SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:2121-1
Rating:             important
References:         #1051510 #1065729 #1071995 #1085030 #1104967 
                    #1114279 #1144333 #1148868 #1150660 #1152107 
                    #1152472 #1152624 #1158983 #1159058 #1161016 
                    #1162002 #1162063 #1168081 #1169194 #1169514 
                    #1169795 #1170011 #1170592 #1170618 #1171124 
                    #1171424 #1171558 #1171673 #1171732 #1171761 
                    #1171868 #1171904 #1172257 #1172344 #1172458 
                    #1172484 #1172759 #1172775 #1172781 #1172782 
                    #1172783 #1172999 #1173265 #1173280 #1173428 
                    #1173462 #1173514 #1173567 #1173573 #1174115 
                    #1174462 #1174543 
Cross-References:   CVE-2019-16746 CVE-2019-20810 CVE-2019-20908
                    CVE-2020-0305 CVE-2020-10766 CVE-2020-10767
                    CVE-2020-10768 CVE-2020-10769 CVE-2020-10773
                    CVE-2020-12771 CVE-2020-12888 CVE-2020-13974
                    CVE-2020-14416 CVE-2020-15393 CVE-2020-15780
                   
Affected Products:
                    SUSE OpenStack Cloud Crowbar 9
                    SUSE OpenStack Cloud 9
                    SUSE Linux Enterprise Server for SAP 12-SP4
                    SUSE Linux Enterprise Server 12-SP4-LTSS
                    SUSE Linux Enterprise Live Patching 12-SP4
                    SUSE Linux Enterprise High Availability 12-SP4
______________________________________________________________________________

   An update that solves 15 vulnerabilities and has 37 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible
     use-after-free due to a race condition. This could lead to local
     escalation of privilege with System execution privileges needed. User
     interaction is not needed for exploitation (bnc#1174462).
   - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c
     where incorrect access permissions for the efivar_ssdt ACPI variable
     could be used by attackers to bypass lockdown or secure boot
     restrictions, aka CID-1957a85b0032 (bnc#1173567).
   - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c
     where injection of malicious ACPI tables via configfs could be used by
     attackers to bypass lockdown and secure boot restrictions, aka
     CID-75b0cea7bf30 (bnc#1173573).
   - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c has a
     memory leak, aka CID-28ebeb8db770 (bnc#1173514).
   - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a
     deadlock if a coalescing operation fails (bnc#1171732).
   - CVE-2019-16746: net/wireless/nl80211.c did not check the length of
     variable elements in a beacon head, leading to a buffer overflow
     (bnc#1152107).
   - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access
     disabled memory space (bnc#1171868).
   - CVE-2020-10769: A buffer over-read flaw was found in
     crypto_authenc_extractkeys in crypto/authenc.c in the IPsec
     Cryptographic algorithm's module, authenc. When a payload longer than 4
     bytes, and is not following 4-byte alignment boundary guidelines, it
     causes a buffer over-read threat, leading to a system crash. This flaw
     allowed a local attacker with user privileges to cause a denial of
     service (bnc#1173265).
   - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed
     (bnc#1172999).
   - CVE-2020-14416: A race condition in tty->disc_data handling in the slip
     and slcan line discipline could lead to a use-after-free, aka
     CID-0ace17d56824. This affects drivers/net/slip/slip.c and
     drivers/net/can/slcan.c (bnc#1162002).
   - CVE-2020-10768: Indirect branch speculation could have been enabled
     after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command.
     (bnc#1172783).
   - CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux
     scheduler logical bug allows an attacker to turn off the SSBD
     protection. (bnc#1172781).
   - CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled
     when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782).
   - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if
     k_ascii is called several times in a row, aka CID-b86dab054059.
     (bnc#1172775).
   - CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c
     in the Linux kernel did not call snd_card_free for a failure path, which
     causes a memory leak, aka CID-9453264ef586 (bnc#1172458).

   The following non-security bugs were fixed:

   - ACPI: PM: Avoid using power resources if there are none for D0
     (bsc#1051510).
   - ALSA: es1688: Add the missed snd_card_free() (bsc#1051510).
   - bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)).
   - block, bfq: add requeue-request hook (bsc#1104967 bsc#1171673).
   - block, bfq: postpone rq preparation to insert or merge (bsc#1104967
     bsc#1171673).
   - block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)).
   - block: sed-opal: fix sparse warning: convert __be64 data (git fixes
     (block drivers)).
   - btrfs: always wait on ordered extents at fsync time (bsc#1171761).
   - btrfs: clean up the left over logged_list usage (bsc#1171761).
   - btrfs: do not zero f_bavail if we have available space (bsc#1168081).
   - btrfs: fix list_add corruption and soft lockups in fsync (bsc#1171761).
   - btrfs: fix missing data checksums after a ranged fsync (msync)
     (bsc#1171761).
   - btrfs: fix missing file extent item for hole after ranged fsync
     (bsc#1171761).
   - btrfs: fix missing hole after hole punching and fsync when using
     NO_HOLES (bsc#1171761).
   - btrfs: fix missing semaphore unlock in btrfs_sync_file (bsc#1171761).
   - btrfs: fix rare chances for data loss when doing a fast fsync
     (bsc#1171761).
   - btrfs: Remove extra parentheses from condition in copy_items()
     (bsc#1171761).
   - btrfs: remove no longer used io_err from btrfs_log_ctx (bsc#1171761).
   - btrfs: remove no longer used logged range variables when logging extents
     (bsc#1171761).
   - btrfs: remove no longer used 'sync' member from transaction handle
     (bsc#1171761).
   - btrfs: remove remaing full_sync logic from btrfs_sync_file (bsc#1171761).
   - btrfs: remove the logged extents infrastructure (bsc#1171761).
   - btrfs: remove the wait ordered logic in the log_one_extent path
     (bsc#1171761).
   - btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124).
   - CDC-ACM: heed quirk also in error handling (git-fixes).
   - cifs: get rid of unused parameter in reconn_setup_dfs_targets()
     (bsc#1144333).
   - cifs: handle hostnames that resolve to same ip in failover (bsc#1144333
     bsc#1161016).
   - cifs: set up next DFS target before generic_ip_connect() (bsc#1144333
     bsc#1161016).
   - clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510).
   - clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
   - clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
   - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block
     drivers)).
   - compat_ioctl: block: handle Persistent Reservations (git fixes (block
     drivers)).
   - copy_{to,from}_user(): consolidate object size checks (git fixes).
   - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
     fully iterated (git-fixes).
   - dm btree: increase rebalance threshold in __rebalance2() (git fixes
     (block drivers)).
   - dm cache: fix a crash due to incorrect work item cancelling (git fixes
     (block drivers)).
   - dm crypt: fix benbi IV constructor crash if used in authenticated mode
     (git fixes (block drivers)).
   - dm: fix potential for q->make_request_fn NULL pointer (git fixes (block
     drivers)).
   - dm space map common: fix to ensure new block isn't already in use (git
     fixes (block drivers)).
   - dm: various cleanups to md->queue initialization code (git fixes).
   - dm verity fec: fix hash block number in verity_fec_decode (git fixes
     (block drivers)).
   - dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block
     drivers)).
   - Drivers: hv: Change flag to write log level in panic msg to false
     (bsc#1170618).
   - drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static
     (bsc#1051510).
   - drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1152472)  * context
     changes
   - drm: encoder_slave: fix refcouting error for modules (bsc#1114279)
   - drm/mediatek: Check plane visibility in atomic_update (bsc#1152472)  *
     context changes
   - drm/qxl: Use correct notify port address when creating cursor ring
     (bsc#1152472)
   - drm/radeon: fix double free (bsc#1152472)
   - drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1152472)
   - e1000e: Disable TSO for buffer overrun workaround (bsc#1051510).
   - e1000e: Do not wake up the system via WOL if device wakeup is disabled
     (bsc#1051510).
   - EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279).
   - evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
   - evm: Fix a small race in init_desc() (bsc#1051510).
   - extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()'
     (bsc#1051510).
   - gpiolib: Document that GPIO line names are not globally unique
     (bsc#1051510).
   - HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
   - ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397).
   - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280
     ltc#185369).
   - ibmvnic: Flush existing work items before device removal (bsc#1065729).
   - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538).
   - iio: buffer: Do not allow buffers without any channels enabled to be
     activated (bsc#1051510).
   - iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
   - ima: Directly assign the ima_default_policy pointer to ima_rules
     (bsc#1051510).
   - ima: Fix ima digest hash table key calculation (bsc#1051510).
   - include/asm-generic/topology.h: guard cpumask_of_node() macro argument
     (bsc#1148868).
   - intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115).
   - KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS
     (bsc#1114279).
   - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02
     (bsc#1114279).
   - kvm: x86: Fix L1TF mitigation for shadow MMU (bsc#1171904).
   - KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated
     (bsc#1171904).
   - KVM: x86: only do L1TF workaround on affected processors (bsc#1171904).
   - libceph: do not omit recovery_deletes in target_copy() (bsc#1173462).
   - livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995).
   - livepatch: Disallow vmlinux.ko (bsc#1071995).
   - livepatch: Make klp_apply_object_relocs static (bsc#1071995).
   - livepatch: Prevent module-specific KLP rela sections from referencing
     vmlinux symbols (bsc#1071995).
   - livepatch: Remove .klp.arch (bsc#1071995).
   - md: Avoid namespace collision with bitmap API (git fixes (block
     drivers)).
   - md: use memalloc scope APIs in mddev_suspend()/mddev_resume() (git fixes
     (block drivers)).
   - mmc: fix compilation of user API (bsc#1051510).
   - netfilter: connlabels: prefer static lock initialiser (git-fixes).
   - netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795).
   - netfilter: not mark a spinlock as __read_mostly (git-fixes).
   - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in
     vmxnet3_get_rss() (bsc#1172484).
   - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid()
     (bsc#1170592).
   - NFSv4: Retry CLOSE and DELEGRETURN on NFS4ERR_OLD_STATEID (bsc#1170592).
   - nvme: check for NVME_CTRL_LIVE in nvme_report_ns_ids() (bcs#1171558
     bsc#1159058).
   - nvme: do not update multipath disk information if the controller is down
     (bcs#1171558 bsc#1159058).
   - objtool: Clean instruction state before each function validation
     (bsc#1169514).
   - objtool: Ignore empty alternatives (bsc#1169514).
   - overflow: Fix -Wtype-limits compilation warnings (git fixes).
   - overflow.h: Add arithmetic shift helper (git fixes).
   - p54usb: add AirVasT USB stick device-id (bsc#1051510).
   - PCI: Allow pci_resize_resource() for devices on root bus (bsc#1051510).
   - PCI: Fix pci_register_host_bridge() device_register() error handling
     (bsc#1051510).
   - PCI: Program MPS for RCiEP devices (bsc#1051510).
   - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port
     (bsc#1051510).
   - perf: Allocate context task_ctx_data for child event (git-fixes).
   - perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).
   - perf: Copy parent's address filter offsets on clone (git-fixes).
   - perf/core: Add sanity check to deal with pinned event failure
     (git-fixes).
   - perf/core: Avoid freeing static PMU contexts when PMU is unregistered
     (git-fixes).
   - perf/core: Correct event creation with PERF_FORMAT_GROUP (git-fixes).
   - perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).
   - perf/core: Fix bad use of igrab() (git fixes (dependent patch)).
   - perf/core: Fix crash when using HW tracing kernel filters (git-fixes).
   - perf/core: Fix ctx_event_type in ctx_resched() (git-fixes).
   - perf/core: Fix error handling in perf_event_alloc() (git-fixes).
   - perf/core: Fix exclusive events' grouping (git-fixes).
   - perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).
   - perf/core: Fix impossible ring-buffer sizes warning (git-fixes).
   - perf/core: Fix locking for children siblings group read (git-fixes).
   - perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes
     (dependent patch for 18736eef1213)).
   - perf/core: Fix perf_event_read_value() locking (git-fixes).
   - perf/core: Fix perf_pmu_unregister() locking (git-fixes).
   - perf/core: Fix __perf_read_group_add() locking (git-fixes (dependent
     patch)).
   - perf/core: Fix perf_sample_regs_user() mm check (git-fixes).
   - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).
   - perf/core: Fix race between close() and fork() (git-fixes).
   - perf/core: Fix the address filtering fix (git-fixes).
   - perf/core: Fix use-after-free in uprobe_perf_close() (git-fixes).
   - perf/core: Force USER_DS when recording user stack data (git-fixes).
   - perf/core: Restore mmap record type correctly (git-fixes).
   - perf: Fix header.size for namespace events (git-fixes).
   - perf/ioctl: Add check for the sample_period value (git-fixes).
   - perf, pt, coresight: Fix address filters for vmas with non-zero offset
     (git-fixes).
   - perf: Return proper values for user stack errors (git-fixes).
   - perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes).
   - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus
     precise RIP validity (git-fixes).
   - perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes).
   - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family
     (10h) (git-fixes).
   - perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static
     (git-fixes).
   - perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3
     PMCs (git-fixes stable).
   - perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes).
   - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf
     events (git-fixes stable).
   - perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes).
   - perf/x86: Fix incorrect PEBS_REGS (git-fixes).
   - perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts()
     (git-fixes).
   - perf/x86/intel: Add proper condition to run sched_task callbacks
     (git-fixes).
   - perf/x86/intel/bts: Fix the use of page_private() (git-fixes).
   - perf/x86/intel: Fix PT PMI handling (git-fixes).
   - perf/x86/intel: Move branch tracing setup to the Intel-specific source
     file (git-fixes).
   - perf/x86/intel/uncore: Add Node ID mask (git-fixes).
   - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes).
   - perf/x86/pt, coresight: Clean up address filter structure (git fixes
     (dependent patch)).
   - perf/x86/uncore: Fix event group support (git-fixes).
   - pid: Improve the comment about waiting in zap_pid_ns_processes (git
     fixes)).
   - pinctrl: freescale: imx: Fix an error handling path in
     'imx_pinctrl_probe()' (bsc#1051510).
   - pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()'
     (bsc#1051510).
   - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE
     GPIOs (bsc#1051510).
   - pnp: Use list_for_each_entry() instead of open coding (git fixes).
   - powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729).
   - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init
     (bsc#1065729).
   - powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030).
   - power: supply: bq24257_charger: Replace depends on REGMAP_I2C with
     select (bsc#1051510).
   - power: supply: lp8788: Fix an error handling path in
     'lp8788_charger_probe()' (bsc#1051510).
   - power: supply: smb347-charger: IRQSTAT_D is volatile (bsc#1051510).
   - raid5: remove gfp flags from scribble_alloc() (git fixes (block
     drivers)).
   - resolve KABI warning for perf-pt-coresight (git-fixes).
   - Revert "bcache: ignore pending signals when creating gc and allocator
     thread" (git fixes (block drivers)).
   - Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues" (git
     fixes (block drivers)).
   - Revert "tools lib traceevent: Remove unneeded qsort and uses memmove"
   - rpm/kernel-docs.spec.in: Require python-packaging for build.
   - s390/bpf: Maintain 8-byte stack alignment (bsc#1169194).
   - s390: fix syscall_get_error for compat processes (git-fixes).
   - s390/qdio: consistently restore the IRQ handler (git-fixes).
   - s390/qdio: lock device while installing IRQ handler (git-fixes).
   - s390/qdio: put thinint indicator after early error (git-fixes).
   - s390/qdio: tear down thinint indicator after early error (git-fixes).
   - s390/qeth: fix error handling for isolation mode cmds (git-fixes).
   - scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM
     (bsc#1172759 ltc#184814).
   - scsi: qedf: Add port_id getter (bsc#1150660).
   - scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request
     (bsc#1158983).
   - spi: dw: use "smp_mb()" to avoid sending spi data error (bsc#1051510).
   - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (bsc#1051510).
   - staging: sm750fb: add missing case while setting FB_VISUAL (bsc#1051510).
   - SUNRPC: The TCP back channel mustn't disappear while requests are
     outstanding (bsc#1152624).
   - tracing: Fix event trigger to accept redundant spaces (git-fixes).
   - tty: n_gsm: Fix bogus i++ in gsm_data_kick (bsc#1051510).
   - tty: n_gsm: Fix SOF skipping (bsc#1051510).
   - tty: n_gsm: Fix waking up upper tty layer when room available
     (bsc#1051510).
   - usb: dwc2: gadget: move gadget resume after the core is in L0 state
     (bsc#1051510).
   - usb: gadget: lpc32xx_udc: do not dereference ep pointer before null
     check (bsc#1051510).
   - usb: gadget: udc: s3c2410_udc: Remove pointless NULL check in
     s3c2410_udc_nuke (bsc#1051510).
   - usb: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe()
     (bsc#1051510).
   - usb: musb: Fix runtime PM imbalance on error (bsc#1051510).
   - usb: musb: start session in resume for host port (bsc#1051510).
   - usb: serial: option: add Telit LE910C1-EUX compositions (bsc#1051510).
   - usb: serial: qcserial: add DW5816e QDL support (bsc#1051510).
   - usb: serial: usb_wwan: do not resubmit rx urb on fatal errors     (bsc#1051510).
   - usb: serial: usb_wwan: do not resubmit rx urb on fatal errors     (git-fixes).
   - virtio-blk: handle block_device_operations callbacks after hot unplug
     (git fixes (block drivers)).
   - vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484).
   - vmxnet3: add support to get/set rx flow hash (bsc#1172484).
   - vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484).
   - vmxnet3: avoid format strint overflow warning (bsc#1172484).
   - vmxnet3: prepare for version 4 changes (bsc#1172484).
   - vmxnet3: Remove always false conditional statement (bsc#1172484).
   - vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1172484).
   - vmxnet3: remove unused flag "rxcsum" from struct vmxnet3_adapter
     (bsc#1172484).
   - vmxnet3: Replace msleep(1) with usleep_range() (bsc#1172484).
   - vmxnet3: update to version 4 (bsc#1172484).
   - vmxnet3: use correct hdr reference when packet is encapsulated
     (bsc#1172484).
   - w1: omap-hdq: cleanup to add missing newline for some dev_dbg
     (bsc#1051510).
   - work around mvfs bug (bsc#1162063).
   - x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1114279).
   - x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS
     (git-fixes).
   - x86: Fix early boot crash on gcc-10, third try (bsc#1114279).
   - x86/{mce,mm}: Unmap the entire page if the whole page is affected and
     poisoned (bsc#1172257).
   - x86/reboot/quirks: Add MacBook6,1 reboot quirk (bsc#1114279).
   - xfrm: fix error in comment (git fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2121=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2020-2121=1

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-2121=1

   - SUSE Linux Enterprise Server 12-SP4-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-2121=1

   - SUSE Linux Enterprise Live Patching 12-SP4:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2020-2121=1

   - SUSE Linux Enterprise High Availability 12-SP4:

      zypper in -t patch SUSE-SLE-HA-12-SP4-2020-2121=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (x86_64):

      kernel-default-4.12.14-95.57.1
      kernel-default-base-4.12.14-95.57.1
      kernel-default-base-debuginfo-4.12.14-95.57.1
      kernel-default-debuginfo-4.12.14-95.57.1
      kernel-default-debugsource-4.12.14-95.57.1
      kernel-default-devel-4.12.14-95.57.1
      kernel-default-devel-debuginfo-4.12.14-95.57.1
      kernel-syms-4.12.14-95.57.1

   - SUSE OpenStack Cloud Crowbar 9 (noarch):

      kernel-devel-4.12.14-95.57.1
      kernel-macros-4.12.14-95.57.1
      kernel-source-4.12.14-95.57.1

   - SUSE OpenStack Cloud 9 (noarch):

      kernel-devel-4.12.14-95.57.1
      kernel-macros-4.12.14-95.57.1
      kernel-source-4.12.14-95.57.1

   - SUSE OpenStack Cloud 9 (x86_64):

      kernel-default-4.12.14-95.57.1
      kernel-default-base-4.12.14-95.57.1
      kernel-default-base-debuginfo-4.12.14-95.57.1
      kernel-default-debuginfo-4.12.14-95.57.1
      kernel-default-debugsource-4.12.14-95.57.1
      kernel-default-devel-4.12.14-95.57.1
      kernel-default-devel-debuginfo-4.12.14-95.57.1
      kernel-syms-4.12.14-95.57.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):

      kernel-default-4.12.14-95.57.1
      kernel-default-base-4.12.14-95.57.1
      kernel-default-base-debuginfo-4.12.14-95.57.1
      kernel-default-debuginfo-4.12.14-95.57.1
      kernel-default-debugsource-4.12.14-95.57.1
      kernel-default-devel-4.12.14-95.57.1
      kernel-syms-4.12.14-95.57.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch):

      kernel-devel-4.12.14-95.57.1
      kernel-macros-4.12.14-95.57.1
      kernel-source-4.12.14-95.57.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64):

      kernel-default-devel-debuginfo-4.12.14-95.57.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):

      kernel-default-4.12.14-95.57.1
      kernel-default-base-4.12.14-95.57.1
      kernel-default-base-debuginfo-4.12.14-95.57.1
      kernel-default-debuginfo-4.12.14-95.57.1
      kernel-default-debugsource-4.12.14-95.57.1
      kernel-default-devel-4.12.14-95.57.1
      kernel-syms-4.12.14-95.57.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (x86_64):

      kernel-default-devel-debuginfo-4.12.14-95.57.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch):

      kernel-devel-4.12.14-95.57.1
      kernel-macros-4.12.14-95.57.1
      kernel-source-4.12.14-95.57.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (s390x):

      kernel-default-man-4.12.14-95.57.1

   - SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le s390x x86_64):

      kernel-default-kgraft-4.12.14-95.57.1
      kernel-default-kgraft-devel-4.12.14-95.57.1
      kgraft-patch-4_12_14-95_57-default-1-6.3.1

   - SUSE Linux Enterprise High Availability 12-SP4 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.12.14-95.57.1
      cluster-md-kmp-default-debuginfo-4.12.14-95.57.1
      dlm-kmp-default-4.12.14-95.57.1
      dlm-kmp-default-debuginfo-4.12.14-95.57.1
      gfs2-kmp-default-4.12.14-95.57.1
      gfs2-kmp-default-debuginfo-4.12.14-95.57.1
      kernel-default-debuginfo-4.12.14-95.57.1
      kernel-default-debugsource-4.12.14-95.57.1
      ocfs2-kmp-default-4.12.14-95.57.1
      ocfs2-kmp-default-debuginfo-4.12.14-95.57.1


References:

   https://www.suse.com/security/cve/CVE-2019-16746.html
   https://www.suse.com/security/cve/CVE-2019-20810.html
   https://www.suse.com/security/cve/CVE-2019-20908.html
   https://www.suse.com/security/cve/CVE-2020-0305.html
   https://www.suse.com/security/cve/CVE-2020-10766.html
   https://www.suse.com/security/cve/CVE-2020-10767.html
   https://www.suse.com/security/cve/CVE-2020-10768.html
   https://www.suse.com/security/cve/CVE-2020-10769.html
   https://www.suse.com/security/cve/CVE-2020-10773.html
   https://www.suse.com/security/cve/CVE-2020-12771.html
   https://www.suse.com/security/cve/CVE-2020-12888.html
   https://www.suse.com/security/cve/CVE-2020-13974.html
   https://www.suse.com/security/cve/CVE-2020-14416.html
   https://www.suse.com/security/cve/CVE-2020-15393.html
   https://www.suse.com/security/cve/CVE-2020-15780.html
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1071995
   https://bugzilla.suse.com/1085030
   https://bugzilla.suse.com/1104967
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1144333
   https://bugzilla.suse.com/1148868
   https://bugzilla.suse.com/1150660
   https://bugzilla.suse.com/1152107
   https://bugzilla.suse.com/1152472
   https://bugzilla.suse.com/1152624
   https://bugzilla.suse.com/1158983
   https://bugzilla.suse.com/1159058
   https://bugzilla.suse.com/1161016
   https://bugzilla.suse.com/1162002
   https://bugzilla.suse.com/1162063
   https://bugzilla.suse.com/1168081
   https://bugzilla.suse.com/1169194
   https://bugzilla.suse.com/1169514
   https://bugzilla.suse.com/1169795
   https://bugzilla.suse.com/1170011
   https://bugzilla.suse.com/1170592
   https://bugzilla.suse.com/1170618
   https://bugzilla.suse.com/1171124
   https://bugzilla.suse.com/1171424
   https://bugzilla.suse.com/1171558
   https://bugzilla.suse.com/1171673
   https://bugzilla.suse.com/1171732
   https://bugzilla.suse.com/1171761
   https://bugzilla.suse.com/1171868
   https://bugzilla.suse.com/1171904
   https://bugzilla.suse.com/1172257
   https://bugzilla.suse.com/1172344
   https://bugzilla.suse.com/1172458
   https://bugzilla.suse.com/1172484
   https://bugzilla.suse.com/1172759
   https://bugzilla.suse.com/1172775
   https://bugzilla.suse.com/1172781
   https://bugzilla.suse.com/1172782
   https://bugzilla.suse.com/1172783
   https://bugzilla.suse.com/1172999
   https://bugzilla.suse.com/1173265
   https://bugzilla.suse.com/1173280
   https://bugzilla.suse.com/1173428
   https://bugzilla.suse.com/1173462
   https://bugzilla.suse.com/1173514
   https://bugzilla.suse.com/1173567
   https://bugzilla.suse.com/1173573
   https://bugzilla.suse.com/1174115
   https://bugzilla.suse.com/1174462
   https://bugzilla.suse.com/1174543

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2020:2121-1 important: the Linux Kernel

August 4, 2020
An update that solves 15 vulnerabilities and has 37 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP4 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0305: In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1174462). - CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c where incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032 (bnc#1173567). - CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c where injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30 (bnc#1173573). - CVE-2020-15393: usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770 (bnc#1173514). - CVE-2020-12771: btree_gc_coalesce in drivers/md/bcache/btree.c had a deadlock if a coalescing operation fails (bnc#1171732). - CVE-2019-16746: net/wireless/nl80211.c did not check the length of variable elements in a beacon head, leading to a buffer overflow (bnc#1152107). - CVE-2020-12888: The VFIO PCI driver mishandled attempts to access disabled memory space (bnc#1171868). - CVE-2020-10769: A buffer over-read flaw was found in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allowed a local attacker with user privileges to cause a denial of service (bnc#1173265). - CVE-2020-10773: A kernel stack information leak on s390/s390x was fixed (bnc#1172999). - CVE-2020-14416: A race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c (bnc#1162002). - CVE-2020-10768: Indirect branch speculation could have been enabled after it was force-disabled by the PR_SPEC_FORCE_DISABLE prctl command. (bnc#1172783). - CVE-2020-10766: Fixed Rogue cross-process SSBD shutdown, where a Linux scheduler logical bug allows an attacker to turn off the SSBD protection. (bnc#1172781). - CVE-2020-10767: Indirect Branch Prediction Barrier was force-disabled when STIBP is unavailable or enhanced IBRS is available. (bnc#1172782). - CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. (bnc#1172775). - CVE-2019-20810: go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel did not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586 (bnc#1172458). The following non-security bugs were fixed: - ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510). - ALSA: es1688: Add the missed snd_card_free() (bsc#1051510). - bcache: Fix an error code in bch_dump_read() (git fixes (block drivers)). - block, bfq: add requeue-request hook (bsc#1104967 bsc#1171673). - block, bfq: postpone rq preparation to insert or merge (bsc#1104967 bsc#1171673). - block: remove QUEUE_FLAG_STACKABLE (git fixes (block drivers)). - block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)). - btrfs: always wait on ordered extents at fsync time (bsc#1171761). - btrfs: clean up the left over logged_list usage (bsc#1171761). - btrfs: do not zero f_bavail if we have available space (bsc#1168081). - btrfs: fix list_add corruption and soft lockups in fsync (bsc#1171761). - btrfs: fix missing data checksums after a ranged fsync (msync) (bsc#1171761). - btrfs: fix missing file extent item for hole after ranged fsync (bsc#1171761). - btrfs: fix missing hole after hole punching and fsync when using NO_HOLES (bsc#1171761). - btrfs: fix missing semaphore unlock in btrfs_sync_file (bsc#1171761). - btrfs: fix rare chances for data loss when doing a fast fsync (bsc#1171761). - btrfs: Remove extra parentheses from condition in copy_items() (bsc#1171761). - btrfs: remove no longer used io_err from btrfs_log_ctx (bsc#1171761). - btrfs: remove no longer used logged range variables when logging extents (bsc#1171761). - btrfs: remove no longer used 'sync' member from transaction handle (bsc#1171761). - btrfs: remove remaing full_sync logic from btrfs_sync_file (bsc#1171761). - btrfs: remove the logged extents infrastructure (bsc#1171761). - btrfs: remove the wait ordered logic in the log_one_extent path (bsc#1171761). - btrfs: volumes: Remove ENOSPC-prone btrfs_can_relocate() (bsc#1171124). - CDC-ACM: heed quirk also in error handling (git-fixes). - cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1144333). - cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016). - cifs: set up next DFS target before generic_ip_connect() (bsc#1144333 bsc#1161016). - clk: bcm2835: Fix return type of bcm2835_register_gate (bsc#1051510). - clk: clk-flexgen: fix clock-critical handling (bsc#1051510). - clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510). - compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)). - compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)). - copy_{to,from}_user(): consolidate object size checks (git fixes). - crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is fully iterated (git-fixes). - dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)). - dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)). - dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)). - dm: fix potential for q->make_request_fn NULL pointer (git fixes (block drivers)). - dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)). - dm: various cleanups to md->queue initialization code (git fixes). - dm verity fec: fix hash block number in verity_fec_decode (git fixes (block drivers)). - dm verity fec: fix memory leak in verity_fec_dtr (git fixes (block drivers)). - Drivers: hv: Change flag to write log level in panic msg to false (bsc#1170618). - drivers: soc: ti: knav_qmss_queue: Make knav_gp_range_ops static (bsc#1051510). - drm/dp_mst: Increase ACT retry timeout to 3s (bsc#1152472) * context changes - drm: encoder_slave: fix refcouting error for modules (bsc#1114279) - drm/mediatek: Check plane visibility in atomic_update (bsc#1152472) * context changes - drm/qxl: Use correct notify port address when creating cursor ring (bsc#1152472) - drm/radeon: fix double free (bsc#1152472) - drm/radeon: fix fb_div check in ni_init_smc_spll_table() (bsc#1152472) - e1000e: Disable TSO for buffer overrun workaround (bsc#1051510). - e1000e: Do not wake up the system via WOL if device wakeup is disabled (bsc#1051510). - EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1114279). - evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510). - evm: Fix a small race in init_desc() (bsc#1051510). - extcon: adc-jack: Fix an error handling path in 'adc_jack_probe()' (bsc#1051510). - gpiolib: Document that GPIO line names are not globally unique (bsc#1051510). - HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510). - ibmveth: Fix max MTU limit (bsc#1173428 ltc#186397). - ibmvnic: continue to init in CRQ reset returns H_CLOSED (bsc#1173280 ltc#185369). - ibmvnic: Flush existing work items before device removal (bsc#1065729). - ibmvnic: Harden device login requests (bsc#1170011 ltc#183538). - iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510). - iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510). - ima: Directly assign the ima_default_policy pointer to ima_rules (bsc#1051510). - ima: Fix ima digest hash table key calculation (bsc#1051510). - include/asm-generic/topology.h: guard cpumask_of_node() macro argument (bsc#1148868). - intel_idle: Graceful probe failure when MWAIT is disabled (bsc#1174115). - KVM: nVMX: Do not reread VMCS-agnostic state when switching VMCS (bsc#1114279). - KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc#1114279). - kvm: x86: Fix L1TF mitigation for shadow MMU (bsc#1171904). - KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904). - KVM: x86: only do L1TF workaround on affected processors (bsc#1171904). - libceph: do not omit recovery_deletes in target_copy() (bsc#1173462). - livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995). - livepatch: Disallow vmlinux.ko (bsc#1071995). - livepatch: Make klp_apply_object_relocs static (bsc#1071995). - livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995). - livepatch: Remove .klp.arch (bsc#1071995). - md: Avoid namespace collision with bitmap API (git fixes (block drivers)). - md: use memalloc scope APIs in mddev_suspend()/mddev_resume() (git fixes (block drivers)). - mmc: fix compilation of user API (bsc#1051510). - netfilter: connlabels: prefer static lock initialiser (git-fixes). - netfilter: ctnetlink: netns exit must wait for callbacks (bsc#1169795). - netfilter: not mark a spinlock as __read_mostly (git-fixes). - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() (bsc#1172484). - NFS: Fix an RCU lock leak in nfs4_refresh_delegation_stateid() (bsc#1170592). - NFSv4: Retry CLOSE and DELEGRETURN on NFS4ERR_OLD_STATEID (bsc#1170592). - nvme: check for NVME_CTRL_LIVE in nvme_report_ns_ids() (bcs#1171558 bsc#1159058). - nvme: do not update multipath disk information if the controller is down (bcs#1171558 bsc#1159058). - objtool: Clean instruction state before each function validation (bsc#1169514). - objtool: Ignore empty alternatives (bsc#1169514). - overflow: Fix -Wtype-limits compilation warnings (git fixes). - overflow.h: Add arithmetic shift helper (git fixes). - p54usb: add AirVasT USB stick device-id (bsc#1051510). - PCI: Allow pci_resize_resource() for devices on root bus (bsc#1051510). - PCI: Fix pci_register_host_bridge() device_register() error handling (bsc#1051510). - PCI: Program MPS for RCiEP devices (bsc#1051510). - PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port (bsc#1051510). - perf: Allocate context task_ctx_data for child event (git-fixes). - perf/cgroup: Fix perf cgroup hierarchy support (git-fixes). - perf: Copy parent's address filter offsets on clone (git-fixes). - perf/core: Add sanity check to deal with pinned event failure (git-fixes). - perf/core: Avoid freeing static PMU contexts when PMU is unregistered (git-fixes). - perf/core: Correct event creation with PERF_FORMAT_GROUP (git-fixes). - perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes). - perf/core: Fix bad use of igrab() (git fixes (dependent patch)). - perf/core: Fix crash when using HW tracing kernel filters (git-fixes). - perf/core: Fix ctx_event_type in ctx_resched() (git-fixes). - perf/core: Fix error handling in perf_event_alloc() (git-fixes). - perf/core: Fix exclusive events' grouping (git-fixes). - perf/core: Fix group scheduling with mixed hw and sw events (git-fixes). - perf/core: Fix impossible ring-buffer sizes warning (git-fixes). - perf/core: Fix locking for children siblings group read (git-fixes). - perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes (dependent patch for 18736eef1213)). - perf/core: Fix perf_event_read_value() locking (git-fixes). - perf/core: Fix perf_pmu_unregister() locking (git-fixes). - perf/core: Fix __perf_read_group_add() locking (git-fixes (dependent patch)). - perf/core: Fix perf_sample_regs_user() mm check (git-fixes). - perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes). - perf/core: Fix race between close() and fork() (git-fixes). - perf/core: Fix the address filtering fix (git-fixes). - perf/core: Fix use-after-free in uprobe_perf_close() (git-fixes). - perf/core: Force USER_DS when recording user stack data (git-fixes). - perf/core: Restore mmap record type correctly (git-fixes). - perf: Fix header.size for namespace events (git-fixes). - perf/ioctl: Add check for the sample_period value (git-fixes). - perf, pt, coresight: Fix address filters for vmas with non-zero offset (git-fixes). - perf: Return proper values for user stack errors (git-fixes). - perf/x86/amd: Constrain Large Increment per Cycle events (git-fixes). - perf/x86/amd/ibs: Fix reading of the IBS OpData register and thus precise RIP validity (git-fixes). - perf/x86/amd/ibs: Fix sample bias for dispatched micro-ops (git-fixes). - perf/x86/amd/ibs: Handle erratum #420 only on the affected CPU family (10h) (git-fixes). - perf/x86/amd/iommu: Make the 'amd_iommu_attr_groups' symbol static (git-fixes). - perf/x86/amd/uncore: Do not set 'ThreadMask' and 'SliceMask' for non-L3 PMCs (git-fixes stable). - perf/x86/amd/uncore: Set the thread mask for F17h L3 PMCs (git-fixes). - perf/x86/amd/uncore: Set ThreadMask and SliceMask for L3 Cache perf events (git-fixes stable). - perf/x86: Enable free running PEBS for REGS_USER/INTR (git-fixes). - perf/x86: Fix incorrect PEBS_REGS (git-fixes). - perf/x86/intel: Add generic branch tracing check to intel_pmu_has_bts() (git-fixes). - perf/x86/intel: Add proper condition to run sched_task callbacks (git-fixes). - perf/x86/intel/bts: Fix the use of page_private() (git-fixes). - perf/x86/intel: Fix PT PMI handling (git-fixes). - perf/x86/intel: Move branch tracing setup to the Intel-specific source file (git-fixes). - perf/x86/intel/uncore: Add Node ID mask (git-fixes). - perf/x86/intel/uncore: Fix PCI BDF address of M3UPI on SKX (git-fixes). - perf/x86/pt, coresight: Clean up address filter structure (git fixes (dependent patch)). - perf/x86/uncore: Fix event group support (git-fixes). - pid: Improve the comment about waiting in zap_pid_ns_processes (git fixes)). - pinctrl: freescale: imx: Fix an error handling path in 'imx_pinctrl_probe()' (bsc#1051510). - pinctrl: imxl: Fix an error handling path in 'imx1_pinctrl_core_probe()' (bsc#1051510). - pinctrl: samsung: Save/restore eint_mask over suspend for EINT_TYPE GPIOs (bsc#1051510). - pnp: Use list_for_each_entry() instead of open coding (git fixes). - powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729). - powerpc/64s: Save FSCR to init_task.thread.fscr after feature init (bsc#1065729). - powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030). - power: supply: bq24257_charger: Replace depends on REGMAP_I2C with select (bsc#1051510). - power: supply: lp8788: Fix an error handling path in 'lp8788_charger_probe()' (bsc#1051510). - power: supply: smb347-charger: IRQSTAT_D is volatile (bsc#1051510). - raid5: remove gfp flags from scribble_alloc() (git fixes (block drivers)). - resolve KABI warning for perf-pt-coresight (git-fixes). - Revert "bcache: ignore pending signals when creating gc and allocator thread" (git fixes (block drivers)). - Revert "dm crypt: use WQ_HIGHPRI for the IO and crypt workqueues" (git fixes (block drivers)). - Revert "tools lib traceevent: Remove unneeded qsort and uses memmove" - rpm/kernel-docs.spec.in: Require python-packaging for build. - s390/bpf: Maintain 8-byte stack alignment (bsc#1169194). - s390: fix syscall_get_error for compat processes (git-fixes). - s390/qdio: consistently restore the IRQ handler (git-fixes). - s390/qdio: lock device while installing IRQ handler (git-fixes). - s390/qdio: put thinint indicator after early error (git-fixes). - s390/qdio: tear down thinint indicator after early error (git-fixes). - s390/qeth: fix error handling for isolation mode cmds (git-fixes). - scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM (bsc#1172759 ltc#184814). - scsi: qedf: Add port_id getter (bsc#1150660). - scsi: qla2xxx: Set NVMe status code for failed NVMe FCP request (bsc#1158983). - spi: dw: use "smp_mb()" to avoid sending spi data error (bsc#1051510). - staging: rtl8712: Fix IEEE80211_ADDBA_PARAM_BUF_SIZE_MASK (bsc#1051510). - staging: sm750fb: add missing case while setting FB_VISUAL (bsc#1051510). - SUNRPC: The TCP back channel mustn't disappear while requests are outstanding (bsc#1152624). - tracing: Fix event trigger to accept redundant spaces (git-fixes). - tty: n_gsm: Fix bogus i++ in gsm_data_kick (bsc#1051510). - tty: n_gsm: Fix SOF skipping (bsc#1051510). - tty: n_gsm: Fix waking up upper tty layer when room available (bsc#1051510). - usb: dwc2: gadget: move gadget resume after the core is in L0 state (bsc#1051510). - usb: gadget: lpc32xx_udc: do not dereference ep pointer before null check (bsc#1051510). - usb: gadget: udc: s3c2410_udc: Remove pointless NULL check in s3c2410_udc_nuke (bsc#1051510). - usb: host: ehci-mxc: Add error handling in ehci_mxc_drv_probe() (bsc#1051510). - usb: musb: Fix runtime PM imbalance on error (bsc#1051510). - usb: musb: start session in resume for host port (bsc#1051510). - usb: serial: option: add Telit LE910C1-EUX compositions (bsc#1051510). - usb: serial: qcserial: add DW5816e QDL support (bsc#1051510). - usb: serial: usb_wwan: do not resubmit rx urb on fatal errors (bsc#1051510). - usb: serial: usb_wwan: do not resubmit rx urb on fatal errors (git-fixes). - virtio-blk: handle block_device_operations callbacks after hot unplug (git fixes (block drivers)). - vmxnet3: add geneve and vxlan tunnel offload support (bsc#1172484). - vmxnet3: add support to get/set rx flow hash (bsc#1172484). - vmxnet3: allow rx flow hash ops only when rss is enabled (bsc#1172484). - vmxnet3: avoid format strint overflow warning (bsc#1172484). - vmxnet3: prepare for version 4 changes (bsc#1172484). - vmxnet3: Remove always false conditional statement (bsc#1172484). - vmxnet3: remove redundant initialization of pointer 'rq' (bsc#1172484). - vmxnet3: remove unused flag "rxcsum" from struct vmxnet3_adapter (bsc#1172484). - vmxnet3: Replace msleep(1) with usleep_range() (bsc#1172484). - vmxnet3: update to version 4 (bsc#1172484). - vmxnet3: use correct hdr reference when packet is encapsulated (bsc#1172484). - w1: omap-hdq: cleanup to add missing newline for some dev_dbg (bsc#1051510). - work around mvfs bug (bsc#1162063). - x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1114279). - x86/events/intel/ds: Add PERF_SAMPLE_PERIOD into PEBS_FREERUNNING_FLAGS (git-fixes). - x86: Fix early boot crash on gcc-10, third try (bsc#1114279). - x86/{mce,mm}: Unmap the entire page if the whole page is affected and poisoned (bsc#1172257). - x86/reboot/quirks: Add MacBook6,1 reboot quirk (bsc#1114279). - xfrm: fix error in comment (git fixes).

References

#1051510 #1065729 #1071995 #1085030 #1104967

#1114279 #1144333 #1148868 #1150660 #1152107

#1152472 #1152624 #1158983 #1159058 #1161016

#1162002 #1162063 #1168081 #1169194 #1169514

#1169795 #1170011 #1170592 #1170618 #1171124

#1171424 #1171558 #1171673 #1171732 #1171761

#1171868 #1171904 #1172257 #1172344 #1172458

#1172484 #1172759 #1172775 #1172781 #1172782

#1172783 #1172999 #1173265 #1173280 #1173428

#1173462 #1173514 #1173567 #1173573 #1174115

#1174462 #1174543

Cross- CVE-2019-16746 CVE-2019-20810 CVE-2019-20908

CVE-2020-0305 CVE-2020-10766 CVE-2020-10767

CVE-2020-10768 CVE-2020-10769 CVE-2020-10773

CVE-2020-12771 CVE-2020-12888 CVE-2020-13974

CVE-2020-14416 CVE-2020-15393 CVE-2020-15780

Affected Products:

SUSE OpenStack Cloud Crowbar 9

SUSE OpenStack Cloud 9

SUSE Linux Enterprise Server for SAP 12-SP4

SUSE Linux Enterprise Server 12-SP4-LTSS

SUSE Linux Enterprise Live Patching 12-SP4

SUSE Linux Enterprise High Availability 12-SP4

https://www.suse.com/security/cve/CVE-2019-16746.html

https://www.suse.com/security/cve/CVE-2019-20810.html

https://www.suse.com/security/cve/CVE-2019-20908.html

https://www.suse.com/security/cve/CVE-2020-0305.html

https://www.suse.com/security/cve/CVE-2020-10766.html

https://www.suse.com/security/cve/CVE-2020-10767.html

https://www.suse.com/security/cve/CVE-2020-10768.html

https://www.suse.com/security/cve/CVE-2020-10769.html

https://www.suse.com/security/cve/CVE-2020-10773.html

https://www.suse.com/security/cve/CVE-2020-12771.html

https://www.suse.com/security/cve/CVE-2020-12888.html

https://www.suse.com/security/cve/CVE-2020-13974.html

https://www.suse.com/security/cve/CVE-2020-14416.html

https://www.suse.com/security/cve/CVE-2020-15393.html

https://www.suse.com/security/cve/CVE-2020-15780.html

https://bugzilla.suse.com/1051510

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1071995

https://bugzilla.suse.com/1085030

https://bugzilla.suse.com/1104967

https://bugzilla.suse.com/1114279

https://bugzilla.suse.com/1144333

https://bugzilla.suse.com/1148868

https://bugzilla.suse.com/1150660

https://bugzilla.suse.com/1152107

https://bugzilla.suse.com/1152472

https://bugzilla.suse.com/1152624

https://bugzilla.suse.com/1158983

https://bugzilla.suse.com/1159058

https://bugzilla.suse.com/1161016

https://bugzilla.suse.com/1162002

https://bugzilla.suse.com/1162063

https://bugzilla.suse.com/1168081

https://bugzilla.suse.com/1169194

https://bugzilla.suse.com/1169514

https://bugzilla.suse.com/1169795

https://bugzilla.suse.com/1170011

https://bugzilla.suse.com/1170592

https://bugzilla.suse.com/1170618

https://bugzilla.suse.com/1171124

https://bugzilla.suse.com/1171424

https://bugzilla.suse.com/1171558

https://bugzilla.suse.com/1171673

https://bugzilla.suse.com/1171732

https://bugzilla.suse.com/1171761

https://bugzilla.suse.com/1171868

https://bugzilla.suse.com/1171904

https://bugzilla.suse.com/1172257

https://bugzilla.suse.com/1172344

https://bugzilla.suse.com/1172458

https://bugzilla.suse.com/1172484

https://bugzilla.suse.com/1172759

https://bugzilla.suse.com/1172775

https://bugzilla.suse.com/1172781

https://bugzilla.suse.com/1172782

https://bugzilla.suse.com/1172783

https://bugzilla.suse.com/1172999

https://bugzilla.suse.com/1173265

https://bugzilla.suse.com/1173280

https://bugzilla.suse.com/1173428

https://bugzilla.suse.com/1173462

https://bugzilla.suse.com/1173514

https://bugzilla.suse.com/1173567

https://bugzilla.suse.com/1173573

https://bugzilla.suse.com/1174115

https://bugzilla.suse.com/1174462

https://bugzilla.suse.com/1174543

Severity
Announcement ID: SUSE-SU-2020:2121-1
Rating: important

Related News

News

Powered By

Footer Logo

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

Powered By

Footer Logo