SUSE-SU-2019:0801-1

Source
https://www.suse.com/support/update/announcement/2019/suse-su-20190801-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:0801-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2019:0801-1
Related
Published
2019-03-29T06:09:20Z
Modified
2019-03-29T06:09:20Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.176 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
  • CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).

The following non-security bugs were fixed:

  • ax25: fix possible use-after-free (bnc#1012382).
  • blockdev: fix crash on chained bios with ODIRECT (bsc#1090435).
  • block: do not use bio->bi_vcnt to figure out segment number (bsc#1128893).
  • bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413).
  • bpf: fix replacemapfdwithmap_ptr's ldimm64 second imm field (bsc#1012382).
  • btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bsc#1128452).
  • ceph: avoid repeatedly adding inode to mdsc->snapflushlist (bsc#1126773).
  • ch: add missing mutexlock()/mutexunlock() in ch_release() (bsc#1124235).
  • ch: fixup refcounting imbalance for SCSI devices (bsc#1124235).
  • copymountstring: Limit string length to PATH_MAX (bsc#1082943).
  • device property: Fix the length used in PROPERTYENTRYSTRING() (bsc#1129770).
  • drivers: hv: vmbus: Check for ring when getting debug info (bsc#1126389).
  • drm: Fix error handling in drmlegacyaddctx (bsc#1106929)
  • drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON (bsc#1106929)
  • drm/nouveau/pmu: do not print reply values if exec is false (bsc#1106929)
  • drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1106929)
  • drm/vmwgfx: Do not double-free the mode stored in par->set_mode (bsc#1103429)
  • enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959).
  • enic: do not overwrite error code (bnc#1012382).
  • fbdev: chipsfb: remove set but not used variable 'size' (bsc#1106929)
  • ibmvnic: Report actual backing device speed and duplex values (bsc#1129923).
  • ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
  • input: mms114 - fix license module information (bsc#1087092).
  • iommu/dmar: Fix buffer overflow during PCI bus notification (bsc#1129237).
  • iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bsc#1129238).
  • iommu/vt-d: Check identity map for hot-added devices (bsc#1129239).
  • iommu/vt-d: Fix NULL pointer reference in intelsvmbind_mm() (bsc#1129240).
  • ixgbe: fix crash in build_skb Rx code path (git-fixes).
  • kabi: protect struct inet_peer (kabi).
  • kallsyms: Handle too long symbols in kallsyms.c (bsc#1126805).
  • KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137).
  • kvm: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS (bsc#1109248).
  • kvm: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving tables (bsc#1109248).
  • kvm: arm/arm64: vgic-its: Fix return value for device table restore (bsc#1109248).
  • kvm: arm/arm64: vgic-its: Fix vgicitsrestorecollectiontable returned value (bsc#1109248).
  • kvm: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1129413).
  • kvm: nVMX: Free the VMREAD/VMWRITE bitmaps if allockvmarea() fails (bsc#1129414).
  • kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT (bsc#1129415).
  • kvm: nVMX: Set VM instruction error for VMPTRLD of unbacked page (bsc#1129416).
  • kvm: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1129417).
  • kvm: vmx: Set IA32TSCAUX for legacy mode guests (bsc#1129418).
  • kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs (bsc#1127082).
  • kvm: x86: IA32ARCHCAPABILITIES is always supported (bsc#1129419).
  • libceph: handle an empty authorize reply (bsc#1126772).
  • mdiobus: Fix use-after-free on deviceregister fails (git-fixes).
  • mfd: as3722: Handle interrupts on suspend (bnc#1012382).
  • mfd: as3722: Mark PM functions as _maybeunused (bnc#1012382).
  • mISDN: fix a race in devexpiretimer() (bnc#1012382).
  • mlxsw: pci: Correctly determine if descriptor queue is full (git-fixes).
  • mlxsw: reg: Use correct offset in field definiton (git-fixes).
  • mm, devmmemremappages: mark devmmemremappages() EXPORTSYMBOLGPL (bnc#1012382).
  • mm,memoryhotplug: fix scanmovable_pages() for gigantic hugepages (bsc#1127731).
  • net: Add header for usage of fls64() (bnc#1012382).
  • net: Do not allocate page fragments that are not skb aligned (bnc#1012382).
  • net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).
  • net: dsa: mv88e6xxx: fix port VLAN maps (git-fixes).
  • net: Fix foreachnetdev_feature on Big endian (bnc#1012382).
  • net: fix IPv6 prefix route residue (bnc#1012382).
  • net/hamradio/6pack: Convert timers to use timer_setup() (git-fixes).
  • net/hamradio/6pack: use mod_timer() to rearm timers (git-fixes).
  • net: ipv4: use a dedicated counter for icmp_v4 redirect packets (bnc#1012382).
  • net: lan78xx: Fix race in tx pending skb size calculation (git-fixes).
  • net/mlx4core: drop useless LISTHEAD (git-fixes).
  • net/mlx4_core: Fix qp mtt size calculation (git-fixes).
  • net/mlx4_core: Fix reset flow when in command polling mode (git-fixes).
  • net/mlx4: Fix endianness issue in qp context params (git-fixes).
  • net/mlx5: Continue driver initialization despite debugfs failure (git-fixes).
  • net/mlx5e: Fix TCP checksum in LRO buffers (git-fixes).
  • net/mlx5: Fix driver load bad flow when having fw initializing timeout (git-fixes).
  • net/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (git-fixes).
  • net/mlx5: Fix use-after-free in self-healing flow (git-fixes).
  • net/mlx5: Return success for PAGEFAULTRESUME in internal error state (git-fixes).
  • net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets (git-fixes).
  • net: phy: Avoid polling PHY with PHYIGNOREINTERRUPTS (git-fixes).
  • net: phy: bcm7xxx: Fix shadow mode 2 disabling (git-fixes).
  • net: qca_spi: Fix race condition in spi transfers (git-fixes).
  • net: stmmac: Fix a race in EEE enable callback (bnc#1012382).
  • net: stmmac: Fix a race in EEE enable callback (git-fixes).
  • net: thunderx: set tsohdrs pointer to NULL in nicvffreesndqueue (git-fixes).
  • net/x25: do not hold the cpu too long in x25newlci() (bnc#1012382).
  • PCI/PME: Fix hotplug/sysfs remove deadlock in pciepmeremove() (bsc#1129241).
  • perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805).
  • perf/x86/intel: Delay memory deallocation until x86pmudead_cpu() (bsc#1121805).
  • perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805).
  • perf/x86/intel: Fix memory corruption (bsc#1121805).
  • perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805).
  • perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805).
  • perf/x86/intel: Make cpuc allocations consistent (bsc#1121805).
  • phy: micrel: Ensure interrupts are reenabled on resume (git-fixes).
  • powerpc/pseries: Add CPU dlpar remove functionality (bsc#1128756).
  • powerpc/pseries: Consolidate CPU hotplug code to hotplug-cpu.c (bsc#1128756).
  • powerpc/pseries: Factor out common cpu hotplug code (bsc#1128756).
  • powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bsc#1128756).
  • pppoe: fix reception of frames with no mac header (git-fixes).
  • pptp: dstrelease skdstcache in pptpsock_destruct (git-fixes).
  • pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080).
  • rdma/bnxtre: Synchronize destroyqp with poll_cq (bsc#1125446).
  • Revert 'mm, devmmemremappages: mark devmmemremappages() EXPORTSYMBOLGPL' (bnc#1012382).
  • Revert 'x86/platform/UV: Use efiruntimelock to serialise BIOS calls' (bsc#1128565).
  • s390/qeth: cancel close_dev work before removing a card (LTC#175898, bsc#1127561).
  • scsi: aacraid: Fix missing break in switch statement (bsc#1128696).
  • scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
  • scsi: lpfc: do not set queue->pagecount to 0 if pcsli4_params.wqpcnt is invalid (bsc#1127725).
  • scsi: qla2xxx: Fix early srb free on abort (bsc#1121713).
  • scsi: qla2xxx: Fix for double free of SRB structure (bsc#1121713).
  • scsi: qla2xxx: Increase abort timeout value (bsc#1121713).
  • scsi: qla2xxx: Move {get|rel}sp to baseqpair struct (bsc#1121713).
  • scsi: qla2xxx: Return switch command on a timeout (bsc#1121713).
  • scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1121713).
  • scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1121713).
  • scsi: sym53c8xx: fix NULL pointer dereference panic in symintsir() (bsc#1125315).
  • sky2: Increase D3 delay again (bnc#1012382).
  • tcp: clear icskbackoff in tcpwritequeuepurge() (bnc#1012382).
  • tcp: tcpv4err() should be more careful (bnc#1012382).
  • team: avoid complex list operations in teamnlcmdoptionsset() (bnc#1012382).
  • team: Free BPF filter when unregistering netdev (git-fixes).
  • tracing: Do not free iter->trace in fail path of tracingopenpipe() (bsc#1129581).
  • vsock: cope with memory allocation failure at socket creation time (bnc#1012382).
  • vxlan: test dev->flags & IFFUP before calling netifrx() (bnc#1012382).
  • wireless: airo: potential buffer overflow in sprintf() (bsc#1120902).
  • x86: Add TSX Force Abort CPUID/MSR (bsc#1121805).
  • x86: Fix incorrect value for X86FEATURETSXFORCEABORT
  • x86: livepatch: Treat RX8664PLT32 as RX8664PC32 (bnc#1012382).
  • xen, cpu_hotplug: Prevent an out of bounds access (bsc#1065600).
  • xen: remove pre-xen3 fallback handlers (bsc#1065600).
  • xfs: remove filestream item xfs_inode reference (bsc#1127961).
References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP3 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-default-extra": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP3 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-default-extra": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP3 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-default-extra": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 12 SP3 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.4.176-94.88.1",
            "gfs2-kmp-default": "4.4.176-94.88.1",
            "ocfs2-kmp-default": "4.4.176-94.88.1",
            "cluster-md-kmp-default": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP3 / kgraft-patch-SLE12-SP3_Update_24

Package

Name
kgraft-patch-SLE12-SP3_Update_24
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP3_Update_24&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-4.9.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_176-94_88-default": "1-4.9.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / kernel-docs

Package

Name
kernel-docs
Purl
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.4.176-94.88.1",
            "kernel-obs-build": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP3 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.4.176-94.88.1",
            "kernel-obs-build": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP3 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP3 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.176-94.88.1",
            "kernel-devel": "4.4.176-94.88.1",
            "kernel-default-base": "4.4.176-94.88.1",
            "kernel-default-man": "4.4.176-94.88.1",
            "kernel-default": "4.4.176-94.88.1",
            "kernel-source": "4.4.176-94.88.1",
            "kernel-syms": "4.4.176-94.88.1",
            "kernel-default-devel": "4.4.176-94.88.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP3 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.176-94.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.4.176-94.88.1"
        }
    ]
}