SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:0765-1
Rating:             important
References:         #1046306 #1050244 #1089644 #1094978 #1097583 
                    #1097584 #1097585 #1097586 #1097587 #1097588 
                    #1101674 #1101816 #1103991 #1109837 #1111981 
                    #1112374 #1114648 #1114685 #1114893 #1117495 
                    #1118661 #1119113 #1136460 #1136461 #1157038 
                    #1157923 #1158533 #1174852 #1185377 #1185973 
                    #1187716 #1189126 #1191271 #1191580 #1191655 
                    #1193857 #1193867 #1194048 #1194516 #1195080 
                    #1195377 #1195536 #1195543 #1195612 #1195638 
                    #1195795 #1195823 #1195840 #1195897 #1195908 
                    #1195934 #1195949 #1195987 #1195995 #1196079 
                    #1196155 #1196400 #1196516 #1196584 #1196612 
                    SLE-20809 
Cross-References:   CVE-2021-44879 CVE-2021-45095 CVE-2022-0001
                    CVE-2022-0002 CVE-2022-0487 CVE-2022-0492
                    CVE-2022-0617 CVE-2022-0644 CVE-2022-24448
                    CVE-2022-24959
CVSS scores:
                    CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
                    CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

   An update that solves 10 vulnerabilities, contains one
   feature and has 50 fixes is now available.

Description:

   The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive
   various security and bugfixes.


   Transient execution side-channel attacks attacking the Branch History
   Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch
   History Injection" are now mitigated.

   The following security bugs were fixed:

   - CVE-2022-0001: Fixed Branch History Injection vulnerability
     (bsc#1191580).
   - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability
     (bsc#1191580).
   - CVE-2022-0617: Fixed a null pointer dereference in UDF file system
     functionality. A local user could crash the system by triggering
     udf_file_write_iter() via a malicious UDF image. (bsc#1196079)
   - CVE-2022-0644: Fixed a denial of service by a local user. A assertion
     failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).
   - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were
     not considered, which lead to a move_data_page NULL pointer dereference
     (bsc#1195987).
   - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in
     drivers/net/hamradio/yam.c (bsc#1195897).
   - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in
     net/phonet/pep.c (bsc#1193867).
   - CVE-2022-0487: A use-after-free vulnerability was found in
     rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c
     (bsc#1194516).
   - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1
     release_agent feature, which allowed bypassing namespace isolation
     unexpectedly (bsc#1195543).
   - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets
     the O_DIRECTORY flag, and tries to open a regular file,
     nfs_atomic_open() performs a regular lookup. If a regular file is found,
     ENOTDIR should have occured, but the server instead returned
     uninitialized data in the file descriptor (bsc#1195612).

   The following non-security bugs were fixed:

   - Bluetooth: bfusb: fix division by zero in send path (git-fixes).
   - Bluetooth: fix the erroneous flush_work() order (git-fixes).
   - EDAC/xgene: Fix deferred probing (bsc#1114648).
   - IB/rdmavt: Validate remote_addr during loopback atomic tests
     (bsc#1114685).
   - NFSv4.x: by default serialize open/close operations (bsc#1114893
     bsc#1195934). Make this work-around optional
   - NFSv42: Do not fail clone() unless the OP_CLONE operation failed
     (git-fixes).
   - NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes).
   - NFSv4: Handle case where the lookup of a directory fails (git-fixes).
   - NFSv4: nfs_atomic_open() can race when looking up a non-regular file
     (git-fixes).
   - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller
     (git-fixes).
   - RDMA/bnxt_re: Fix query SRQ failure (bsc#1050244).
   - RDMA/mlx5: Set user priority for DCT (bsc#1103991).
   - RDMA/netlink: Add __maybe_unused to static inline in C file
     (bsc#1046306).
   - Replace with an alternative fix for bsc#1185377
   - crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840).
   - cxgb4: fix eeprom len when diagnostics not implemented (bsc#1097585
     bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).
   - e1000e: Fix packet loss on Tiger Lake and later (bsc#1158533).
   - ext4: avoid trim error on fs with small groups (bsc#1191271).
   - fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1195795).
   - gve: Add RX context (bsc#1191655).
   - gve: Add a jumbo-frame device option (bsc#1191655).
   - gve: Add consumed counts to ethtool stats (bsc#1191655).
   - gve: Add netif_set_xps_queue call (bsc#1191655).
   - gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655).
   - gve: Add rx buffer pagecnt bias (bsc#1191655).
   - gve: Allow pageflips on larger pages (bsc#1191655).
   - gve: Avoid freeing NULL pointer (bsc#1191655).
   - gve: Correct available tx qpl check (bsc#1191655).
   - gve: Correct order of processing device options (bsc#1191655).
   - gve: DQO: avoid unused variable warnings (bsc#1191655).
   - gve: Do lazy cleanup in TX path (bsc#1191655).
   - gve: Fix GFP flags when allocing pages (bsc#1191655).
   - gve: Implement packet continuation for RX (bsc#1191655).
   - gve: Implement suspend/resume/shutdown (bsc#1191655).
   - gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655).
   - gve: Properly handle errors in gve_assign_qpl (bsc#1191655).
   - gve: Recording rx queue before sending to napi (bsc#1191655).
   - gve: Switch to use napi_complete_done (bsc#1191655).
   - gve: Track RX buffer allocation failures (bsc#1191655).
   - gve: Update gve_free_queue_page_list signature (bsc#1191655).
   - gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655).
   - gve: fix for null pointer dereference (bsc#1191655).
   - gve: fix gve_get_stats() (bsc#1191655).
   - gve: fix the wrong AdminQ buffer queue index check (bsc#1191655).
   - gve: fix unmatched u64_stats_update_end() (bsc#1191655).
   - gve: remove memory barrier around seqno (bsc#1191655).
   - gve: report 64bit tx_bytes counter from gve_handle_report_stats()
     (bsc#1191655).
   - i40e: Fix changing previously set num_queue_pairs for PFs (bsc#1094978).
   - i40e: Fix correct max_pkt_size on VF RX queue (bsc#1101816 ).
   - i40e: Fix creation of first queue by omitting it if is not power of two
     (bsc#1101816).
   - i40e: Fix display error code in dmesg (bsc#1109837 bsc#1111981 ).
   - i40e: Fix for displaying message regarding NVM version (jsc#SLE-4797).
   - i40e: Fix freeing of uninitialized misc IRQ vector (bsc#1101816 ).
   - i40e: Fix ping is lost after configuring ADq on VF (bsc#1094978).
   - i40e: Fix pre-set max number of queues for VF (bsc#1111981 ).
   - i40e: Increase delay to 1 s after global EMP reset (bsc#1101816 ).
   - iavf: Fix limit of total number of queues to active queues of VF
     (bsc#1111981).
   - iavf: prevent accidental free of filter structure (bsc#1111981 ).
   - ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391).
   - ibmvnic: Update driver return codes (bsc#1196516 ltc#196391).
   - ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391).
   - ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391).
   - ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391).
   - ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391).
   - ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391).
   - ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391).
   - ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391).
   - ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815).
   - ice: Delete always true check of PF pointer (bsc#1118661 ).
   - ice: ignore dropped packets during init (bsc#1118661 ).
   - igb: Fix removal of unicast MAC filters of VFs (bsc#1117495).
   - ixgbevf: Require large buffers for build_skb on 82599VF (bsc#1101674).
   - kabi: Hide changes to s390/AP structures (jsc#SLE-20809).
   - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584).
   - mqprio: Correct stats in mqprio_dump_class_stats() (bsc#1109837).
   - net/ibmvnic: Cleanup workaround doing an EOI after partition migration
     (bsc#1089644 ltc#166495 ltc#165544 git-fixes).
   - net: Prevent infinite while loop in skb_tx_hash() (bsc#1109837).
   - net: ena: Fix error handling when calculating max IO queues number
     (bsc#1174852).
   - net: ena: Fix undefined state when tx request id is out of bounds
     (bsc#1174852).
   - net: marvell: mvpp2: Fix the computation of shared CPUs (bsc#1119113).
   - net: phylink: avoid mvneta warning when setting pause parameters     (bsc#1119113).
   - net: usb: pegasus: Do not drop long Ethernet frames (git-fixes).
   - nfsd: fix use-after-free due to delegation race (git-fixes).
   - phylib: fix potential use-after-free (bsc#1119113).
   - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call
     (bsc#1112374).
   - powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038
     bsc#1157923 ltc#182612 git-fixes).
   - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for
     persistent memory" (bsc#1195995 ltc#196394).
   - powerpc/pseries: read the lpar name from the firmware (bsc#1187716
     ltc#193451).
   - powerpc: add link stack flush mitigation status in debugfs (bsc#1157038
     bsc#1157923 ltc#182612 git-fixes).
   - qed: Handle management FW error (git-fixes).
   - qed: rdma - do not wait for resources under hw error recovery flow
     (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
   - rndis_host: support Hytera digital radios (git-fixes).
   - s390/AP: support new dynamic AP bus size limit (jsc#SLE-20809).
   - s390/ap: rework crypto config info and default domain code
     (jsc#SLE-20809).
   - s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195080
     LTC#196090).
   - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit
     (bsc#1195080 LTC#196090).
   - s390/hypfs: include z/VM guests with access control group set
     (bsc#1195638 LTC#196354).
   - scsi: bnx2fc: Flush destroy_work queue before calling
     bnx2fc_interface_put() (git-fixes).
   - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126).
   - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write()
     (git-fixes).
   - scsi: nsp_cs: Check of ioremap return value (git-fixes).
   - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes).
   - scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823).
   - scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of
     NVMe queues (bsc#1195823).
   - scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823).
   - scsi: qla2xxx: Add retry for exec firmware (bsc#1195823).
   - scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823).
   - scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX
     adapters (bsc#1195823).
   - scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823).
   - scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823).
   - scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823).
   - scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823).
   - scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823).
   - scsi: qla2xxx: Fix warning for missing error code (bsc#1195823).
   - scsi: qla2xxx: Fix warning message due to adisc being flushed
     (bsc#1195823).
   - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823).
   - scsi: qla2xxx: Implement ref count for SRB (bsc#1195823).
   - scsi: qla2xxx: Refactor asynchronous command initialization
     (bsc#1195823).
   - scsi: qla2xxx: Remove a declaration (bsc#1195823).
   - scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t
     (bsc#1195823).
   - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823).
   - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
     (bsc#1195823).
   - scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823).
   - scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823).
   - scsi: qla2xxx: edif: Fix clang warning (bsc#1195823).
   - scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823).
   - scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823).
   - scsi: qla2xxx: edif: Replace list_for_each_safe with
     list_for_each_entry_safe (bsc#1195823).
   - scsi: qla2xxx: edif: Tweak trace message (bsc#1195823).
   - scsi: scsi_debug: Sanity check block descriptor length in
     resp_mode_select() (git-fixes).
   - scsi: ufs: Fix race conditions related to driver data (git-fixes).
   - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP
     devices (bsc#1195377 LTC#196245).
   - sunrpc/auth_gss: support timeout on gss upcalls (bsc#1193857).
   - tracing: Dump stacktrace trigger to the corresponding instance
     (git-fixes).
   - tracing: Have traceon and traceoff trigger honor the instance
     (git-fixes).
   - usb: common: ulpi: Fix crash in ulpi_match() (git-fixes).
   - usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes).
   - xfrm: fix MTU regression (bsc#1185377, bsc#1194048).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-765=1



Package List:

   - SUSE Linux Enterprise Server 12-SP5 (x86_64):

      kernel-azure-4.12.14-16.91.1
      kernel-azure-base-4.12.14-16.91.1
      kernel-azure-base-debuginfo-4.12.14-16.91.1
      kernel-azure-debuginfo-4.12.14-16.91.1
      kernel-azure-debugsource-4.12.14-16.91.1
      kernel-azure-devel-4.12.14-16.91.1
      kernel-syms-azure-4.12.14-16.91.1

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      kernel-devel-azure-4.12.14-16.91.1
      kernel-source-azure-4.12.14-16.91.1


References:

   https://www.suse.com/security/cve/CVE-2021-44879.html
   https://www.suse.com/security/cve/CVE-2021-45095.html
   https://www.suse.com/security/cve/CVE-2022-0001.html
   https://www.suse.com/security/cve/CVE-2022-0002.html
   https://www.suse.com/security/cve/CVE-2022-0487.html
   https://www.suse.com/security/cve/CVE-2022-0492.html
   https://www.suse.com/security/cve/CVE-2022-0617.html
   https://www.suse.com/security/cve/CVE-2022-0644.html
   https://www.suse.com/security/cve/CVE-2022-24448.html
   https://www.suse.com/security/cve/CVE-2022-24959.html
   https://bugzilla.suse.com/1046306
   https://bugzilla.suse.com/1050244
   https://bugzilla.suse.com/1089644
   https://bugzilla.suse.com/1094978
   https://bugzilla.suse.com/1097583
   https://bugzilla.suse.com/1097584
   https://bugzilla.suse.com/1097585
   https://bugzilla.suse.com/1097586
   https://bugzilla.suse.com/1097587
   https://bugzilla.suse.com/1097588
   https://bugzilla.suse.com/1101674
   https://bugzilla.suse.com/1101816
   https://bugzilla.suse.com/1103991
   https://bugzilla.suse.com/1109837
   https://bugzilla.suse.com/1111981
   https://bugzilla.suse.com/1112374
   https://bugzilla.suse.com/1114648
   https://bugzilla.suse.com/1114685
   https://bugzilla.suse.com/1114893
   https://bugzilla.suse.com/1117495
   https://bugzilla.suse.com/1118661
   https://bugzilla.suse.com/1119113
   https://bugzilla.suse.com/1136460
   https://bugzilla.suse.com/1136461
   https://bugzilla.suse.com/1157038
   https://bugzilla.suse.com/1157923
   https://bugzilla.suse.com/1158533
   https://bugzilla.suse.com/1174852
   https://bugzilla.suse.com/1185377
   https://bugzilla.suse.com/1185973
   https://bugzilla.suse.com/1187716
   https://bugzilla.suse.com/1189126
   https://bugzilla.suse.com/1191271
   https://bugzilla.suse.com/1191580
   https://bugzilla.suse.com/1191655
   https://bugzilla.suse.com/1193857
   https://bugzilla.suse.com/1193867
   https://bugzilla.suse.com/1194048
   https://bugzilla.suse.com/1194516
   https://bugzilla.suse.com/1195080
   https://bugzilla.suse.com/1195377
   https://bugzilla.suse.com/1195536
   https://bugzilla.suse.com/1195543
   https://bugzilla.suse.com/1195612
   https://bugzilla.suse.com/1195638
   https://bugzilla.suse.com/1195795
   https://bugzilla.suse.com/1195823
   https://bugzilla.suse.com/1195840
   https://bugzilla.suse.com/1195897
   https://bugzilla.suse.com/1195908
   https://bugzilla.suse.com/1195934
   https://bugzilla.suse.com/1195949
   https://bugzilla.suse.com/1195987
   https://bugzilla.suse.com/1195995
   https://bugzilla.suse.com/1196079
   https://bugzilla.suse.com/1196155
   https://bugzilla.suse.com/1196400
   https://bugzilla.suse.com/1196516
   https://bugzilla.suse.com/1196584
   https://bugzilla.suse.com/1196612

SUSE: 2022:0765-1 important: the Linux Kernel

March 8, 2022
An update that solves 10 vulnerabilities, contains one feature and has 50 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bsc#1193867). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). The following non-security bugs were fixed: - Bluetooth: bfusb: fix division by zero in send path (git-fixes). - Bluetooth: fix the erroneous flush_work() order (git-fixes). - EDAC/xgene: Fix deferred probing (bsc#1114648). - IB/rdmavt: Validate remote_addr during loopback atomic tests (bsc#1114685). - NFSv4.x: by default serialize open/close operations (bsc#1114893 bsc#1195934). Make this work-around optional - NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes). - NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes). - NFSv4: Handle case where the lookup of a directory fails (git-fixes). - NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes). - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (git-fixes). - RDMA/bnxt_re: Fix query SRQ failure (bsc#1050244). - RDMA/mlx5: Set user priority for DCT (bsc#1103991). - RDMA/netlink: Add __maybe_unused to static inline in C file (bsc#1046306). - Replace with an alternative fix for bsc#1185377 - crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840). - cxgb4: fix eeprom len when diagnostics not implemented (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584). - e1000e: Fix packet loss on Tiger Lake and later (bsc#1158533). - ext4: avoid trim error on fs with small groups (bsc#1191271). - fuse: annotate lock in fuse_reverse_inval_entry() (bsc#1195795). - gve: Add RX context (bsc#1191655). - gve: Add a jumbo-frame device option (bsc#1191655). - gve: Add consumed counts to ethtool stats (bsc#1191655). - gve: Add netif_set_xps_queue call (bsc#1191655). - gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655). - gve: Add rx buffer pagecnt bias (bsc#1191655). - gve: Allow pageflips on larger pages (bsc#1191655). - gve: Avoid freeing NULL pointer (bsc#1191655). - gve: Correct available tx qpl check (bsc#1191655). - gve: Correct order of processing device options (bsc#1191655). - gve: DQO: avoid unused variable warnings (bsc#1191655). - gve: Do lazy cleanup in TX path (bsc#1191655). - gve: Fix GFP flags when allocing pages (bsc#1191655). - gve: Implement packet continuation for RX (bsc#1191655). - gve: Implement suspend/resume/shutdown (bsc#1191655). - gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655). - gve: Properly handle errors in gve_assign_qpl (bsc#1191655). - gve: Recording rx queue before sending to napi (bsc#1191655). - gve: Switch to use napi_complete_done (bsc#1191655). - gve: Track RX buffer allocation failures (bsc#1191655). - gve: Update gve_free_queue_page_list signature (bsc#1191655). - gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655). - gve: fix for null pointer dereference (bsc#1191655). - gve: fix gve_get_stats() (bsc#1191655). - gve: fix the wrong AdminQ buffer queue index check (bsc#1191655). - gve: fix unmatched u64_stats_update_end() (bsc#1191655). - gve: remove memory barrier around seqno (bsc#1191655). - gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1191655). - i40e: Fix changing previously set num_queue_pairs for PFs (bsc#1094978). - i40e: Fix correct max_pkt_size on VF RX queue (bsc#1101816 ). - i40e: Fix creation of first queue by omitting it if is not power of two (bsc#1101816). - i40e: Fix display error code in dmesg (bsc#1109837 bsc#1111981 ). - i40e: Fix for displaying message regarding NVM version (jsc#SLE-4797). - i40e: Fix freeing of uninitialized misc IRQ vector (bsc#1101816 ). - i40e: Fix ping is lost after configuring ADq on VF (bsc#1094978). - i40e: Fix pre-set max number of queues for VF (bsc#1111981 ). - i40e: Increase delay to 1 s after global EMP reset (bsc#1101816 ). - iavf: Fix limit of total number of queues to active queues of VF (bsc#1111981). - iavf: prevent accidental free of filter structure (bsc#1111981 ). - ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391). - ibmvnic: Update driver return codes (bsc#1196516 ltc#196391). - ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391). - ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391). - ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391). - ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391). - ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391). - ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391). - ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391). - ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815). - ice: Delete always true check of PF pointer (bsc#1118661 ). - ice: ignore dropped packets during init (bsc#1118661 ). - igb: Fix removal of unicast MAC filters of VFs (bsc#1117495). - ixgbevf: Require large buffers for build_skb on 82599VF (bsc#1101674). - kabi: Hide changes to s390/AP structures (jsc#SLE-20809). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). - mqprio: Correct stats in mqprio_dump_class_stats() (bsc#1109837). - net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes). - net: Prevent infinite while loop in skb_tx_hash() (bsc#1109837). - net: ena: Fix error handling when calculating max IO queues number (bsc#1174852). - net: ena: Fix undefined state when tx request id is out of bounds (bsc#1174852). - net: marvell: mvpp2: Fix the computation of shared CPUs (bsc#1119113). - net: phylink: avoid mvneta warning when setting pause parameters (bsc#1119113). - net: usb: pegasus: Do not drop long Ethernet frames (git-fixes). - nfsd: fix use-after-free due to delegation race (git-fixes). - phylib: fix potential use-after-free (bsc#1119113). - platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (bsc#1112374). - powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038 bsc#1157923 ltc#182612 git-fixes). - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (bsc#1195995 ltc#196394). - powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451). - powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes). - qed: Handle management FW error (git-fixes). - qed: rdma - do not wait for resources under hw error recovery flow (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692). - rndis_host: support Hytera digital radios (git-fixes). - s390/AP: support new dynamic AP bus size limit (jsc#SLE-20809). - s390/ap: rework crypto config info and default domain code (jsc#SLE-20809). - s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195080 LTC#196090). - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit (bsc#1195080 LTC#196090). - s390/hypfs: include z/VM guests with access control group set (bsc#1195638 LTC#196354). - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes). - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126). - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes). - scsi: nsp_cs: Check of ioremap return value (git-fixes). - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes). - scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823). - scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823). - scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823). - scsi: qla2xxx: Add retry for exec firmware (bsc#1195823). - scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823). - scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823). - scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823). - scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823). - scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823). - scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823). - scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823). - scsi: qla2xxx: Fix warning for missing error code (bsc#1195823). - scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823). - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823). - scsi: qla2xxx: Implement ref count for SRB (bsc#1195823). - scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823). - scsi: qla2xxx: Remove a declaration (bsc#1195823). - scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823). - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823). - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823). - scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823). - scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823). - scsi: qla2xxx: edif: Fix clang warning (bsc#1195823). - scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823). - scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823). - scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823). - scsi: qla2xxx: edif: Tweak trace message (bsc#1195823). - scsi: scsi_debug: Sanity check block descriptor length in resp_mode_select() (git-fixes). - scsi: ufs: Fix race conditions related to driver data (git-fixes). - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (bsc#1195377 LTC#196245). - sunrpc/auth_gss: support timeout on gss upcalls (bsc#1193857). - tracing: Dump stacktrace trigger to the corresponding instance (git-fixes). - tracing: Have traceon and traceoff trigger honor the instance (git-fixes). - usb: common: ulpi: Fix crash in ulpi_match() (git-fixes). - usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes). - xfrm: fix MTU regression (bsc#1185377, bsc#1194048).

References

#1046306 #1050244 #1089644 #1094978 #1097583

#1097584 #1097585 #1097586 #1097587 #1097588

#1101674 #1101816 #1103991 #1109837 #1111981

#1112374 #1114648 #1114685 #1114893 #1117495

#1118661 #1119113 #1136460 #1136461 #1157038

#1157923 #1158533 #1174852 #1185377 #1185973

#1187716 #1189126 #1191271 #1191580 #1191655

#1193857 #1193867 #1194048 #1194516 #1195080

#1195377 #1195536 #1195543 #1195612 #1195638

#1195795 #1195823 #1195840 #1195897 #1195908

#1195934 #1195949 #1195987 #1195995 #1196079

#1196155 #1196400 #1196516 #1196584 #1196612

SLE-20809

Cross- CVE-2021-44879 CVE-2021-45095 CVE-2022-0001

CVE-2022-0002 CVE-2022-0487 CVE-2022-0492

CVE-2022-0617 CVE-2022-0644 CVE-2022-24448

CVE-2022-24959

CVSS scores:

CVE-2021-44879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2021-44879 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2021-45095 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2021-45095 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2022-0001 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0002 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2022-0487 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-0487 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0492 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2022-0617 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0617 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-0644 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-24448 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVE-2022-24448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2022-24959 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2022-24959 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2021-44879.html

https://www.suse.com/security/cve/CVE-2021-45095.html

https://www.suse.com/security/cve/CVE-2022-0001.html

https://www.suse.com/security/cve/CVE-2022-0002.html

https://www.suse.com/security/cve/CVE-2022-0487.html

https://www.suse.com/security/cve/CVE-2022-0492.html

https://www.suse.com/security/cve/CVE-2022-0617.html

https://www.suse.com/security/cve/CVE-2022-0644.html

https://www.suse.com/security/cve/CVE-2022-24448.html

https://www.suse.com/security/cve/CVE-2022-24959.html

https://bugzilla.suse.com/1046306

https://bugzilla.suse.com/1050244

https://bugzilla.suse.com/1089644

https://bugzilla.suse.com/1094978

https://bugzilla.suse.com/1097583

https://bugzilla.suse.com/1097584

https://bugzilla.suse.com/1097585

https://bugzilla.suse.com/1097586

https://bugzilla.suse.com/1097587

https://bugzilla.suse.com/1097588

https://bugzilla.suse.com/1101674

https://bugzilla.suse.com/1101816

https://bugzilla.suse.com/1103991

https://bugzilla.suse.com/1109837

https://bugzilla.suse.com/1111981

https://bugzilla.suse.com/1112374

https://bugzilla.suse.com/1114648

https://bugzilla.suse.com/1114685

https://bugzilla.suse.com/1114893

https://bugzilla.suse.com/1117495

https://bugzilla.suse.com/1118661

https://bugzilla.suse.com/1119113

https://bugzilla.suse.com/1136460

https://bugzilla.suse.com/1136461

https://bugzilla.suse.com/1157038

https://bugzilla.suse.com/1157923

https://bugzilla.suse.com/1158533

https://bugzilla.suse.com/1174852

https://bugzilla.suse.com/1185377

https://bugzilla.suse.com/1185973

https://bugzilla.suse.com/1187716

https://bugzilla.suse.com/1189126

https://bugzilla.suse.com/1191271

https://bugzilla.suse.com/1191580

https://bugzilla.suse.com/1191655

https://bugzilla.suse.com/1193857

https://bugzilla.suse.com/1193867

https://bugzilla.suse.com/1194048

https://bugzilla.suse.com/1194516

https://bugzilla.suse.com/1195080

https://bugzilla.suse.com/1195377

https://bugzilla.suse.com/1195536

https://bugzilla.suse.com/1195543

https://bugzilla.suse.com/1195612

https://bugzilla.suse.com/1195638

https://bugzilla.suse.com/1195795

https://bugzilla.suse.com/1195823

https://bugzilla.suse.com/1195840

https://bugzilla.suse.com/1195897

https://bugzilla.suse.com/1195908

https://bugzilla.suse.com/1195934

https://bugzilla.suse.com/1195949

https://bugzilla.suse.com/1195987

https://bugzilla.suse.com/1195995

https://bugzilla.suse.com/1196079

https://bugzilla.suse.com/1196155

https://bugzilla.suse.com/1196400

https://bugzilla.suse.com/1196516

https://bugzilla.suse.com/1196584

https://bugzilla.suse.com/1196612

Severity
Announcement ID: SUSE-SU-2022:0765-1
Rating: important

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved