SUSE: 2019:0470-1 important: the Linux Kernel

    Date 22 Feb 2019
    752
    Posted By LinuxSecurity Advisories
    An update that solves three vulnerabilities and has 24 fixes is now available.
       SUSE Security Update: Security update for the Linux Kernel
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:0470-1
    Rating:             important
    References:         #1012382 #1023175 #1087036 #1094823 #1102875 
                        #1102877 #1102879 #1102882 #1102896 #1106105 
                        #1106929 #1107866 #1109695 #1114893 #1116653 
                        #1119680 #1120722 #1120758 #1120902 #1121726 
                        #1122650 #1122651 #1122779 #1122885 #1123321 
                        #1123323 #1123357 
    Cross-References:   CVE-2017-18249 CVE-2019-3459 CVE-2019-3460
                       
    Affected Products:
                        SUSE Linux Enterprise Real Time Extension 12-SP3
    ______________________________________________________________________________
    
       An update that solves three vulnerabilities and has 24
       fixes is now available.
    
    Description:
    
       The SUSE Linux Enterprise 12 realtime kernel was updated to receive
       various security and bugfixes.
    
       The following security bugs were fixed:
    
       - CVE-2017-18249: Fixed tracking on allocated nid in the add_free_nid
         function fs/f2fs/node.c, which previously allowed local users to cause a
         denial of service (bnc#1087036).
       - CVE-2019-3459: Fixed remote heap address information leak in use of
         l2cap_get_conf_opt (bnc#1120758).
       - CVE-2019-3460: Fixed remote data leak in multiple location in the
         function l2cap_parse_conf_rsp (bnc#1120758).
    
       The following non-security bugs were fixed:
    
       - Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).
       - Fix problem with sharetransport= and NFSv4 (bsc#1114893).
       - Revert "bs-upload-kernel: do not set %opensuse_bs" This reverts commit
         e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
       - Yama: Check for pid death before checking ancestry (bnc#1012382).
       - acpi / processor: Fix the return value of acpi_processor_ids_walk() (git
         fixes (acpi)).
       - acpi/nfit: Block function zero DSMs (bsc#1123321).
       - acpi/nfit: Fix command-supported detection (bsc#1123323).
       - acpi: power: Skip duplicate power resource references in _PRx
         (bnc#1012382).
       - alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).
       - alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225
         (bnc#1012382).
       - arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).
       - arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).
       - arm64: perf: set suppress_bind_attrs flag to true (bnc#1012382).
       - ata: Fix racy link clearance (bsc#1107866).
       - block/loop: Use global lock for ioctl() operation (bnc#1012382).
       - block/swim3: Fix -EBUSY error when re-opening device after unmount
         (Git-fixes).
       - Btrfs: tree-check: reduce stack consumption in check_dir_item
         (bnc#1012382).
       - Btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).
       - Btrfs: tree-checker: Do not check max block group size as current max
         chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875
         bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).
       - Btrfs: tree-checker: Fix misleading group system information
         (bnc#1012382).
       - Btrfs: validate type when reading a chunk (bnc#1012382).
       - Btrfs: wait on ordered extents on abort cleanup (bnc#1012382).
       - can: gw: ensure DLC boundaries after CAN frame modification
         (bnc#1012382).
       - cifs: Do not hide EINTR after sending network packets (bnc#1012382).
       - cifs: Fix potential OOB access of lock element array (bnc#1012382).
       - clk: imx6q: reset exclusive gates on init (bnc#1012382).
       - crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).
       - crypto: authencesn - Avoid twice completion call in decrypt path
         (bnc#1012382).
       - crypto: cts - fix crash on short inputs (bnc#1012382).
       - crypto: user - support incremental algorithm dumps (bsc#1120902).
       - dm crypt: add cryptographic data integrity protection (authenticated
         encryption) (Git-fixes).
       - dm crypt: factor IV constructor out to separate function (Git-fixes).
       - dm crypt: fix crash by adding missing check for auth key size
         (git-fixes).
       - dm crypt: fix error return code in crypt_ctr() (git-fixes).
       - dm crypt: fix memory leak in crypt_ctr_cipher_old() (git-fixes).
       - dm crypt: introduce new format of cipher with "capi:" prefix (Git-fixes).
       - dm crypt: wipe kernel key copy after IV initialization (Git-fixes).
       - dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).
       - dm snapshot: Fix excessive memory usage and workqueue stalls
         (bnc#1012382).
       - dm: do not allow readahead to limit IO size (git fixes (readahead)).
       - e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).
       - edac: Raise the maximum number of memory controllers (bsc#1120722).
       - efi/libstub/arm64: Use hidden attribute for struct screen_info reference
         (bsc#1122650).
       - ext4: Fix crash during online resizing (bsc#1122779).
       - ext4: fix a potential fiemap/page fault deadlock w/ inline_data
         (bnc#1012382).
       - f2fs: Add sanity_check_inode() function (bnc#1012382).
       - f2fs: avoid unneeded loop in build_sit_entries (bnc#1012382).
       - f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).
       - f2fs: clean up argument of recover_data (bnc#1012382).
       - f2fs: clean up with is_valid_blkaddr() (bnc#1012382).
       - f2fs: detect wrong layout (bnc#1012382).
       - f2fs: enhance sanity_check_raw_super() to avoid potential overflow
         (bnc#1012382).
       - f2fs: factor out fsync inode entry operations (bnc#1012382).
       - f2fs: fix inode cache leak (bnc#1012382).
       - f2fs: fix invalid memory access (bnc#1012382).
       - f2fs: fix missing up_read (bnc#1012382).
       - f2fs: fix to avoid reading out encrypted data in page cache
         (bnc#1012382).
       - f2fs: fix to convert inline directory correctly (bnc#1012382).
       - f2fs: fix to determine start_cp_addr by sbi->cur_cp_pack (bnc#1012382).
       - f2fs: fix to do sanity check with block address in main area
         (bnc#1012382).
       - f2fs: fix to do sanity check with block address in main area v2
         (bnc#1012382).
       - f2fs: fix to do sanity check with cp_pack_start_sum (bnc#1012382).
       - f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).
       - f2fs: fix to do sanity check with reserved blkaddr of inline inode
         (bnc#1012382).
       - f2fs: fix to do sanity check with secs_per_zone (bnc#1012382).
       - f2fs: fix to do sanity check with user_block_count (bnc#1012382).
       - f2fs: fix validation of the block count in sanity_check_raw_super
         (bnc#1012382).
       - f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).
       - f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).
       - f2fs: introduce and spread verify_blkaddr (bnc#1012382).
       - f2fs: introduce get_checkpoint_version for cleanup (bnc#1012382).
       - f2fs: move sanity checking of cp into get_valid_checkpoint (bnc#1012382).
       - f2fs: not allow to write illegal blkaddr (bnc#1012382).
       - f2fs: put directory inodes before checkpoint in roll-forward recovery
         (bnc#1012382).
       - f2fs: remove an obsolete variable (bnc#1012382).
       - f2fs: return error during fill_super (bnc#1012382).
       - f2fs: sanity check on sit entry (bnc#1012382).
       - f2fs: use crc and cp version to determine roll-forward recovery
         (bnc#1012382).
       - gpiolib: Fix return value of gpio_to_desc() stub if !GPIOLIB (Git-fixes).
       - i2c: dev: prevent adapter retries and timeout being set as minus value
         (bnc#1012382).
       - ibmveth: Do not process frames after calling napi_reschedule
         (bcs#1123357).
       - ibmvnic: Add ethtool private flag for driver-defined queue limits
         (bsc#1121726).
       - ibmvnic: Increase maximum queue size limit (bsc#1121726).
       - ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
       - iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).
       - iommu/amd: Fix IOMMU page flush when detach device from a domain
         (bsc#1106105).
       - iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
       - iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions()
         (bsc#1106105).
       - ip: on queued skb use skb_header_pointer instead of pskb_may_pull
         (bnc#1012382).
       - ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).
       - ipv6: Consider sk_bound_dev_if when binding a socket to a v4 mapped
         address (bnc#1012382).
       - ipv6: Take rcu_read_lock in __inet6_bind for mapped addresses
         (bnc#1012382).
       - ipv6: fix kernel-infoleak in ipv6_local_error() (bnc#1012382).
       - jffs2: Fix use of uninitialized delayed_work, lockdep breakage
         (bnc#1012382).
       - kabi: reorder new slabinfo fields in struct kmem_cache_node
         (bnc#1116653).
       - kconfig: fix file name and line number of warn_ignored_character()
         (bnc#1012382).
       - kconfig: fix memory leak when EOF is encountered in quotation
         (bnc#1012382).
       - loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()
         (bnc#1012382).
       - loop: Fold __loop_release into loop_release (bnc#1012382).
       - loop: Get rid of loop_index_mutex (bnc#1012382).
       - lsm: Check for NULL cred-security on free (bnc#1012382).
       - md: batch flush requests (bsc#1119680).
       - media: em28xx: Fix misplaced reset of dev->v4l::field_count
         (bnc#1012382).
       - media: firewire: Fix app_info parameter type in avc_ca{,_app}_info
         (bnc#1012382).
       - media: vb2: be sure to unlock mutex on errors (bnc#1012382).
       - media: vb2: vb2_mmap: move lock up (bnc#1012382).
       - media: vivid: fix error handling of kthread_run (bnc#1012382).
       - media: vivid: set min width/height to a value > 0 (bnc#1012382).
       - mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).
       - mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur
         (bnc#1012382).
       - mips: fix n32 compat_ipc_parse_version (bnc#1012382).
       - mm, proc: be more verbose about unstable VMA flags in
         /proc/<pid>/smaps (bnc#1012382).
       - mm, slab: faster active and free stats (bsc#1116653, VM Performance).
       - mm, slab: maintain total slab count instead of active count
         (bsc#1116653, VM Performance).
       - mm/page-writeback.c: do not break integrity writeback on ->writepage()
         error (bnc#1012382).
       - mm/slab: improve performance of gathering slabinfo stats (bsc#1116653,
         VM Performance).
       - mm: only report isolation failures when offlining memory (generic
         hotplug debugability).
       - mmc: atmel-mci: do not assume idle after atmci_request_end (bnc#1012382).
       - net: bridge: fix a bug on using a neighbour cache entry without checking
         its state (bnc#1012382).
       - net: call sk_dst_reset when set SO_DONTROUTE (bnc#1012382).
       - net: speed up skb_rbtree_purge() (bnc#1012382).
       - ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).
       - omap2fb: Fix stack memory disclosure (bsc#1106929)
       - packet: Do not leak dev refcounts on error exit (bnc#1012382).
       - pci: altera: Check link status before retrain link (bnc#1012382).
       - pci: altera: Fix altera_pcie_link_is_up() (bnc#1012382).
       - pci: altera: Move retrain from fixup to altera_pcie_host_init()
         (bnc#1012382).
       - pci: altera: Poll for link training status after retraining the link
         (bnc#1012382).
       - pci: altera: Poll for link up status after retraining the link
         (bnc#1012382).
       - pci: altera: Reorder read/write functions (bnc#1012382).
       - pci: altera: Rework config accessors for use without a struct pci_bus
         (bnc#1012382).
       - perf intel-pt: Fix error with config term "pt=0" (bnc#1012382).
       - perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).
       - perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).
       - platform/x86: asus-wmi: Tell the EC the OS will handle the display off
         hotkey (bnc#1012382).
       - powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).
       - powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores
         (bsc#1109695).
       - powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).
       - powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).
       - powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
       - powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).
       - powerpc/smp: Rework CPU topology construction (bsc#1109695).
       - powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).
       - powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
       - powerpc: Detect the presence of big-cores via "ibm, thread-groups"
         (bsc#1109695).
       - powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores
         (bsc#1109695).
       - powerpc: make use of for_each_node_by_type() instead of open-coding it
         (bsc#1109695).
       - proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).
       - pstore/ram: Do not treat empty buffers as valid (bnc#1012382).
       - r8169: Add support for new Realtek Ethernet (bnc#1012382).
       - scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).
       - scsi: sd: Fix cache_type_store() (bnc#1012382).
       - scsi: target: use consistent left-aligned ASCII INQUIRY data
         (bnc#1012382).
       - sctp: allocate sctp_sockaddr_entry with kzalloc (bnc#1012382).
       - selinux: fix GPF on invalid policy (bnc#1012382).
       - slab: alien caches must not be initialized if the allocation of the
         alien cache failed (bnc#1012382).
       - sunrpc: handle ENOMEM in rpcb_getport_async (bnc#1012382).
       - sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).
       - tipc: fix uninit-value in tipc_nl_compat_bearer_enable (bnc#1012382).
       - tipc: fix uninit-value in tipc_nl_compat_doit (bnc#1012382).
       - tipc: fix uninit-value in tipc_nl_compat_link_reset_stats (bnc#1012382).
       - tipc: fix uninit-value in tipc_nl_compat_link_set (bnc#1012382).
       - tipc: fix uninit-value in tipc_nl_compat_name_table_dump (bnc#1012382).
       - tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).
       - usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB
         (bnc#1012382).
       - usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).
       - usb: storage: add quirk for SMI SM3350 (bnc#1012382).
       - usb: storage: do not insert sane sense for SPC3+ when bad sense
         specified (bnc#1012382).
       - writeback: do not decrement wb->refcnt if !wb->bdi (git fixes
         (writeback)).
       - x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).
    
    
    Special Instructions and Notes:
    
       Please reboot the system after installing this update.
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Real Time Extension 12-SP3:
    
          zypper in -t patch SUSE-SLE-RT-12-SP3-2019-470=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Real Time Extension 12-SP3 (noarch):
    
          kernel-devel-rt-4.4.172-3.35.1
          kernel-source-rt-4.4.172-3.35.1
    
       - SUSE Linux Enterprise Real Time Extension 12-SP3 (x86_64):
    
          cluster-md-kmp-rt-4.4.172-3.35.1
          cluster-md-kmp-rt-debuginfo-4.4.172-3.35.1
          dlm-kmp-rt-4.4.172-3.35.1
          dlm-kmp-rt-debuginfo-4.4.172-3.35.1
          gfs2-kmp-rt-4.4.172-3.35.1
          gfs2-kmp-rt-debuginfo-4.4.172-3.35.1
          kernel-rt-4.4.172-3.35.1
          kernel-rt-base-4.4.172-3.35.1
          kernel-rt-base-debuginfo-4.4.172-3.35.1
          kernel-rt-debuginfo-4.4.172-3.35.1
          kernel-rt-debugsource-4.4.172-3.35.1
          kernel-rt-devel-4.4.172-3.35.1
          kernel-rt_debug-debuginfo-4.4.172-3.35.1
          kernel-rt_debug-debugsource-4.4.172-3.35.1
          kernel-rt_debug-devel-4.4.172-3.35.1
          kernel-rt_debug-devel-debuginfo-4.4.172-3.35.1
          kernel-syms-rt-4.4.172-3.35.1
          ocfs2-kmp-rt-4.4.172-3.35.1
          ocfs2-kmp-rt-debuginfo-4.4.172-3.35.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2017-18249.html
       https://www.suse.com/security/cve/CVE-2019-3459.html
       https://www.suse.com/security/cve/CVE-2019-3460.html
       https://bugzilla.suse.com/1012382
       https://bugzilla.suse.com/1023175
       https://bugzilla.suse.com/1087036
       https://bugzilla.suse.com/1094823
       https://bugzilla.suse.com/1102875
       https://bugzilla.suse.com/1102877
       https://bugzilla.suse.com/1102879
       https://bugzilla.suse.com/1102882
       https://bugzilla.suse.com/1102896
       https://bugzilla.suse.com/1106105
       https://bugzilla.suse.com/1106929
       https://bugzilla.suse.com/1107866
       https://bugzilla.suse.com/1109695
       https://bugzilla.suse.com/1114893
       https://bugzilla.suse.com/1116653
       https://bugzilla.suse.com/1119680
       https://bugzilla.suse.com/1120722
       https://bugzilla.suse.com/1120758
       https://bugzilla.suse.com/1120902
       https://bugzilla.suse.com/1121726
       https://bugzilla.suse.com/1122650
       https://bugzilla.suse.com/1122651
       https://bugzilla.suse.com/1122779
       https://bugzilla.suse.com/1122885
       https://bugzilla.suse.com/1123321
       https://bugzilla.suse.com/1123323
       https://bugzilla.suse.com/1123357
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://lists.suse.com/mailman/listinfo/sle-security-updates
    

    LinuxSecurity Poll

    If you are using full-disk encryption: are you concerned about the resulting performance hit?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/34-if-you-are-using-full-disk-encryption-are-you-concerned-about-the-resulting-performance-hit?task=poll.vote&format=json
    34
    radio
    [{"id":"120","title":"Yes","votes":"14","type":"x","order":"1","pct":58.33,"resources":[]},{"id":"121","title":"No ","votes":"10","type":"x","order":"2","pct":41.67,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.