openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:1142-1
Rating:             important
References:         #1065729 #1085224 #1094840 #1113295 #1153274 
                    #1154353 #1156395 #1179243 #1183871 #1184114 
                    #1184350 #1184631 #1185377 #1185902 #1186194 
                    #1186264 #1186482 #1187476 #1188101 #1188405 
                    #1188445 #1188504 #1188620 #1188683 #1188746 
                    #1188747 #1188748 #1188770 #1188771 #1188772 
                    #1188773 #1188774 #1188777 #1188780 #1188781 
                    #1188782 #1188783 #1188784 #1188786 #1188787 
                    #1188788 #1188790 #1188838 #1188842 #1188876 
                    #1188885 #1188973 #1189021 #1189057 #1189077 
                    #802154 
Cross-References:   CVE-2021-21781 CVE-2021-22543 CVE-2021-3659
                    CVE-2021-3679 CVE-2021-37576
CVSS scores:
                    CVE-2021-21781 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-22543 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3659 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3679 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-37576 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    openSUSE Leap 15.2
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 46 fixes is
   now available.

Description:



   The openSUSE Leap 15.2 kernel was updated to receive various security and
   bugfixes.

   The following security bugs were fixed:

   - CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module
     functionality was found in the way user uses trace ring buffer in a
     specific way. Only privileged local users (with CAP_SYS_ADMIN
     capability) could use this flaw to starve the resources causing denial
     of service (bnc#1189057).
   - CVE-2021-3659: Fix general protection fault via NULL pointer dereference
     in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876).
   - CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c on the powerpc platform
     allowed KVM guest OS users to cause host OS memory corruption via
     rtas_args.nargs, aka CID-f62f3c20647e (bnc#1188838 bnc#1188842).
   - CVE-2021-22543: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in
     KVM could bypass RO checks and can lead to pages being freed while still
     accessible by the VMM and guest. This allowed users with the ability to
     start and control a VM to read/write random pages of memory and can
     result in local privilege escalation (bnc#1186482).
   - CVE-2021-21781: A SIGPAGE information disclosure vulnerability on ARM
     was fixed (bsc#1188445).

   The following non-security bugs were fixed:

   - ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
   - ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
   - ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
   - ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
   - ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
   - ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes).
   - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256)
     (git-fixes).
   - ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
   - ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
   - ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
   - ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
   - ALSA: seq: Fix racy deletion of subscriber (git-fixes).
   - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes).
   - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
     (git-fixes).
   - ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
     (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
     (git-fixes).
   - ALSA: usx2y: Do not call free_pages_exact() with NULL address
     (git-fixes).
   - ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
   - ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
     characters (git-fixes).
   - ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
   - ASoC: soc-core: Fix the error return code in
     snd_soc_of_parse_audio_routing() (git-fixes).
   - backlight: lm3630a: Fix return code of .update_status() callback
     (git-fixes).
   - bcache: avoid oversized read request in cache missing code path
     (bsc#1184631).
   - bcache: remove bcache device self-defined readahead (bsc#1184631).
   - Bluetooth: defer cleanup of resources in hci_unregister_dev()
     (git-fixes).
   - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in
     bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
   - bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371
     bsc#1153274).
   - bnxt_en: do not disable an already disabled PCI device (git-fixes).
   - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371
     bsc#1153274).
   - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
     (bsc#1154353).
   - btrfs: factor out create_chunk() (bsc#1189077).
   - btrfs: factor out decide_stripe_size() (bsc#1189077).
   - btrfs: factor out gather_device_info() (bsc#1189077).
   - btrfs: factor out init_alloc_chunk_ctl (bsc#1189077).
   - btrfs: fix deadlock with concurrent chunk allocations involving system
     chunks (bsc#1189077).
   - btrfs: handle invalid profile in chunk allocation (bsc#1189077).
   - btrfs: introduce alloc_chunk_ctl (bsc#1189077).
   - btrfs: introduce chunk allocation policy (bsc#1189077).
   - btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077).
   - btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077).
   - btrfs: refactor find_free_dev_extent_start() (bsc#1189077).
   - btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077).
   - btrfs: rework chunk allocation to avoid exhaustion of the system chunk
     array (bsc#1189077).
   - cadence: force nonlinear buffers to be cloned (git-fixes).
   - can: ems_usb: fix memory leak (git-fixes).
   - can: esd_usb2: fix memory leak (git-fixes).
   - can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
   - can: mcba_usb_start(): add missing urb->transfer_dma initialization
     (git-fixes).
   - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
   - can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes).
   - can: usb_8dev: fix memory leak (git-fixes).
   - ceph: do not WARN if we're still opening a session to an MDS
     (bsc#1188748).
   - cfg80211: Fix possible memory leak in function cfg80211_bss_update
     (git-fixes).
   - cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
   - cifs: constify get_normalized_path() properly (bsc#1185902).
   - cifs: do not cargo-cult strndup() (bsc#1185902).
   - cifs: do not fail __smb_send_rqst if non-fatal signals are pending
     (git-fixes).
   - cifs: do not send tree disconnect to ipc shares (bsc#1185902).
   - cifs: do not share tcp servers with dfs mounts (bsc#1185902).
   - cifs: do not share tcp sessions of dfs connections (bsc#1185902).
   - cifs: fix check of dfs interlinks (bsc#1185902).
   - cifs: fix interrupted close commands (git-fixes).
   - cifs: fix memory leak in smb2_copychunk_range (git-fixes).
   - cifs: fix path comparison and hash calc (bsc#1185902).
   - cifs: Fix preauth hash corruption (git-fixes).
   - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902).
   - cifs: handle different charsets in dfs cache (bsc#1185902).
   - cifs: keep referral server sessions alive (bsc#1185902).
   - cifs: missing null pointer check in cifs_mount (bsc#1185902).
   - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902).
   - cifs: Remove unused inline function is_sysvol_or_netlogon()
     (bsc#1185902).
   - cifs: Return correct error code from smb2_get_enc_key (git-fixes).
   - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902).
   - clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes).
   - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes).
   - cxgb4: fix IRQ free race during driver unload (git-fixes).
   - dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
   - drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
   - drm: Return -ENOTTY for non-drm ioctls (git-fixes).
   - Drop media rtl28xxu fix patch (bsc#1188683)
   - e1000e: Check the PCIm state (git-fixes).
   - e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
   - firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow
     (git-fixes).
   - firmware: arm_scmi: Fix range check for the maximum number of pending
     messages (git-fixes).
   - firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
   - gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
   - gpio: tqmx86: really make IRQ optional (git-fixes).
   - gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
   - gtp: fix an use-before-init in gtp_newlink() (git-fixes).
   - i2c: core: Disable client irq on reboot/shutdown (git-fixes).
   - i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
   - i40e: Fix error handling in i40e_vsi_open (git-fixes).
   - iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
   - ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
   - ibmvnic: retry reset if there are no other resets (bsc#1184350
     ltc#191533).
   - ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency
     (jsc#SLE-7926).
   - igb: Check if num of q_vectors is smaller than max before array access
     (git-fixes).
   - igb: Fix an error handling path in 'igb_probe()' (git-fixes).
   - igb: Fix position of assignment to *ring (git-fixes).
   - igb: Fix use-after-free error during reset (git-fixes).
   - igc: change default return of igc_read_phy_reg() (git-fixes).
   - igc: Fix an error handling path in 'igc_probe()' (git-fixes).
   - igc: Fix use-after-free error during reset (git-fixes).
   - iio: accel: bma180: Use explicit member assignment (git-fixes).
   - iio: gyro: fxa21002c: Balance runtime pm + use
     pm_runtime_resume_and_get() (git-fixes).
   - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
     (git-fixes).
   - Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
     (git-fixes).
   - Input: ili210x - add missing negation for touch indication on ili210x
     (git-fixes).
   - ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
   - ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
   - kabi fix for NFSv4.1: Do not rebind to the same source port when
     reconnecting to the server (bnc#1186264 bnc#1189021)
   - kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
   - KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw
     disabled (bsc#1188771).
   - kvm: LAPIC: Restore guard to prevent illegal APIC register access
     (bsc#1188772).
   - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
     (bsc#1188773).
   - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
   - KVM: nVMX: Preserve exception priority irrespective of exiting behavior
     (bsc#1188777).
   - KVM: nVMX: Really make emulated nested preemption timer pinned
     (bsc#1188780).
   - KVM: nVMX: Reset the segment cache when stuffing guest segs
     (bsc#1188781).
   - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
     (bsc#1188782).
   - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration
     (bsc#1188783).
   - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit
     (bsc#1188784).
   - KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786).
   - KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787).
   - KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path
     (bsc#1188788).
   - KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790).
   - lib/decompress_unlz4.c: correctly handle zero-padding around initrds
     (git-fixes).
   - liquidio: Fix unintentional sign extension issue on left shift of u16
     (git-fixes).
   - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
     (git-fixes).
   - media: rtl28xxu: fix zero-length control request (git-fixes).
   - media: videobuf2-core: dequeue if start_streaming fails (git-fixes).
   - mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
   - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
   - misc: alcor_pci: fix inverted branch condition (git-fixes).
   - misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
     (git-fixes).
   - misc/libmasm/module: Fix two use after free in ibmasm_init_one
     (git-fixes).
   - Move upstreamed patches to sorted section
   - mt76: mt7603: set 0 as min coverage_class value (git-fixes).
   - mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
   - mt76: mt7615: increase MCU command timeout (git-fixes).
   - mt76: set dma-done flag for flushed descriptors (git-fixes).
   - mvpp2: suppress warning (git-fixes).
   - net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
   - net: dp83867: Fix OF_MDIO config check (git-fixes).
   - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext
     (git-fixes).
   - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes).
   - net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
   - net: hns3: Clear the CMDQ registers before unmapping BAR region
     (git-fixes).
   - net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
   - net: marvell: Fix OF_MDIO config check (git-fixes).
   - net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
   - net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
   - net/mlx5: Properly convey driver version to firmware (git-fixes).
   - net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
   - net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx
     phy (git-fixes).
   - net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes).
   - net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
   - net: wilc1000: clean up resource in error path of init mon interface
     (git-fixes).
   - nfc: nfcsim: fix use after free during module unload (git-fixes).
   - NFSv4.1: Do not rebind to the same source port when (bnc#1186264
     bnc#1189021)
   - PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
   - platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command
     (git-fixes).
   - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
   - platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when
     using s2idle (git-fixes).
   - platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip
     (git-fixes).
   - platform/x86: intel_int0002_vgpio: Remove dev_err() usage after
     platform_get_irq() (git-fixes).
   - platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
   - powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h
     (bsc#1188885 ltc#193722).
   - powerpc/64s: rename pnv|pseries_setup_rfi_flush to
     _setup_security_mitigations (bsc#1188885 ltc#193722).
   - powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
   - powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
   - powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295,
     git-fixes).
   - powerpc/pesries: Get STF barrier requirement from
     H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
   - powerpc/pseries: add new branch prediction security bits for link stack
     (bsc#1188885 ltc#193722).
   - powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885
     ltc#193722).
   - powerpc/pseries: Get entry and uaccess flush required bits from
     H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
   - powerpc/security: Add a security feature for STF barrier (bsc#1188885
     ltc#193722).
   - powerpc/security: Allow for processors that flush the link stack using
     the special bcctr (bsc#1188885 ltc#193722).
   - powerpc/security: change link stack flush state to the flush type enum
     (bsc#1188885 ltc#193722).
   - powerpc/security: Fix link stack flush instruction (bsc#1188885
     ltc#193722).
   - powerpc/security: make display of branch cache flush more consistent
     (bsc#1188885 ltc#193722).
   - powerpc/security: re-name count cache flush to branch cache flush
     (bsc#1188885 ltc#193722).
   - powerpc/security: split branch cache flush toggle from code patching
     (bsc#1188885 ltc#193722).
   - powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
     (bsc#1156395).
   - powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
   - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
   - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
   - power: supply: ab8500: Avoid NULL pointers (git-fixes).
   - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
     (git-fixes).
   - power: supply: max17042: Do not enforce (incorrect) interrupt trigger
     type (git-fixes).
   - power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE
     (git-fixes).
   - power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
   - pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
   - pwm: imx1: Do not disable clocks at device remove time (git-fixes).
   - pwm: spear: Do not modify HW state in .remove callback (git-fixes).
   - r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
   - r8152: Fix potential PM refcount imbalance (bsc#1186194).
   - ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
   - rbd: always kick acquire on "acquired" and "released" notifications
     (bsc#1188746).
   - rbd: do not hold lock_rwsem while running_list is being drained
     (bsc#1188747).
   - RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
   - RDMA/cma: Protect RMW with qp_mutex (git-fixes).
   - regulator: hi6421: Fix getting wrong drvdata (git-fixes).
   - regulator: hi6421: Use correct variable type for regmap api val argument
     (git-fixes).
   - replaced with upstream security mitigation cleanup
   - reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
   - Revert "ACPI: resources: Add checks for ACPI IRQ override" (git-fixes).
   - Revert "be2net: disable bh with spin_lock in be_process_mcc" (git-fixes).
   - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
     (git-fixes).
   - rtc: max77686: Do not enforce (incorrect) interrupt trigger type
     (git-fixes).
   - rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
   - scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
   - sfp: Fix error handing in sfp_probe() (git-fixes).
   - soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
   - spi: cadence: Correct initialisation of runtime PM again (git-fixes).
   - spi: imx: add a check for speed_hz before calculating the clock
     (git-fixes).
   - spi: mediatek: fix fifo rx mode (git-fixes).
   - staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
   - SUNRPC: prevent port reuse on transports which do not request it
     (bnc#1186264 bnc#1189021).
   - thermal/core: Correct function name thermal_zone_device_unregister()
     (git-fixes).
   - tracing: Do not reference char * as a string in histograms (git-fixes).
   - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
     (git-fixes).
   - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by
     zero (git-fixes).
   - Update
     patches.suse/ibmvnic-account-for-bufs-already-saved-in-indir_buf.patch
     (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290 bsc#1188620
     ltc#192221).
   - Update patches.suse/ibmvnic-free-tx_pool-if-tso_pool-alloc-fails.patch
     (bsc#1085224 ltc#164363 bsc#1188620 ltc#192221).
   - Update patches.suse/ibmvnic-parenthesize-a-check.patch (bsc#1184114
     ltc#192237 bsc#1183871 ltc#192139 git-fixes bsc#1188620 ltc#192221).
   - Update patches.suse/ibmvnic-set-ltb-buff-to-NULL-after-freeing.patch
     (bsc#1094840 ltc#167098 bsc#1188620 ltc#192221).
   - Update
     patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch
     (bsc#1065729 bsc#1188405 ltc#193509 bsc#1187476 ltc#193646).
   - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode
     (git-fixes).
   - usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
   - usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
   - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
     (git-fixes).
   - usb: hub: Fix link power management max exit latency (MEL) calculations
     (git-fixes).
   - usb: max-3421: Prevent corruption of freed memory (git-fixes).
   - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop()
     (git-fixes).
   - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
   - USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
   - USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
   - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
   - uuid: Add inline helpers to import / export UUIDs (bsc#1113295,
     git-fixes).
   - virtio_console: Assure used length from device is limited (git-fixes).
   - virtio_net: move tx vq operation under tx queue lock (git-fixes).
   - vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
   - w1: ds2438: fixing bug that would always get page0 (git-fixes).
   - watchdog: Fix possible use-after-free by calling del_timer_sync()
     (git-fixes).
   - watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
   - watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
   - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()
     (git-fixes).
   - wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
   - workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
   - xen/events: reset active flag for lateeoi events later (git-fixes).
   - xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
   - xhci: Fix lost USB 2 remote wake (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:

      zypper in -t patch openSUSE-2021-1142=1



Package List:

   - openSUSE Leap 15.2 (noarch):

      kernel-devel-5.3.18-lp152.87.1
      kernel-docs-5.3.18-lp152.87.1
      kernel-docs-html-5.3.18-lp152.87.1
      kernel-macros-5.3.18-lp152.87.1
      kernel-source-5.3.18-lp152.87.1
      kernel-source-vanilla-5.3.18-lp152.87.1

   - openSUSE Leap 15.2 (x86_64):

      kernel-debug-5.3.18-lp152.87.1
      kernel-debug-debuginfo-5.3.18-lp152.87.1
      kernel-debug-debugsource-5.3.18-lp152.87.1
      kernel-debug-devel-5.3.18-lp152.87.1
      kernel-debug-devel-debuginfo-5.3.18-lp152.87.1
      kernel-default-5.3.18-lp152.87.1
      kernel-default-base-5.3.18-lp152.87.1.lp152.8.40.1
      kernel-default-base-rebuild-5.3.18-lp152.87.1.lp152.8.40.1
      kernel-default-debuginfo-5.3.18-lp152.87.1
      kernel-default-debugsource-5.3.18-lp152.87.1
      kernel-default-devel-5.3.18-lp152.87.1
      kernel-default-devel-debuginfo-5.3.18-lp152.87.1
      kernel-kvmsmall-5.3.18-lp152.87.1
      kernel-kvmsmall-debuginfo-5.3.18-lp152.87.1
      kernel-kvmsmall-debugsource-5.3.18-lp152.87.1
      kernel-kvmsmall-devel-5.3.18-lp152.87.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.87.1
      kernel-obs-build-5.3.18-lp152.87.1
      kernel-obs-build-debugsource-5.3.18-lp152.87.1
      kernel-obs-qa-5.3.18-lp152.87.1
      kernel-preempt-5.3.18-lp152.87.1
      kernel-preempt-debuginfo-5.3.18-lp152.87.1
      kernel-preempt-debugsource-5.3.18-lp152.87.1
      kernel-preempt-devel-5.3.18-lp152.87.1
      kernel-preempt-devel-debuginfo-5.3.18-lp152.87.1
      kernel-syms-5.3.18-lp152.87.1


References:

   https://www.suse.com/security/cve/CVE-2021-21781.html
   https://www.suse.com/security/cve/CVE-2021-22543.html
   https://www.suse.com/security/cve/CVE-2021-3659.html
   https://www.suse.com/security/cve/CVE-2021-3679.html
   https://www.suse.com/security/cve/CVE-2021-37576.html
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1085224
   https://bugzilla.suse.com/1094840
   https://bugzilla.suse.com/1113295
   https://bugzilla.suse.com/1153274
   https://bugzilla.suse.com/1154353
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1179243
   https://bugzilla.suse.com/1183871
   https://bugzilla.suse.com/1184114
   https://bugzilla.suse.com/1184350
   https://bugzilla.suse.com/1184631
   https://bugzilla.suse.com/1185377
   https://bugzilla.suse.com/1185902
   https://bugzilla.suse.com/1186194
   https://bugzilla.suse.com/1186264
   https://bugzilla.suse.com/1186482
   https://bugzilla.suse.com/1187476
   https://bugzilla.suse.com/1188101
   https://bugzilla.suse.com/1188405
   https://bugzilla.suse.com/1188445
   https://bugzilla.suse.com/1188504
   https://bugzilla.suse.com/1188620
   https://bugzilla.suse.com/1188683
   https://bugzilla.suse.com/1188746
   https://bugzilla.suse.com/1188747
   https://bugzilla.suse.com/1188748
   https://bugzilla.suse.com/1188770
   https://bugzilla.suse.com/1188771
   https://bugzilla.suse.com/1188772
   https://bugzilla.suse.com/1188773
   https://bugzilla.suse.com/1188774
   https://bugzilla.suse.com/1188777
   https://bugzilla.suse.com/1188780
   https://bugzilla.suse.com/1188781
   https://bugzilla.suse.com/1188782
   https://bugzilla.suse.com/1188783
   https://bugzilla.suse.com/1188784
   https://bugzilla.suse.com/1188786
   https://bugzilla.suse.com/1188787
   https://bugzilla.suse.com/1188788
   https://bugzilla.suse.com/1188790
   https://bugzilla.suse.com/1188838
   https://bugzilla.suse.com/1188842
   https://bugzilla.suse.com/1188876
   https://bugzilla.suse.com/1188885
   https://bugzilla.suse.com/1188973
   https://bugzilla.suse.com/1189021
   https://bugzilla.suse.com/1189057
   https://bugzilla.suse.com/1189077
   https://bugzilla.suse.com/802154

openSUSE: 2021:1142-1 important: the Linux Kernel

August 10, 2021
An update that solves 5 vulnerabilities and has 46 fixes is now available

Description

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). - CVE-2021-3659: Fix general protection fault via NULL pointer dereference in llsec_key_alloc() in net/mac802154/llsec.c (bsc#1188876). - CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c on the powerpc platform allowed KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e (bnc#1188838 bnc#1188842). - CVE-2021-22543: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM could bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allowed users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation (bnc#1186482). - CVE-2021-21781: A SIGPAGE information disclosure vulnerability on ARM was fixed (bsc#1188445). The following non-security bugs were fixed: - ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes). - ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes). - ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes). - ALSA: bebob: add support for ToneWeal FW66 (git-fixes). - ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes). - ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes). - ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256) (git-fixes). - ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes). - ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes). - ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes). - ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes). - ALSA: seq: Fix racy deletion of subscriber (git-fixes). - ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes). - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets (git-fixes). - ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes). - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes). - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions (git-fixes). - ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes). - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values (git-fixes). - ALSA: usx2y: Do not call free_pages_exact() with NULL address (git-fixes). - ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes). - ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20 characters (git-fixes). - ASoC: rt5631: Fix regcache sync errors on resume (git-fixes). - ASoC: soc-core: Fix the error return code in snd_soc_of_parse_audio_routing() (git-fixes). - backlight: lm3630a: Fix return code of .update_status() callback (git-fixes). - bcache: avoid oversized read request in cache missing code path (bsc#1184631). - bcache: remove bcache device self-defined readahead (bsc#1184631). - Bluetooth: defer cleanup of resources in hci_unregister_dev() (git-fixes). - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274). - bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371 bsc#1153274). - bnxt_en: do not disable an already disabled PCI device (git-fixes). - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371 bsc#1153274). - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1154353). - btrfs: factor out create_chunk() (bsc#1189077). - btrfs: factor out decide_stripe_size() (bsc#1189077). - btrfs: factor out gather_device_info() (bsc#1189077). - btrfs: factor out init_alloc_chunk_ctl (bsc#1189077). - btrfs: fix deadlock with concurrent chunk allocations involving system chunks (bsc#1189077). - btrfs: handle invalid profile in chunk allocation (bsc#1189077). - btrfs: introduce alloc_chunk_ctl (bsc#1189077). - btrfs: introduce chunk allocation policy (bsc#1189077). - btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077). - btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077). - btrfs: refactor find_free_dev_extent_start() (bsc#1189077). - btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077). - btrfs: rework chunk allocation to avoid exhaustion of the system chunk array (bsc#1189077). - cadence: force nonlinear buffers to be cloned (git-fixes). - can: ems_usb: fix memory leak (git-fixes). - can: esd_usb2: fix memory leak (git-fixes). - can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes). - can: mcba_usb_start(): add missing urb->transfer_dma initialization (git-fixes). - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes). - can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes). - can: usb_8dev: fix memory leak (git-fixes). - ceph: do not WARN if we're still opening a session to an MDS (bsc#1188748). - cfg80211: Fix possible memory leak in function cfg80211_bss_update (git-fixes). - cifs: avoid starvation when refreshing dfs cache (bsc#1185902). - cifs: constify get_normalized_path() properly (bsc#1185902). - cifs: do not cargo-cult strndup() (bsc#1185902). - cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes). - cifs: do not send tree disconnect to ipc shares (bsc#1185902). - cifs: do not share tcp servers with dfs mounts (bsc#1185902). - cifs: do not share tcp sessions of dfs connections (bsc#1185902). - cifs: fix check of dfs interlinks (bsc#1185902). - cifs: fix interrupted close commands (git-fixes). - cifs: fix memory leak in smb2_copychunk_range (git-fixes). - cifs: fix path comparison and hash calc (bsc#1185902). - cifs: Fix preauth hash corruption (git-fixes). - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). - cifs: handle different charsets in dfs cache (bsc#1185902). - cifs: keep referral server sessions alive (bsc#1185902). - cifs: missing null pointer check in cifs_mount (bsc#1185902). - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). - cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). - cifs: Return correct error code from smb2_get_enc_key (git-fixes). - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). - clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes). - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). - cxgb4: fix IRQ free race during driver unload (git-fixes). - dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes). - drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes). - drm: Return -ENOTTY for non-drm ioctls (git-fixes). - Drop media rtl28xxu fix patch (bsc#1188683) - e1000e: Check the PCIm state (git-fixes). - e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes). - firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow (git-fixes). - firmware: arm_scmi: Fix range check for the maximum number of pending messages (git-fixes). - firmware/efi: Tell memblock about EFI iomem reservations (git-fixes). - gpio: pca953x: Add support for the On Semi pca9655 (git-fixes). - gpio: tqmx86: really make IRQ optional (git-fixes). - gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes). - gtp: fix an use-before-init in gtp_newlink() (git-fixes). - i2c: core: Disable client irq on reboot/shutdown (git-fixes). - i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes). - i40e: Fix error handling in i40e_vsi_open (git-fixes). - iavf: Fix an error handling path in 'iavf_probe()' (git-fixes). - ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075). - ibmvnic: retry reset if there are no other resets (bsc#1184350 ltc#191533). - ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency (jsc#SLE-7926). - igb: Check if num of q_vectors is smaller than max before array access (git-fixes). - igb: Fix an error handling path in 'igb_probe()' (git-fixes). - igb: Fix position of assignment to *ring (git-fixes). - igb: Fix use-after-free error during reset (git-fixes). - igc: change default return of igc_read_phy_reg() (git-fixes). - igc: Fix an error handling path in 'igc_probe()' (git-fixes). - igc: Fix use-after-free error during reset (git-fixes). - iio: accel: bma180: Use explicit member assignment (git-fixes). - iio: gyro: fxa21002c: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes). - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get() (git-fixes). - Input: hideep - fix the uninitialized use in hideep_nvm_unlock() (git-fixes). - Input: ili210x - add missing negation for touch indication on ili210x (git-fixes). - ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes). - ixgbe: Fix packet corruption due to missing DMA sync (git-fixes). - kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server (bnc#1186264 bnc#1189021) - kvm: i8254: remove redundant assignment to pointer s (bsc#1188770). - KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw disabled (bsc#1188771). - kvm: LAPIC: Restore guard to prevent illegal APIC register access (bsc#1188772). - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit (bsc#1188773). - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774). - KVM: nVMX: Preserve exception priority irrespective of exiting behavior (bsc#1188777). - KVM: nVMX: Really make emulated nested preemption timer pinned (bsc#1188780). - KVM: nVMX: Reset the segment cache when stuffing guest segs (bsc#1188781). - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1188782). - KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration (bsc#1188783). - KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit (bsc#1188784). - KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786). - KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787). - KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (bsc#1188788). - KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790). - lib/decompress_unlz4.c: correctly handle zero-padding around initrds (git-fixes). - liquidio: Fix unintentional sign extension issue on left shift of u16 (git-fixes). - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() (git-fixes). - media: rtl28xxu: fix zero-length control request (git-fixes). - media: videobuf2-core: dequeue if start_streaming fails (git-fixes). - mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes). - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes). - misc: alcor_pci: fix inverted branch condition (git-fixes). - misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge (git-fixes). - misc/libmasm/module: Fix two use after free in ibmasm_init_one (git-fixes). - Move upstreamed patches to sorted section - mt76: mt7603: set 0 as min coverage_class value (git-fixes). - mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes). - mt76: mt7615: increase MCU command timeout (git-fixes). - mt76: set dma-done flag for flushed descriptors (git-fixes). - mvpp2: suppress warning (git-fixes). - net: atlantic: fix ip dst and ipv6 address filters (git-fixes). - net: dp83867: Fix OF_MDIO config check (git-fixes). - net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (git-fixes). - net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes). - net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes). - net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes). - net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes). - net: marvell: Fix OF_MDIO config check (git-fixes). - net/mlx5: Do not fail driver on failure to create debugfs (git-fixes). - net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes). - net/mlx5: Properly convey driver version to firmware (git-fixes). - net: mvpp2: Put fwnode in error case during ->probe() (git-fixes). - net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx phy (git-fixes). - net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). - net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes). - net: wilc1000: clean up resource in error path of init mon interface (git-fixes). - nfc: nfcsim: fix use after free during module unload (git-fixes). - NFSv4.1: Do not rebind to the same source port when (bnc#1186264 bnc#1189021) - PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes). - platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command (git-fixes). - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes). - platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when using s2idle (git-fixes). - platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip (git-fixes). - platform/x86: intel_int0002_vgpio: Remove dev_err() usage after platform_get_irq() (git-fixes). - platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes). - powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h (bsc#1188885 ltc#193722). - powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (bsc#1188885 ltc#193722). - powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395). - powerpc: Offline CPU in stop_this_cpu() (bsc#1156395). - powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295, git-fixes). - powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722). - powerpc/pseries: add new branch prediction security bits for link stack (bsc#1188885 ltc#193722). - powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885 ltc#193722). - powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722). - powerpc/security: Add a security feature for STF barrier (bsc#1188885 ltc#193722). - powerpc/security: Allow for processors that flush the link stack using the special bcctr (bsc#1188885 ltc#193722). - powerpc/security: change link stack flush state to the flush type enum (bsc#1188885 ltc#193722). - powerpc/security: Fix link stack flush instruction (bsc#1188885 ltc#193722). - powerpc/security: make display of branch cache flush more consistent (bsc#1188885 ltc#193722). - powerpc/security: re-name count cache flush to branch cache flush (bsc#1188885 ltc#193722). - powerpc/security: split branch cache flush toggle from code patching (bsc#1188885 ltc#193722). - powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi() (bsc#1156395). - powerpc/stacktrace: Include linux/delay.h (bsc#1156395). - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes). - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes). - power: supply: ab8500: Avoid NULL pointers (git-fixes). - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE (git-fixes). - power: supply: max17042: Do not enforce (incorrect) interrupt trigger type (git-fixes). - power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE (git-fixes). - power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes). - pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes). - pwm: imx1: Do not disable clocks at device remove time (git-fixes). - pwm: spear: Do not modify HW state in .remove callback (git-fixes). - r8152: Fix a deadlock by doubly PM resume (bsc#1186194). - r8152: Fix potential PM refcount imbalance (bsc#1186194). - ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes). - rbd: always kick acquire on "acquired" and "released" notifications (bsc#1188746). - rbd: do not hold lock_rwsem while running_list is being drained (bsc#1188747). - RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449). - RDMA/cma: Protect RMW with qp_mutex (git-fixes). - regulator: hi6421: Fix getting wrong drvdata (git-fixes). - regulator: hi6421: Use correct variable type for regmap api val argument (git-fixes). - replaced with upstream security mitigation cleanup - reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes). - Revert "ACPI: resources: Add checks for ACPI IRQ override" (git-fixes). - Revert "be2net: disable bh with spin_lock in be_process_mcc" (git-fixes). - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem" (git-fixes). - rtc: max77686: Do not enforce (incorrect) interrupt trigger type (git-fixes). - rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes). - scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101). - sfp: Fix error handing in sfp_probe() (git-fixes). - soc/tegra: fuse: Fix Tegra234-only builds (git-fixes). - spi: cadence: Correct initialisation of runtime PM again (git-fixes). - spi: imx: add a check for speed_hz before calculating the clock (git-fixes). - spi: mediatek: fix fifo rx mode (git-fixes). - staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes). - SUNRPC: prevent port reuse on transports which do not request it (bnc#1186264 bnc#1189021). - thermal/core: Correct function name thermal_zone_device_unregister() (git-fixes). - tracing: Do not reference char * as a string in histograms (git-fixes). - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path (git-fixes). - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by zero (git-fixes). - Update patches.suse/ibmvnic-account-for-bufs-already-saved-in-indir_buf.patch (jsc#SLE-17268 jsc#SLE-17043 bsc#1179243 ltc#189290 bsc#1188620 ltc#192221). - Update patches.suse/ibmvnic-free-tx_pool-if-tso_pool-alloc-fails.patch (bsc#1085224 ltc#164363 bsc#1188620 ltc#192221). - Update patches.suse/ibmvnic-parenthesize-a-check.patch (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes bsc#1188620 ltc#192221). - Update patches.suse/ibmvnic-set-ltb-buff-to-NULL-after-freeing.patch (bsc#1094840 ltc#167098 bsc#1188620 ltc#192221). - Update patches.suse/Revert-ibmvnic-remove-duplicate-napi_schedule-call-i.patch (bsc#1065729 bsc#1188405 ltc#193509 bsc#1187476 ltc#193646). - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode (git-fixes). - usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes). - usb: gadget: hid: fix error return code in hid_bind() (git-fixes). - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high (git-fixes). - usb: hub: Fix link power management max exit latency (MEL) calculations (git-fixes). - usb: max-3421: Prevent corruption of freed memory (git-fixes). - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop() (git-fixes). - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes). - USB: serial: cp210x: fix comments for GE CS1000 (git-fixes). - USB: serial: option: add support for u-blox LARA-R6 family (git-fixes). - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes). - uuid: Add inline helpers to import / export UUIDs (bsc#1113295, git-fixes). - virtio_console: Assure used length from device is limited (git-fixes). - virtio_net: move tx vq operation under tx queue lock (git-fixes). - vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes). - w1: ds2438: fixing bug that would always get page0 (git-fixes). - watchdog: Fix possible use-after-free by calling del_timer_sync() (git-fixes). - watchdog: Fix possible use-after-free in wdt_startup() (git-fixes). - watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes). - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() (git-fixes). - wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes). - workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973). - xen/events: reset active flag for lateeoi events later (git-fixes). - xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377). - xhci: Fix lost USB 2 remote wake (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1142=1


Package List

- openSUSE Leap 15.2 (noarch): kernel-devel-5.3.18-lp152.87.1 kernel-docs-5.3.18-lp152.87.1 kernel-docs-html-5.3.18-lp152.87.1 kernel-macros-5.3.18-lp152.87.1 kernel-source-5.3.18-lp152.87.1 kernel-source-vanilla-5.3.18-lp152.87.1 - openSUSE Leap 15.2 (x86_64): kernel-debug-5.3.18-lp152.87.1 kernel-debug-debuginfo-5.3.18-lp152.87.1 kernel-debug-debugsource-5.3.18-lp152.87.1 kernel-debug-devel-5.3.18-lp152.87.1 kernel-debug-devel-debuginfo-5.3.18-lp152.87.1 kernel-default-5.3.18-lp152.87.1 kernel-default-base-5.3.18-lp152.87.1.lp152.8.40.1 kernel-default-base-rebuild-5.3.18-lp152.87.1.lp152.8.40.1 kernel-default-debuginfo-5.3.18-lp152.87.1 kernel-default-debugsource-5.3.18-lp152.87.1 kernel-default-devel-5.3.18-lp152.87.1 kernel-default-devel-debuginfo-5.3.18-lp152.87.1 kernel-kvmsmall-5.3.18-lp152.87.1 kernel-kvmsmall-debuginfo-5.3.18-lp152.87.1 kernel-kvmsmall-debugsource-5.3.18-lp152.87.1 kernel-kvmsmall-devel-5.3.18-lp152.87.1 kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.87.1 kernel-obs-build-5.3.18-lp152.87.1 kernel-obs-build-debugsource-5.3.18-lp152.87.1 kernel-obs-qa-5.3.18-lp152.87.1 kernel-preempt-5.3.18-lp152.87.1 kernel-preempt-debuginfo-5.3.18-lp152.87.1 kernel-preempt-debugsource-5.3.18-lp152.87.1 kernel-preempt-devel-5.3.18-lp152.87.1 kernel-preempt-devel-debuginfo-5.3.18-lp152.87.1 kernel-syms-5.3.18-lp152.87.1


References

https://www.suse.com/security/cve/CVE-2021-21781.html https://www.suse.com/security/cve/CVE-2021-22543.html https://www.suse.com/security/cve/CVE-2021-3659.html https://www.suse.com/security/cve/CVE-2021-3679.html https://www.suse.com/security/cve/CVE-2021-37576.html https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1085224 https://bugzilla.suse.com/1094840 https://bugzilla.suse.com/1113295 https://bugzilla.suse.com/1153274 https://bugzilla.suse.com/1154353 https://bugzilla.suse.com/1156395 https://bugzilla.suse.com/1179243 https://bugzilla.suse.com/1183871 https://bugzilla.suse.com/1184114 https://bugzilla.suse.com/1184350 https://bugzilla.suse.com/1184631 https://bugzilla.suse.com/1185377 https://bugzilla.suse.com/1185902 https://bugzilla.suse.com/1186194 https://bugzilla.suse.com/1186264 https://bugzilla.suse.com/1186482 https://bugzilla.suse.com/1187476 https://bugzilla.suse.com/1188101 https://bugzilla.suse.com/1188405 https://bugzilla.suse.com/1188445 https://bugzilla.suse.com/1188504 https://bugzilla.suse.com/1188620 https://bugzilla.suse.com/1188683 https://bugzilla.suse.com/1188746 https://bugzilla.suse.com/1188747 https://bugzilla.suse.com/1188748 https://bugzilla.suse.com/1188770 https://bugzilla.suse.com/1188771 https://bugzilla.suse.com/1188772 https://bugzilla.suse.com/1188773 https://bugzilla.suse.com/1188774 https://bugzilla.suse.com/1188777 https://bugzilla.suse.com/1188780 https://bugzilla.suse.com/1188781 https://bugzilla.suse.com/1188782 https://bugzilla.suse.com/1188783 https://bugzilla.suse.com/1188784 https://bugzilla.suse.com/1188786 https://bugzilla.suse.com/1188787 https://bugzilla.suse.com/1188788 https://bugzilla.suse.com/1188790 https://bugzilla.suse.com/1188838 https://bugzilla.suse.com/1188842 https://bugzilla.suse.com/1188876 https://bugzilla.suse.com/1188885 https://bugzilla.suse.com/1188973 https://bugzilla.suse.com/1189021 https://bugzilla.suse.com/1189057 https://bugzilla.suse.com/1189077 https://bugzilla.suse.com/802154


Severity
Announcement ID: openSUSE-SU-2021:1142-1
Rating: important
Affected Products: openSUSE Leap 15.2 ble.

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved