.14-lp151.28.75.1
      kernel-vanilla-debugsource-4.12.14-lp151.28.75.1
      kernel-vanilla-devel-4.12.14-lp151.28.75.1
      kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.75.1

   - openSUSE Leap 15.1 (noarch):

      kernel-devel-4.12.14-lp151.28.75.1
      kernel-docs-4.12.14-lp151.28.75.1
      kernel-docs-html-4.12.14-lp151.28.75.1
      kernel-macros-4.12.14-lp151.28.75.1
      kernel-source-4.12.14-lp151.28.75.1
      kernel-source-vanilla-4.12.14-lp151.28.75.1


References:

   https://www.suse.com/security/cve/CVE-2020-12351.html
   https://www.suse.com/security/cve/CVE-2020-12352.html
   https://www.suse.com/security/cve/CVE-2020-25212.html
   https://www.suse.com/security/cve/CVE-2020-25645.html
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1140683
   https://bugzilla.suse.com/1172538
   https://bugzilla.suse.com/1174748
   https://bugzilla.suse.com/1175520
   https://bugzilla.suse.com/1176381
   https://bugzilla.suse.com/1176400
   https://bugzilla.suse.com/1176946
   https://bugzilla.suse.com/1177340
   https://bugzilla.suse.com/1177511
   https://bugzilla.suse.com/1177685
   https://bugzilla.suse.com/1177724
   https://bugzilla.suse.com/1177725

--

openSUSE: 2020:1682-1: important: the Linux Kernel

October 17, 2020
An update that solves four vulnerabilities and has 9 fixes is now available.

Description

The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: A type confusion while processing AMP packets could be used by physical close attackers to crash the kernel or potentially execute code was fixed (bsc#1177724). - CVE-2020-12352: A stack information leak when handling certain AMP packets could be used by physical close attackers to leak information from the kernel was fixed (bsc#1177725). - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452 (bnc#1176381). - CVE-2020-25645: Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1177511). The following non-security bugs were fixed: - 59c7c3caaaf8 ("nvme: fix possible hang when ns scanning fails during error recovery") - NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340). - NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340). - drm/sun4i: mixer: Extend regmap max_register (git-fixes). - ea43d9709f72 ("nvme: fix identify error status silent ignore") - i2c: meson: fix clock setting overwrite (git-fixes). - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685). - mmc: core: do not set limits.discard_granularity as 0 (git-fixes). - nvme-multipath: do not reset on unknown status (bsc#1174748). - nvme-rdma: Avoid double freeing of async event data (bsc#1174748). - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748). - nvme: Namepace identification descriptor list is optional (bsc#1174748). - nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748). - nvme: fix possible io failures when removing multipathed ns (bsc#1174748). - nvme: make nvme_identify_ns propagate errors back (bsc#1174748). - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748). - nvme: pass status to nvme_error_status (bsc#1174748). - nvme: return error from nvme_alloc_ns() (bsc#1174748). - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683). - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683). - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683). - scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683). - scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683). - scsi: hisi_sas: Do some more tidy-up (bsc#1140683). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683). - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh: - scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update: - scsi: hisi_sas: Some misc tidy-up (bsc#1140683). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538). Special Instructions and Notes: Please reboot the system after installing this update.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1682=1


Package List

- openSUSE Leap 15.1 (x86_64): kernel-debug-4.12.14-lp151.28.75.1 kernel-debug-base-4.12.14-lp151.28.75.1 kernel-debug-base-debuginfo-4.12.14-lp151.28.75.1 kernel-debug-debuginfo-4.12.14-lp151.28.75.1 kernel-debug-debugsource-4.12.14-lp151.28.75.1 kernel-debug-devel-4.12.14-lp151.28.75.1 kernel-debug-devel-debuginfo-4.12.14-lp151.28.75.1 kernel-default-4.12.14-lp151.28.75.1 kernel-default-base-4.12.14-lp151.28.75.1 kernel-default-base-debuginfo-4.12.14-lp151.28.75.1 kernel-default-debuginfo-4.12.14-lp151.28.75.1 kernel-default-debugsource-4.12.14-lp151.28.75.1 kernel-default-devel-4.12.14-lp151.28.75.1 kernel-default-devel-debuginfo-4.12.14-lp151.28.75.1 kernel-kvmsmall-4.12.14-lp151.28.75.1 kernel-kvmsmall-base-4.12.14-lp151.28.75.1 kernel-kvmsmall-base-debuginfo-4.12.14-lp151.28.75.1 kernel-kvmsmall-debuginfo-4.12.14-lp151.28.75.1 kernel-kvmsmall-debugsource-4.12.14-lp151.28.75.1 kernel-kvmsmall-devel-4.12.14-lp151.28.75.1 kernel-kvmsmall-devel-debuginfo-4.12.14-lp151.28.75.1 kernel-obs-build-4.12.14-lp151.28.75.1 kernel-obs-build-debugsource-4.12.14-lp151.28.75.1 kernel-obs-qa-4.12.14-lp151.28.75.1 kernel-syms-4.12.14-lp151.28.75.1 kernel-vanilla-4.12.14-lp151.28.75.1 kernel-vanilla-base-4.12.14-lp151.28.75.1 kernel-vanilla-base-debuginfo-4.12.14-lp151.28.75.1 kernel-vanilla-debuginfo-4.12.14-lp151.28.75.1 kernel-vanilla-debugsource-4.12.14-lp151.28.75.1 kernel-vanilla-devel-4.12.14-lp151.28.75.1 kernel-vanilla-devel-debuginfo-4.12.14-lp151.28.75.1 - openSUSE Leap 15.1 (noarch): kernel-devel-4.12.14-lp151.28.75.1 kernel-docs-4.12.14-lp151.28.75.1 kernel-docs-html-4.12.14-lp151.28.75.1 kernel-macros-4.12.14-lp151.28.75.1 kernel-source-4.12.14-lp151.28.75.1 kernel-source-vanilla-4.12.14-lp151.28.75.1


References

https://www.suse.com/security/cve/CVE-2020-12351.html https://www.suse.com/security/cve/CVE-2020-12352.html https://www.suse.com/security/cve/CVE-2020-25212.html https://www.suse.com/security/cve/CVE-2020-25645.html https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1140683 https://bugzilla.suse.com/1172538 https://bugzilla.suse.com/1174748 https://bugzilla.suse.com/1175520 https://bugzilla.suse.com/1176381 https://bugzilla.suse.com/1176400 https://bugzilla.suse.com/1176946 https://bugzilla.suse.com/1177340 https://bugzilla.suse.com/1177511 https://bugzilla.suse.com/1177685 https://bugzilla.suse.com/1177724 https://bugzilla.suse.com/1177725--


Severity
Announcement ID: openSUSE-SU-2020:1682-1
Rating: important
Affected Products: openSUSE Leap 15.1 le.

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved