SUSE-SU-2019:0470-1

Source
https://www.suse.com/support/update/announcement/2019/suse-su-20190470-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0470-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2019:0470-1
Related
Published
2019-02-22T12:47:15Z
Modified
2019-02-22T12:47:15Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 realtime kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-18249: Fixed tracking on allocated nid in the addfreenid function fs/f2fs/node.c, which previously allowed local users to cause a denial of service (bnc#1087036).
  • CVE-2019-3459: Fixed remote heap address information leak in use of l2capgetconf_opt (bnc#1120758).
  • CVE-2019-3460: Fixed remote data leak in multiple location in the function l2capparseconf_rsp (bnc#1120758).

The following non-security bugs were fixed:

  • Disable MSI also when pcie-octeon.pcie_disable on (bnc#1012382).
  • Fix problem with sharetransport= and NFSv4 (bsc#1114893).
  • Revert 'bs-upload-kernel: do not set %opensuse_bs' This reverts commit e89e2b8cbef05df6c874ba70af3cb4c57f82a821.
  • Yama: Check for pid death before checking ancestry (bnc#1012382).
  • acpi / processor: Fix the return value of acpiprocessorids_walk() (git fixes (acpi)).
  • acpi/nfit: Block function zero DSMs (bsc#1123321).
  • acpi/nfit: Fix command-supported detection (bsc#1123323).
  • acpi: power: Skip duplicate power resource references in _PRx (bnc#1012382).
  • alsa: bebob: fix model-id of unit for Apogee Ensemble (bnc#1012382).
  • alsa: hda/realtek - Disable headset Mic VREF for headset mode of ALC225 (bnc#1012382).
  • arm64/kvm: consistently handle host HCR_EL2 flags (bnc#1012382).
  • arm64: Do not trap host pointer auth use to EL2 (bnc#1012382).
  • arm64: perf: set suppressbindattrs flag to true (bnc#1012382).
  • ata: Fix racy link clearance (bsc#1107866).
  • block/loop: Use global lock for ioctl() operation (bnc#1012382).
  • block/swim3: Fix -EBUSY error when re-opening device after unmount (Git-fixes).
  • Btrfs: tree-check: reduce stack consumption in checkdiritem (bnc#1012382).
  • Btrfs: tree-checker: Check level for leaves and nodes (bnc#1012382).
  • Btrfs: tree-checker: Do not check max block group size as current max chunk size limit is unreliable (fixes for bnc#1012382 bsc#1102875 bsc#1102877 bsc#1102879 bsc#1102882 bsc#1102896).
  • Btrfs: tree-checker: Fix misleading group system information (bnc#1012382).
  • Btrfs: validate type when reading a chunk (bnc#1012382).
  • Btrfs: wait on ordered extents on abort cleanup (bnc#1012382).
  • can: gw: ensure DLC boundaries after CAN frame modification (bnc#1012382).
  • cifs: Do not hide EINTR after sending network packets (bnc#1012382).
  • cifs: Fix potential OOB access of lock element array (bnc#1012382).
  • clk: imx6q: reset exclusive gates on init (bnc#1012382).
  • crypto: authenc - fix parsing key with misaligned rta_len (bnc#1012382).
  • crypto: authencesn - Avoid twice completion call in decrypt path (bnc#1012382).
  • crypto: cts - fix crash on short inputs (bnc#1012382).
  • crypto: user - support incremental algorithm dumps (bsc#1120902).
  • dm crypt: add cryptographic data integrity protection (authenticated encryption) (Git-fixes).
  • dm crypt: factor IV constructor out to separate function (Git-fixes).
  • dm crypt: fix crash by adding missing check for auth key size (git-fixes).
  • dm crypt: fix error return code in crypt_ctr() (git-fixes).
  • dm crypt: fix memory leak in cryptctrcipher_old() (git-fixes).
  • dm crypt: introduce new format of cipher with 'capi:' prefix (Git-fixes).
  • dm crypt: wipe kernel key copy after IV initialization (Git-fixes).
  • dm kcopyd: Fix bug causing workqueue stalls (bnc#1012382).
  • dm snapshot: Fix excessive memory usage and workqueue stalls (bnc#1012382).
  • dm: do not allow readahead to limit IO size (git fixes (readahead)).
  • e1000e: allow non-monotonic SYSTIM readings (bnc#1012382).
  • edac: Raise the maximum number of memory controllers (bsc#1120722).
  • efi/libstub/arm64: Use hidden attribute for struct screen_info reference (bsc#1122650).
  • ext4: Fix crash during online resizing (bsc#1122779).
  • ext4: fix a potential fiemap/page fault deadlock w/ inline_data (bnc#1012382).
  • f2fs: Add sanitycheckinode() function (bnc#1012382).
  • f2fs: avoid unneeded loop in buildsitentries (bnc#1012382).
  • f2fs: check blkaddr more accuratly before issue a bio (bnc#1012382).
  • f2fs: clean up argument of recover_data (bnc#1012382).
  • f2fs: clean up with isvalidblkaddr() (bnc#1012382).
  • f2fs: detect wrong layout (bnc#1012382).
  • f2fs: enhance sanitycheckraw_super() to avoid potential overflow (bnc#1012382).
  • f2fs: factor out fsync inode entry operations (bnc#1012382).
  • f2fs: fix inode cache leak (bnc#1012382).
  • f2fs: fix invalid memory access (bnc#1012382).
  • f2fs: fix missing up_read (bnc#1012382).
  • f2fs: fix to avoid reading out encrypted data in page cache (bnc#1012382).
  • f2fs: fix to convert inline directory correctly (bnc#1012382).
  • f2fs: fix to determine startcpaddr by sbi->curcppack (bnc#1012382).
  • f2fs: fix to do sanity check with block address in main area (bnc#1012382).
  • f2fs: fix to do sanity check with block address in main area v2 (bnc#1012382).
  • f2fs: fix to do sanity check with cppackstart_sum (bnc#1012382).
  • f2fs: fix to do sanity check with node footer and iblocks (bnc#1012382).
  • f2fs: fix to do sanity check with reserved blkaddr of inline inode (bnc#1012382).
  • f2fs: fix to do sanity check with secsperzone (bnc#1012382).
  • f2fs: fix to do sanity check with userblockcount (bnc#1012382).
  • f2fs: fix validation of the block count in sanitycheckraw_super (bnc#1012382).
  • f2fs: free meta pages if sanity check for ckpt is failed (bnc#1012382).
  • f2fs: give -EINVAL for norecovery and rw mount (bnc#1012382).
  • f2fs: introduce and spread verify_blkaddr (bnc#1012382).
  • f2fs: introduce getcheckpointversion for cleanup (bnc#1012382).
  • f2fs: move sanity checking of cp into getvalidcheckpoint (bnc#1012382).
  • f2fs: not allow to write illegal blkaddr (bnc#1012382).
  • f2fs: put directory inodes before checkpoint in roll-forward recovery (bnc#1012382).
  • f2fs: remove an obsolete variable (bnc#1012382).
  • f2fs: return error during fill_super (bnc#1012382).
  • f2fs: sanity check on sit entry (bnc#1012382).
  • f2fs: use crc and cp version to determine roll-forward recovery (bnc#1012382).
  • gpiolib: Fix return value of gpiotodesc() stub if !GPIOLIB (Git-fixes).
  • i2c: dev: prevent adapter retries and timeout being set as minus value (bnc#1012382).
  • ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).
  • ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).
  • ibmvnic: Increase maximum queue size limit (bsc#1121726).
  • ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
  • iommu/amd: Call freeiovafast with pfn in map_sg (bsc#1106105).
  • iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
  • iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
  • iommu/vt-d: Fix memory leak in inteliommuputresvregions() (bsc#1106105).
  • ip: on queued skb use skbheaderpointer instead of pskbmaypull (bnc#1012382).
  • ipmi:ssif: Fix handling of multi-part return messages (bnc#1012382).
  • ipv6: Consider skbounddev_if when binding a socket to a v4 mapped address (bnc#1012382).
  • ipv6: Take rcureadlock in _inet6bind for mapped addresses (bnc#1012382).
  • ipv6: fix kernel-infoleak in ipv6localerror() (bnc#1012382).
  • jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bnc#1012382).
  • kabi: reorder new slabinfo fields in struct kmemcachenode (bnc#1116653).
  • kconfig: fix file name and line number of warnignoredcharacter() (bnc#1012382).
  • kconfig: fix memory leak when EOF is encountered in quotation (bnc#1012382).
  • loop: Fix double mutexunlock(&loopctlmutex) in loopcontrol_ioctl() (bnc#1012382).
  • loop: Fold _looprelease into loop_release (bnc#1012382).
  • loop: Get rid of loopindexmutex (bnc#1012382).
  • lsm: Check for NULL cred-security on free (bnc#1012382).
  • md: batch flush requests (bsc#1119680).
  • media: em28xx: Fix misplaced reset of dev->v4l::field_count (bnc#1012382).
  • media: firewire: Fix appinfo parameter type in avcca{,app}info (bnc#1012382).
  • media: vb2: be sure to unlock mutex on errors (bnc#1012382).
  • media: vb2: vb2_mmap: move lock up (bnc#1012382).
  • media: vivid: fix error handling of kthread_run (bnc#1012382).
  • media: vivid: set min width/height to a value > 0 (bnc#1012382).
  • mfd: tps6586x: Handle interrupts on suspend (bnc#1012382).
  • mips: SiByte: Enable swiotlb for SWARM, LittleSur and BigSur (bnc#1012382).
  • mips: fix n32 compatipcparse_version (bnc#1012382).
  • mm, proc: be more verbose about unstable VMA flags in /proc/<pid>/smaps (bnc#1012382).
  • mm, slab: faster active and free stats (bsc#1116653, VM Performance).
  • mm, slab: maintain total slab count instead of active count (bsc#1116653, VM Performance).
  • mm/page-writeback.c: do not break integrity writeback on ->writepage() error (bnc#1012382).
  • mm/slab: improve performance of gathering slabinfo stats (bsc#1116653, VM Performance).
  • mm: only report isolation failures when offlining memory (generic hotplug debugability).
  • mmc: atmel-mci: do not assume idle after atmcirequestend (bnc#1012382).
  • net: bridge: fix a bug on using a neighbour cache entry without checking its state (bnc#1012382).
  • net: call skdstreset when set SO_DONTROUTE (bnc#1012382).
  • net: speed up skbrbtreepurge() (bnc#1012382).
  • ocfs2: fix panic due to unrecovered local alloc (bnc#1012382).
  • omap2fb: Fix stack memory disclosure (bsc#1106929)
  • packet: Do not leak dev refcounts on error exit (bnc#1012382).
  • pci: altera: Check link status before retrain link (bnc#1012382).
  • pci: altera: Fix alterapcielinkisup() (bnc#1012382).
  • pci: altera: Move retrain from fixup to alterapciehost_init() (bnc#1012382).
  • pci: altera: Poll for link training status after retraining the link (bnc#1012382).
  • pci: altera: Poll for link up status after retraining the link (bnc#1012382).
  • pci: altera: Reorder read/write functions (bnc#1012382).
  • pci: altera: Rework config accessors for use without a struct pci_bus (bnc#1012382).
  • perf intel-pt: Fix error with config term 'pt=0' (bnc#1012382).
  • perf parse-events: Fix unchecked usage of strncpy() (bnc#1012382).
  • perf svghelper: Fix unchecked usage of strncpy() (bnc#1012382).
  • platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bnc#1012382).
  • powerpc, hotplug: Avoid to touch non-existent cpumasks (bsc#1109695).
  • powerpc/cacheinfo: Report the correct sharedcpumap on big-cores (bsc#1109695).
  • powerpc/pseries/cpuidle: Fix preempt warning (bnc#1012382).
  • powerpc/setup: Add cputophys_id array (bsc#1109695).
  • powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
  • powerpc/smp: Add cpul2cache_map (bsc#1109695).
  • powerpc/smp: Rework CPU topology construction (bsc#1109695).
  • powerpc/smp: Use cputochip_id() to find core siblings (bsc#1109695).
  • powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
  • powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).
  • powerpc: Use cpusmallcoresibling_mask at SMT level on bigcores (bsc#1109695).
  • powerpc: make use of foreachnodebytype() instead of open-coding it (bsc#1109695).
  • proc: Remove empty line in /proc/self/status (bnc#1012382 bsc#1094823).
  • pstore/ram: Do not treat empty buffers as valid (bnc#1012382).
  • r8169: Add support for new Realtek Ethernet (bnc#1012382).
  • scsi: megaraid: fix out-of-bound array accesses (bnc#1012382).
  • scsi: sd: Fix cachetypestore() (bnc#1012382).
  • scsi: target: use consistent left-aligned ASCII INQUIRY data (bnc#1012382).
  • sctp: allocate sctpsockaddrentry with kzalloc (bnc#1012382).
  • selinux: fix GPF on invalid policy (bnc#1012382).
  • slab: alien caches must not be initialized if the allocation of the alien cache failed (bnc#1012382).
  • sunrpc: handle ENOMEM in rpcbgetportasync (bnc#1012382).
  • sysfs: Disable lockdep for driver bind/unbind files (bnc#1012382).
  • tipc: fix uninit-value in tipcnlcompatbearerenable (bnc#1012382).
  • tipc: fix uninit-value in tipcnlcompat_doit (bnc#1012382).
  • tipc: fix uninit-value in tipcnlcompatlinkreset_stats (bnc#1012382).
  • tipc: fix uninit-value in tipcnlcompatlinkset (bnc#1012382).
  • tipc: fix uninit-value in tipcnlcompatnametable_dump (bnc#1012382).
  • tty/ldsem: Wake up readers after timed out down_write() (bnc#1012382).
  • usb: Add USBQUIRKDELAYCTRLMSG quirk for Corsair K70 RGB (bnc#1012382).
  • usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bnc#1012382).
  • usb: storage: add quirk for SMI SM3350 (bnc#1012382).
  • usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bnc#1012382).
  • writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).
  • x86/pkeys: Properly copy pkey state at fork() (bsc#1106105).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.172-3.35.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.172-3.35.1",
            "dlm-kmp-rt": "4.4.172-3.35.1",
            "gfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-rt-devel": "4.4.172-3.35.1",
            "kernel-rt_debug-devel": "4.4.172-3.35.1",
            "cluster-md-kmp-rt": "4.4.172-3.35.1",
            "kernel-source-rt": "4.4.172-3.35.1",
            "kernel-rt": "4.4.172-3.35.1",
            "ocfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-syms-rt": "4.4.172-3.35.1",
            "kernel-rt-base": "4.4.172-3.35.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.172-3.35.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.172-3.35.1",
            "dlm-kmp-rt": "4.4.172-3.35.1",
            "gfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-rt-devel": "4.4.172-3.35.1",
            "kernel-rt_debug-devel": "4.4.172-3.35.1",
            "cluster-md-kmp-rt": "4.4.172-3.35.1",
            "kernel-source-rt": "4.4.172-3.35.1",
            "kernel-rt": "4.4.172-3.35.1",
            "ocfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-syms-rt": "4.4.172-3.35.1",
            "kernel-rt-base": "4.4.172-3.35.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.172-3.35.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.172-3.35.1",
            "dlm-kmp-rt": "4.4.172-3.35.1",
            "gfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-rt-devel": "4.4.172-3.35.1",
            "kernel-rt_debug-devel": "4.4.172-3.35.1",
            "cluster-md-kmp-rt": "4.4.172-3.35.1",
            "kernel-source-rt": "4.4.172-3.35.1",
            "kernel-rt": "4.4.172-3.35.1",
            "ocfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-syms-rt": "4.4.172-3.35.1",
            "kernel-rt-base": "4.4.172-3.35.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.172-3.35.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.172-3.35.1",
            "dlm-kmp-rt": "4.4.172-3.35.1",
            "gfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-rt-devel": "4.4.172-3.35.1",
            "kernel-rt_debug-devel": "4.4.172-3.35.1",
            "cluster-md-kmp-rt": "4.4.172-3.35.1",
            "kernel-source-rt": "4.4.172-3.35.1",
            "kernel-rt": "4.4.172-3.35.1",
            "ocfs2-kmp-rt": "4.4.172-3.35.1",
            "kernel-syms-rt": "4.4.172-3.35.1",
            "kernel-rt-base": "4.4.172-3.35.1"
        }
    ]
}