Linux Security
    Linux Security
    Linux Security

    SUSE: 2020:3507-1 important: the Linux Kernel

    Date 24 Nov 2020
    1817
    Posted By LinuxSecurity Advisories
    An update that solves three vulnerabilities and has 17 fixes is now available.
    
       SUSE Security Update: Security update for the Linux Kernel
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2020:3507-1
    Rating:             important
    References:         #1058115 #1163592 #1167030 #1172873 #1175306 
                        #1175721 #1176855 #1176907 #1176983 #1177703 
                        #1177819 #1177820 #1178123 #1178393 #1178589 
                        #1178622 #1178686 #1178765 #1178782 #927455 
                        
    Cross-References:   CVE-2020-25668 CVE-2020-25704 CVE-2020-25705
                       
    Affected Products:
                        SUSE Linux Enterprise Workstation Extension 15-SP1
                        SUSE Linux Enterprise Module for Live Patching 15-SP1
                        SUSE Linux Enterprise Module for Legacy Software 15-SP1
                        SUSE Linux Enterprise Module for Development Tools 15-SP1
                        SUSE Linux Enterprise Module for Basesystem 15-SP1
                        SUSE Linux Enterprise High Availability 15-SP1
    ______________________________________________________________________________
    
       An update that solves three vulnerabilities and has 17
       fixes is now available.
    
    Description:
    
       The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
       security and bugfixes.
    
    
       The following security bugs were fixed:
    
       - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was
         found that allowed to quickly scan open UDP ports. This flaw allowed an
         off-path remote user to effectively bypassing source port UDP
         randomization. The highest threat from this vulnerability is to
         confidentiality and possibly integrity, because software and services
         that rely on UDP source port randomization (like DNS) are indirectly
         affected as well. Kernel versions may be vulnerable to this issue
         (bsc#1175721, bsc#1178782).
       - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter()
         (bsc#1178393).
       - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bnc#1178123).
    
       The following non-security bugs were fixed:
    
       - 9P: Cast to loff_t before multiplying (git-fixes).
       - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
       - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
       - ACPI: dock: fix enum-conversion warning (git-fixes).
       - ACPI / extlog: Check for RDMSR failure (git-fixes).
       - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
       - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
       - ALSA: hda - Fix the return value if cb func is already registered
         (git-fixes).
       - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
         (git-fixes).
       - ata: sata_rcar: Fix DMA boundary mask (git-fixes).
       - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
       - ath10k: start recovery process when payload length exceeds max htc
         length for sdio (git-fixes).
       - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes).
       - can: can_create_echo_skb(): fix echo skb generation: always use
         skb_clone() (git-fixes).
       - can: dev: __can_get_echo_skb(): fix real payload length return value for
         RTR frames (git-fixes).
       - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
         context (git-fixes).
       - can: peak_canfd: pucan_handle_can_rx(): fix echo management when
         loopback is on (git-fixes).
       - can: peak_usb: add range checking in decode operations (git-fixes).
       - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
         (git-fixes).
       - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
       - clk: ti: clockdomain: fix static checker warning (git-fixes).
       - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
       - device property: Do not clear secondary pointer for shared primary
         firmware node (git-fixes).
       - device property: Keep secondary firmware node secondary by type
         (git-fixes).
       - drbd: code cleanup by using sendpage_ok() to check page for
         kernel_sendpage() (bsc#1172873).
       - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally
         (git-fixes).
       - drm/amd/display: HDMI remote sink need mode validation for Linux
         (git-fixes).
       - drm/amdgpu: do not map BO in reserved region (git-fixes).
       - drm/bridge/synopsys: dsi: add support for non-continuous HS clock
         (git-fixes).
       - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working
         correctly (git-fixes).
       - drm/i915: Break up error capture compression loops with cond_resched()
         (git-fixes).
       - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
       - drm/imx: tve remove extraneous type qualifier (git-fixes).
       - drm/ttm: fix eviction valuable range check (git-fixes).
       - drm/vc4: drv: Add error handding for bind (git-fixes).
       - efivarfs: Replace invalid slashes with exclamation marks in dentries
         (git-fixes).
       - ftrace: Fix recursion check for NMI test (git-fixes).
       - ftrace: Handle tracing when switching between context (git-fixes).
       - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
       - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819,
         bsc#1177820).
       - hyperv_fb: Update screen_info after removing old framebuffer
         (bsc#1175306).
       - icmp: randomize the global rate limiter (git-fixes).
       - kthread_worker: prevent queuing delayed work from timer_fn when it is
         being canceled (git-fixes).
       - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
       - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
       - media: platform: Improve queue set up flow for bug fixing (git-fixes).
       - media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
       - memcg: fix NULL pointer dereference in
         __mem_cgroup_usage_unregister_event (bsc#1177703).
       - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs
         (git-fixes).
       - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
       - mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
       - Move the upstreamed powercap fix into sorted sectio
       - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
       - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send
         (bsc#1172873).
       - net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873).
       - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
       - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage()
         (bsc#1172873).
       - p54: avoid accessing the data mapped to streaming DMA (git-fixes).
       - pinctrl: intel: Set default bias in case no particular value given
         (git-fixes).
       - powerpc/pseries/cpuidle: add polling idle for shared processor guests
         (bsc#1178765 ltc#188968).
       - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
       - power: supply: test_power: add missing newlines when printing parameters
         by sysfs (git-fixes).
       - regulator: defer probe when trying to get voltage from unresolved supply
         (git-fixes).
       - regulator: resolve supply after creating regulator (git-fixes).
       - ring-buffer: Fix recursion protection transitions between interrupt
         context (git-fixes).
       - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
       - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map()
         (bsc#1172873).
       - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
         (git-fixes).
       - staging: octeon: Drop on uncorrectable alignment or FCS error
         (git-fixes).
       - staging: octeon: repair "fixed-link" support (git-fixes).
       - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
         (git-fixes).
       - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
       - USB: adutux: fix debugging (git-fixes).
       - usb: cdc-acm: fix cooldown mechanism (git-fixes).
       - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).
       - usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
       - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
         (git-fixes).
       - USB: serial: option: add Quectel EC200T module support (git-fixes).
       - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
       - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after
         tSwapSourceStart (git-fixes).
       - usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).
       - video: fbdev: pvr2fb: initialize variables (git-fixes).
       - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host
         (bsc#1175306).
       - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer
         driver (bsc#1175306).
       - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs
         (bsc#1175306).
       - vt: Disable KD_FONT_OP_COPY (bsc#1178589).
       - x86/kexec: Use up-to-dated screen_info copy to fill boot params
         (bsc#1175306).
       - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10
         compiled kernels (bsc#1058115 bsc#1176907).
       - xfs: do not update mtime on COW faults (bsc#1167030).
       - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
       - xfs: fix flags argument to rmap lookup when converting shared file rmaps
         (git-fixes).
       - xfs: fix rmap key and record comparison functions (git-fixes).
       - xfs: flush new eof page on truncate to avoid post-eof corruption
         (git-fixes).
    
    
    Special Instructions and Notes:
    
       Please reboot the system after installing this update.
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Workstation Extension 15-SP1:
    
          zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2020-3507=1
    
       - SUSE Linux Enterprise Module for Live Patching 15-SP1:
    
          zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-3507=1
    
       - SUSE Linux Enterprise Module for Legacy Software 15-SP1:
    
          zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-3507=1
    
       - SUSE Linux Enterprise Module for Development Tools 15-SP1:
    
          zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-3507=1
    
       - SUSE Linux Enterprise Module for Basesystem 15-SP1:
    
          zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-3507=1
    
       - SUSE Linux Enterprise High Availability 15-SP1:
    
          zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2020-3507=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Workstation Extension 15-SP1 (x86_64):
    
          kernel-default-debuginfo-4.12.14-197.72.1
          kernel-default-debugsource-4.12.14-197.72.1
          kernel-default-extra-4.12.14-197.72.1
          kernel-default-extra-debuginfo-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
    
          kernel-default-debuginfo-4.12.14-197.72.1
          kernel-default-debugsource-4.12.14-197.72.1
          kernel-default-livepatch-4.12.14-197.72.1
          kernel-default-livepatch-devel-4.12.14-197.72.1
          kernel-livepatch-4_12_14-197_72-default-1-3.3.1
    
       - SUSE Linux Enterprise Module for Legacy Software 15-SP1 (aarch64 ppc64le s390x x86_64):
    
          kernel-default-debuginfo-4.12.14-197.72.1
          kernel-default-debugsource-4.12.14-197.72.1
          reiserfs-kmp-default-4.12.14-197.72.1
          reiserfs-kmp-default-debuginfo-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64):
    
          kernel-obs-build-4.12.14-197.72.1
          kernel-obs-build-debugsource-4.12.14-197.72.1
          kernel-syms-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Development Tools 15-SP1 (noarch):
    
          kernel-docs-4.12.14-197.72.2
          kernel-source-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64):
    
          kernel-default-4.12.14-197.72.1
          kernel-default-base-4.12.14-197.72.1
          kernel-default-base-debuginfo-4.12.14-197.72.1
          kernel-default-debuginfo-4.12.14-197.72.1
          kernel-default-debugsource-4.12.14-197.72.1
          kernel-default-devel-4.12.14-197.72.1
          kernel-default-devel-debuginfo-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Basesystem 15-SP1 (noarch):
    
          kernel-devel-4.12.14-197.72.1
          kernel-macros-4.12.14-197.72.1
    
       - SUSE Linux Enterprise Module for Basesystem 15-SP1 (s390x):
    
          kernel-default-man-4.12.14-197.72.1
          kernel-zfcpdump-debuginfo-4.12.14-197.72.1
          kernel-zfcpdump-debugsource-4.12.14-197.72.1
    
       - SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64):
    
          cluster-md-kmp-default-4.12.14-197.72.1
          cluster-md-kmp-default-debuginfo-4.12.14-197.72.1
          dlm-kmp-default-4.12.14-197.72.1
          dlm-kmp-default-debuginfo-4.12.14-197.72.1
          gfs2-kmp-default-4.12.14-197.72.1
          gfs2-kmp-default-debuginfo-4.12.14-197.72.1
          kernel-default-debuginfo-4.12.14-197.72.1
          kernel-default-debugsource-4.12.14-197.72.1
          ocfs2-kmp-default-4.12.14-197.72.1
          ocfs2-kmp-default-debuginfo-4.12.14-197.72.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2020-25668.html
       https://www.suse.com/security/cve/CVE-2020-25704.html
       https://www.suse.com/security/cve/CVE-2020-25705.html
       https://bugzilla.suse.com/1058115
       https://bugzilla.suse.com/1163592
       https://bugzilla.suse.com/1167030
       https://bugzilla.suse.com/1172873
       https://bugzilla.suse.com/1175306
       https://bugzilla.suse.com/1175721
       https://bugzilla.suse.com/1176855
       https://bugzilla.suse.com/1176907
       https://bugzilla.suse.com/1176983
       https://bugzilla.suse.com/1177703
       https://bugzilla.suse.com/1177819
       https://bugzilla.suse.com/1177820
       https://bugzilla.suse.com/1178123
       https://bugzilla.suse.com/1178393
       https://bugzilla.suse.com/1178589
       https://bugzilla.suse.com/1178622
       https://bugzilla.suse.com/1178686
       https://bugzilla.suse.com/1178765
       https://bugzilla.suse.com/1178782
       https://bugzilla.suse.com/927455
    

    Advisories

    LinuxSecurity Poll

    'Tis the season of giving! How have you given back to the open-source community?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/49-tis-the-season-of-giving-how-have-you-given-back-to-the-open-source-community?task=poll.vote&format=json
    49
    radio
    [{"id":"171","title":"I've contributed to the development of an open-source project.","votes":"8","type":"x","order":"1","pct":27.59,"resources":[]},{"id":"172","title":"I've reviewed open-source code for security bugs.","votes":"6","type":"x","order":"2","pct":20.69,"resources":[]},{"id":"173","title":"I've made a donation to an open-source project.","votes":"15","type":"x","order":"3","pct":51.72,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.