Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:2981-1 critical: the Linux Kernel

    Date 21 Oct 2020
    129
    Posted By LinuxSecurity Advisories
    An update that solves four vulnerabilities and has 15 fixes is now available.
    
       SUSE Security Update: Security update for the Linux Kernel
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:2981-1
    Rating:             critical
    References:         #1065729 #1140683 #1152624 #1172538 #1172757 
                        #1174748 #1175520 #1176381 #1176400 #1176713 
                        #1176946 #1177027 #1177340 #1177359 #1177511 
                        #1177685 #1177687 #1177724 #1177725 
    Cross-References:   CVE-2020-12351 CVE-2020-12352 CVE-2020-25212
                        CVE-2020-25645
    Affected Products:
                        SUSE Linux Enterprise Workstation Extension 12-SP5
                        SUSE Linux Enterprise Software Development Kit 12-SP5
                        SUSE Linux Enterprise Server 12-SP5
                        SUSE Linux Enterprise Live Patching 12-SP5
                        SUSE Linux Enterprise High Availability 12-SP5
    ______________________________________________________________________________
    
       An update that solves four vulnerabilities and has 15 fixes
       is now available.
    
    Description:
    
       The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
       security and bugfixes.
    
       The following security bugs were fixed:
    
       - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka
         "BleedingTooth" aka "BadKarma" (bsc#1177724).
       - CVE-2020-12352: Fixed an information leak when processing certain AMP
         packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725).
       - CVE-2020-25645: Fixed an issue which traffic between two Geneve
         endpoints may be unencrypted when IPsec is configured to encrypt traffic
         for the specific UDP port used by the GENEVE tunnel allowing anyone
         between the two endpoints to read the traffic unencrypted (bsc#1177511).
       - CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code
         (bsc#1176381).
    
       The following non-security bugs were fixed:
    
       - btrfs: check the right error variable in btrfs_del_dir_entries_in_log
         (bsc#1177687).
       - btrfs: do not set the full sync flag on the inode during page release
         (bsc#1177687).
       - btrfs: fix incorrect updating of log root tree (bsc#1177687).
       - btrfs: fix race between page release and a fast fsync (bsc#1177687).
       - btrfs: only commit delayed items at fsync if we are logging a directory
         (bsc#1177687).
       - btrfs: only commit the delayed inode when doing a full fsync
         (bsc#1177687).
       - btrfs: reduce contention on log trees when logging checksums
         (bsc#1177687).
       - btrfs: release old extent maps during page release (bsc#1177687).
       - btrfs: remove no longer needed use of log_writers for the log root tree
         (bsc#1177687).
       - btrfs: stop incremening log_batch for the log root tree when syncing log
         (bsc#1177687).
       - drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
       - drm/nouveau/mem: guard against NULL pointer access in mem_del
         (git-fixes).
       - drm/sun4i: mixer: Extend regmap max_register (git-fixes).
       - ext4: fix dir_nlink behaviour (bsc#1177359).
       - i2c: meson: fix clock setting overwrite (git-fixes).
       - include/linux/swapops.h: correct guards for non_swap_entry() (git-fixes
         (mm/swap)).
       - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
       - leds: mt6323: move period calculation (git-fixes).
       - mac80211: do not allow bigger VHT MPDUs than the hardware supports
         (git-fixes).
       - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
       - mfd: sm501: Fix leaks in probe() (git-fixes).
       - mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
       - mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
       - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
         (git-fixes (mm/hugetlb)).
       - mm/ksm.c: do not WARN if page is still mapped in remove_stable_node()
         (git-fixes (mm/hugetlb)).
       - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
         (bsc#1177685).
       - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes
         (mm/mempolicy)).
       - mm/mempolicy.c: use match_string() helper to simplify the code
         (git-fixes (mm/mempolicy)).
       - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when
         marking page tables prot_numa (git-fixes (mm/numa)).
       - mm/page_owner.c: remove drain_all_pages from init_early_allocated_pages
         (git-fixes (mm/debug)).
       - mm/page-writeback.c: avoid potential division by zero in
         wb_min_max_ratio() (git-fixes (mm/writeback)).
       - mm/page-writeback.c: improve arithmetic divisions (git-fixes
         (mm/writeback)).
       - mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide
         (git-fixes (mm/writeback)).
       - mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
       - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes
         (mm/zsmalloc)).
       - mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes
         (mm/zsmalloc)).
       - mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes
         (mm/zsmalloc)).
       - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely
         (git-fixes (mm/zsmalloc)).
       - Move the upstreamed bluetooth fix into sorted section
       - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
         (git-fixes).
       - NFS: On fatal writeback errors, we need to call
         nfs_inode_remove_request() (bsc#1177340).
       - NFS: Revalidate the file mapping on all fatal writeback errors
         (bsc#1177340).
       - NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
       - nvme: add a Identify Namespace Identification Descriptor list quirk
         (bsc#1174748). add two previous futile attempts to fix the bug to
         blacklist.conf
       - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
       - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
       - nvme: fix possible io failures when removing multipathed ns
         (bsc#1174748).
       - nvme: make nvme_identify_ns propagate errors back (bsc#1174748).
       - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
       - nvme-multipath: do not reset on unknown status (bsc#1174748).
       - nvme: Namepace identification descriptor list is optional (bsc#1174748).
       - nvme: pass status to nvme_error_status (bsc#1174748).
       - nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
       - nvme: return error from nvme_alloc_ns() (bsc#1174748).
       - platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
       - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
       - pty: do tty_flip_buffer_push without port->lock in pty_write (git-fixes).
       - scsi: hisi_sas: Add debugfs ITCT file and add file operations
         (bsc#1140683).
       - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
       - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32()
         (bsc#1140683).
       - scsi: hisi_sas: Change return variable type in phy_up_v3_hw()
         (bsc#1140683).
       - scsi: hisi_sas: Correct memory allocation size for DQ debugfs
         (bsc#1140683).
       - scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
       - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO
         (bsc#1140683).
       - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs
         code (bsc#1140683). Refresh:
       - scsi: hisi_sas: No need to check return value of debugfs_create
         functions (bsc#1140683). Update:
       - scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
       - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix I/O failures during remote port toggle testing
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Make tgt_port_database available in initiator mode
         (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946
         bsc#1175520 bsc#1172538).
       - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520
         bsc#1172538).
       - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520
         bsc#1172538).
       - spi: fsl-espi: Only process interrupts for expected events (git-fixes).
       - tty: serial: earlycon dependency (git-fixes).
       - x86, fakenuma: Fix invalid starting node ID (git-fixes
         (mm/x86/fakenuma)).
       - x86/xen: disable Firmware First mode for correctable memory errors
         (bsc#1176713).
    
    
    Special Instructions and Notes:
    
       Please reboot the system after installing this update.
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Workstation Extension 12-SP5:
    
          zypper in -t patch SUSE-SLE-WE-12-SP5-2020-2981=1
    
       - SUSE Linux Enterprise Software Development Kit 12-SP5:
    
          zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2981=1
    
       - SUSE Linux Enterprise Server 12-SP5:
    
          zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2981=1
    
       - SUSE Linux Enterprise Live Patching 12-SP5:
    
          zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-2981=1
    
       - SUSE Linux Enterprise High Availability 12-SP5:
    
          zypper in -t patch SUSE-SLE-HA-12-SP5-2020-2981=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):
    
          kernel-default-debuginfo-4.12.14-122.46.1
          kernel-default-debugsource-4.12.14-122.46.1
          kernel-default-extra-4.12.14-122.46.1
          kernel-default-extra-debuginfo-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):
    
          kernel-obs-build-4.12.14-122.46.1
          kernel-obs-build-debugsource-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):
    
          kernel-docs-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
    
          kernel-default-4.12.14-122.46.1
          kernel-default-base-4.12.14-122.46.1
          kernel-default-base-debuginfo-4.12.14-122.46.1
          kernel-default-debuginfo-4.12.14-122.46.1
          kernel-default-debugsource-4.12.14-122.46.1
          kernel-default-devel-4.12.14-122.46.1
          kernel-syms-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Server 12-SP5 (x86_64):
    
          kernel-default-devel-debuginfo-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Server 12-SP5 (noarch):
    
          kernel-devel-4.12.14-122.46.1
          kernel-macros-4.12.14-122.46.1
          kernel-source-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Server 12-SP5 (s390x):
    
          kernel-default-man-4.12.14-122.46.1
    
       - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):
    
          kernel-default-debuginfo-4.12.14-122.46.1
          kernel-default-debugsource-4.12.14-122.46.1
          kernel-default-kgraft-4.12.14-122.46.1
          kernel-default-kgraft-devel-4.12.14-122.46.1
          kgraft-patch-4_12_14-122_46-default-1-8.5.1
    
       - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):
    
          cluster-md-kmp-default-4.12.14-122.46.1
          cluster-md-kmp-default-debuginfo-4.12.14-122.46.1
          dlm-kmp-default-4.12.14-122.46.1
          dlm-kmp-default-debuginfo-4.12.14-122.46.1
          gfs2-kmp-default-4.12.14-122.46.1
          gfs2-kmp-default-debuginfo-4.12.14-122.46.1
          kernel-default-debuginfo-4.12.14-122.46.1
          kernel-default-debugsource-4.12.14-122.46.1
          ocfs2-kmp-default-4.12.14-122.46.1
          ocfs2-kmp-default-debuginfo-4.12.14-122.46.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2020-12351.html
       https://www.suse.com/security/cve/CVE-2020-12352.html
       https://www.suse.com/security/cve/CVE-2020-25212.html
       https://www.suse.com/security/cve/CVE-2020-25645.html
       https://bugzilla.suse.com/1065729
       https://bugzilla.suse.com/1140683
       https://bugzilla.suse.com/1152624
       https://bugzilla.suse.com/1172538
       https://bugzilla.suse.com/1172757
       https://bugzilla.suse.com/1174748
       https://bugzilla.suse.com/1175520
       https://bugzilla.suse.com/1176381
       https://bugzilla.suse.com/1176400
       https://bugzilla.suse.com/1176713
       https://bugzilla.suse.com/1176946
       https://bugzilla.suse.com/1177027
       https://bugzilla.suse.com/1177340
       https://bugzilla.suse.com/1177359
       https://bugzilla.suse.com/1177511
       https://bugzilla.suse.com/1177685
       https://bugzilla.suse.com/1177687
       https://bugzilla.suse.com/1177724
       https://bugzilla.suse.com/1177725
    

    Advisories

    LinuxSecurity Poll

    How long have you been using Linux?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/46-how-long-have-you-been-using-linux?task=poll.vote&format=json
    46
    radio
    [{"id":"160","title":"Just made the switch!","votes":"3","type":"x","order":"1","pct":9.68,"resources":[]},{"id":"161","title":"1-5 years","votes":"5","type":"x","order":"2","pct":16.13,"resources":[]},{"id":"162","title":"6-10 years","votes":"1","type":"x","order":"3","pct":3.23,"resources":[]},{"id":"163","title":">10 years - I'm a veteran!","votes":"22","type":"x","order":"4","pct":70.97,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.