SUSE: 2020:2908-1 important: the Linux Kernel
Summary
The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket
creation could have been used by local attackers to create raw sockets,
bypassing security mechanisms (bsc#1176990).
- CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
corruption or a denial of service when changing screen size
(bnc#1176235).
- CVE-2020-0432: Fixed an out of bounds write due to an integer overflow
(bsc#1176721).
- CVE-2020-0427: Fixed an out of bounds read due to a use after free
(bsc#1176725).
- CVE-2020-0431: Fixed an out of bounds write due to a missing bounds
check (bsc#1176722).
- CVE-2020-0404: Fixed a linked list corruption due to an unusual root
cause (bsc#1176423).
- CVE-2020-25212: Fixed getxattr kernel panic and memory overflow
(bsc#1176381).
- CVE-2020-25284: Fixed an incomplete permission checking for access to
rbd devices, which could have been leveraged by local attackers to map
or unmap rbd block devices (bsc#1176482).
- CVE-2020-14385: Fixed a failure of the file system metadata validator in
XFS which could have caused an inode with a valid, user-creatable
extended attribute to be flagged as corrupt (bsc#1176137).
The following non-security bugs were fixed:
- ALSA: asihpi: fix iounmap in error handler (git-fixes).
- ALSA: ca0106: fix error code handling (git-fixes).
- ALSA: firewire-digi00x: exclude Avid Adrenaline from detection
(git-fixes).
- ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
- ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
- ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
(git-fixes).
- ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A
PRO (git-fixes).
- ALSA: hda: fixup headset for ASUS GX502 laptop (git-fixes).
- ALSA: hda: hdmi - add Rocketlake support (git-fixes).
- ALSA: hda/hdmi: always check pin power status in i915 pin fixup
(git-fixes).
- ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A
(git-fixes).
- ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged
(git-fixes).
- ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation
P520 (git-fixes).
- ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen
(git-fixes).
- ALSA: hda/realtek - The Mic on a RedmiBook does not work (git-fixes).
- ALSA: hda/tegra: Program WAKEEN register for Tegra (git-fixes).
- ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
(git-fixes).
- ALSA: usb-audio: Add basic capture support for Pioneer DJ DJM-250MK2
(git-fixes).
- ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for UR22C (git-fixes).
- ALSA: usb-audio: Disable autosuspend for Lenovo ThinkStation P620
(git-fixes).
- arm64: paravirt: Initialize steal time when cpu is online (bsc#1176833).
- ASoC: img: Fix a reference count leak in img_i2s_in_set_fmt (git-fixes).
- ASoC: img-parallel-out: Fix a reference count leak (git-fixes).
- ASoC: meson: axg-toddr: fix channel order on g12 platforms (git-fixes).
- ASoC: qcom: common: Fix refcount imbalance on error (git-fixes).
- ASoC: qcom: Set card->owner to avoid warnings (git-fixes).
- ASoC: SOF: Intel: add PCI ID for CometLake-S (git-fixes).
- ASoC: tegra: Fix reference count leaks (git-fixes).
- ata: ahci: use ata_link_info() instead of ata_link_printk()
(jsc#SLE-14459).
- batman-adv: Add missing include for in_interrupt() (git-fixes).
- batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
- batman-adv: bla: fix type misuse for backbone_gw hash indexing
(git-fixes).
- batman-adv: bla: use netif_rx_ni when not in interrupt context
(git-fixes).
- batman-adv: Fix own OGM check in aggregated OGMs (git-fixes).
- batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh
(git-fixes).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN
(git-fixes).
- batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh
(git-fixes).
- batman-adv: mcast/TT: fix wrongly dropped or rerouted packets
(git-fixes).
- bcache: Convert pr_
References
#1055186 #1058115 #1065600 #1065729 #1094244
#1152472 #1152489 #1153274 #1154353 #1155518
#1156395 #1167527 #1170774 #1171068 #1171688
#1171742 #1172757 #1173017 #1173115 #1173746
#1174358 #1174899 #1175749 #1175882 #1176019
#1176038 #1176137 #1176235 #1176236 #1176237
#1176242 #1176278 #1176357 #1176358 #1176359
#1176360 #1176361 #1176362 #1176363 #1176364
#1176365 #1176366 #1176367 #1176381 #1176423
#1176449 #1176482 #1176486 #1176507 #1176536
#1176537 #1176538 #1176539 #1176540 #1176541
#1176542 #1176544 #1176545 #1176546 #1176548
#1176558 #1176559 #1176587 #1176659 #1176698
#1176699 #1176700 #1176721 #1176722 #1176725
#1176732 #1176763 #1176775 #1176788 #1176789
#1176833 #1176869 #1176877 #1176925 #1176962
#1176980 #1176990 #1177021 #1177030
Cross- CVE-2020-0404 CVE-2020-0427 CVE-2020-0431
CVE-2020-0432 CVE-2020-14385 CVE-2020-14390
CVE-2020-25212 CVE-2020-25284 CVE-2020-26088
Affected Products:
SUSE Linux Enterprise Module for Public Cloud 15-SP2
https://www.suse.com/security/cve/CVE-2020-0404.html
https://www.suse.com/security/cve/CVE-2020-0427.html
https://www.suse.com/security/cve/CVE-2020-0431.html
https://www.suse.com/security/cve/CVE-2020-0432.html
https://www.suse.com/security/cve/CVE-2020-14385.html
https://www.suse.com/security/cve/CVE-2020-14390.html
https://www.suse.com/security/cve/CVE-2020-25212.html
https://www.suse.com/security/cve/CVE-2020-25284.html
https://www.suse.com/security/cve/CVE-2020-26088.html
https://bugzilla.suse.com/1055186
https://bugzilla.suse.com/1058115
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1094244
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1167527
https://bugzilla.suse.com/1170774
https://bugzilla.suse.com/1171068
https://bugzilla.suse.com/1171688
https://bugzilla.suse.com/1171742
https://bugzilla.suse.com/1172757
https://bugzilla.suse.com/1173017
https://bugzilla.suse.com/1173115
https://bugzilla.suse.com/1173746
https://bugzilla.suse.com/1174358
https://bugzilla.suse.com/1174899
https://bugzilla.suse.com/1175749
https://bugzilla.suse.com/1175882
https://bugzilla.suse.com/1176019
https://bugzilla.suse.com/1176038
https://bugzilla.suse.com/1176137
https://bugzilla.suse.com/1176235
https://bugzilla.suse.com/1176236
https://bugzilla.suse.com/1176237
https://bugzilla.suse.com/1176242
https://bugzilla.suse.com/1176278
https://bugzilla.suse.com/1176357
https://bugzilla.suse.com/1176358
https://bugzilla.suse.com/1176359
https://bugzilla.suse.com/1176360
https://bugzilla.suse.com/1176361
https://bugzilla.suse.com/1176362
https://bugzilla.suse.com/1176363
https://bugzilla.suse.com/1176364
https://bugzilla.suse.com/1176365
https://bugzilla.suse.com/1176366
https://bugzilla.suse.com/1176367
https://bugzilla.suse.com/1176381
https://bugzilla.suse.com/1176423
https://bugzilla.suse.com/1176449
https://bugzilla.suse.com/1176482
https://bugzilla.suse.com/1176486
https://bugzilla.suse.com/1176507
https://bugzilla.suse.com/1176536
https://bugzilla.suse.com/1176537
https://bugzilla.suse.com/1176538
https://bugzilla.suse.com/1176539
https://bugzilla.suse.com/1176540
https://bugzilla.suse.com/1176541
https://bugzilla.suse.com/1176542
https://bugzilla.suse.com/1176544
https://bugzilla.suse.com/1176545
https://bugzilla.suse.com/1176546
https://bugzilla.suse.com/1176548
https://bugzilla.suse.com/1176558
https://bugzilla.suse.com/1176559
https://bugzilla.suse.com/1176587
https://bugzilla.suse.com/1176659
https://bugzilla.suse.com/1176698
https://bugzilla.suse.com/1176699
https://bugzilla.suse.com/1176700
https://bugzilla.suse.com/1176721
https://bugzilla.suse.com/1176722
https://bugzilla.suse.com/1176725
https://bugzilla.suse.com/1176732
https://bugzilla.suse.com/1176763
https://bugzilla.suse.com/1176775
https://bugzilla.suse.com/1176788
https://bugzilla.suse.com/1176789
https://bugzilla.suse.com/1176833
https://bugzilla.suse.com/1176869
https://bugzilla.suse.com/1176877
https://bugzilla.suse.com/1176925
https://bugzilla.suse.com/1176962
https://bugzilla.suse.com/1176980
https://bugzilla.suse.com/1176990
https://bugzilla.suse.com/1177021
https://bugzilla.suse.com/1177030