SUSE-SU-2020:3230-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203230-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3230-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3230-1
Related
Published
2020-11-06T14:36:12Z
Modified
2020-11-06T14:36:12Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 kernel RT was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
  • CVE-2020-25643: Added range checks in pppcpparse_cr() (bsc#1177206).
  • CVE-2020-25641: Allowed foreachbvec to support zero len bvec (bsc#1177121).
  • CVE-2020-25645: Added transport ports in route lookup for geneve (bsc#1177511).

The following non-security bugs were fixed:

  • 9p: Fix memory leak in v9fs_mount (git-fixes).
  • ACPI: EC: Reference count query handlers under lock (git-fixes).
  • airo: Fix read overflows sending packets (git-fixes).
  • ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
  • ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes).
  • ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes).
  • ASoC: kirkwood: fix IRQ error handling (git-fixes).
  • ASoC: wm8994: Ensure the device is resumed in wm89xxmicdetect functions (git-fixes).
  • ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes).
  • ath10k: fix array out-of-bounds access (git-fixes).
  • ath10k: fix memory leak for tpcstatsfinal (git-fixes).
  • ath10k: use kzalloc to read for ath10ksdiohifdiagread (git-fixes).
  • Bluetooth: Fix refcount use-after-free issue (git-fixes).
  • Bluetooth: guard against controllers sending zero'd events (git-fixes).
  • Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
  • Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).
  • Bluetooth: prefetch channel before killing sock (git-fixes).
  • brcmfmac: Fix double freeing in the fmac usb data path (git-fixes).
  • btrfs: block-group: do not set the wrong READA flag for btrfsreadblock_groups() (bsc#1176019).
  • btrfs: block-group: fix free-space bitmap threshold (bsc#1176019).
  • btrfs: block-group: refactor how we delete one block group item (bsc#1176019).
  • btrfs: block-group: refactor how we insert a block group item (bsc#1176019).
  • btrfs: block-group: refactor how we read one block group item (bsc#1176019).
  • btrfs: block-group: rename writeonecache_group() (bsc#1176019).
  • btrfs: do not take an extra root ref at allocation time (bsc#1176019).
  • btrfs: drop logs when we've aborted a transaction (bsc#1176019).
  • btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019).
  • btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019).
  • btrfs: free block groups after free'ing fs trees (bsc#1176019).
  • btrfs: hold a ref on the root on the dead roots list (bsc#1176019).
  • btrfs: kill the subvol_srcu (bsc#1176019).
  • btrfs: make btrfscleanupfs_roots use the radix tree lock (bsc#1176019).
  • btrfs: make inodes hold a ref on their roots (bsc#1176019).
  • btrfs: make the extent buffer leak check per fs info (bsc#1176019).
  • btrfs: move inocacheinode dropping out of btrfsfreefs_root (bsc#1176019).
  • btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019).
  • btrfs: move the root freeing stuff into btrfsputroot (bsc#1176019).
  • btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019).
  • btrfs: rename member 'trimming' of block group to a more generic name (bsc#1176019).
  • btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019).
  • bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes).
  • clk: samsung: exynos4: mark 'chipid' clock as CLKIGNOREUNUSED (git-fixes).
  • clk: socfpga: stratix10: fix the divider for the emacptpfree_clk (git-fixes).
  • clk: tegra: Always program PLL_E when enabled (git-fixes).
  • clk/ti/adpll: allocate room for terminating null (git-fixes).
  • clocksource/drivers/h8300timer8: Fix wrong return value in h83008timer_init() (git-fixes).
  • clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes).
  • cpuidle: Poll for a minimum of 30ns and poll for a tick if lower c-states are disabled (bnc#1176588).
  • crypto: dh - check validity of Z before export (bsc#1175718).
  • crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175718).
  • crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175718).
  • crypto: ecdh - check validity of Z before export (bsc#1175718).
  • dmaengine: mediatek: hsdmaprobe: fixed a memory leak when devmrequest_irq fails (git-fixes).
  • dmaengine: stm32-dma: use vchanterminatevdesc() in .terminate_all (git-fixes).
  • dmaengine: stm32-mdma: use vchanterminatevdesc() in .terminate_all (git-fixes).
  • dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
  • dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
  • dma-fence: Serialise signal enabling (dmafenceenableswsignaling) (git-fixes).
  • drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).
  • drm/amdgpu: restore proper ref count in amdgpudisplaycrtcsetconfig (git-fixes).
  • drm/radeon: revert 'Prefer lower feedback dividers' (bsc#1177384).
  • e1000: Do not perform reset in reset_task if we are already down (git-fixes).
  • ftrace: Move RCU is watching check after recursion check (git-fixes).
  • fuse: do not ignore errors from fusewritepagesfill() (bsc#1177193).
  • gpio: mockup: fix resource leak in error path (git-fixes).
  • gpio: rcar: Fix runtime PM imbalance on error (git-fixes).
  • gpio: siox: explicitly support only threaded irqs (git-fixes).
  • gpio: sprd: Clear interrupt when setting the type as edge (git-fixes).
  • gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
  • hwmon: (applesmc) check status earlier (git-fixes).
  • i2c: aspeed: Mask IRQ status to relevant bits (git-fixes).
  • i2c: core: Call i2cacpiinstallspacehandler() before i2cacpiregister_devices() (git-fixes).
  • i2c: i801: Exclude device from suspend direct complete optimization (git-fixes).
  • i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes).
  • i2c: tegra: Restore pinmux on system resume (git-fixes).
  • ieee802154/adf7242: check status of adf7242readreg (git-fixes).
  • ieee802154: fix one possible memleak in ca8210devcom_init (git-fixes).
  • iio: adc: qcom-spmi-adc5: fix driver name (git-fixes).
  • Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532).
  • Input: trackpoint - enable Synaptics trackpoints (git-fixes).
  • iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297).
  • iommu/amd: Fix potential @entry null deref (bsc#1177283).
  • iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284).
  • iommu/amd: Restore IRTE.RemapEn bit for amdiommuactivateguestmode (bsc#1177285).
  • iommu/exynos: add missing putdevice() call in exynosiommuofxlate() (bsc#1177286).
  • kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1176979).
  • leds: mlxreg: Fix possible buffer overflow (git-fixes).
  • lib/mpi: Add mpisubui() (bsc#1175718).
  • locking/rwsem: Disable reader optimistic spinning (bnc#1176588).
  • mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
  • mac80211: skip mpath lookup also for control port tx (git-fixes).
  • mac802154: tx: fix use-after-free (git-fixes).
  • media: mc-device.c: fix memleak in mediadeviceregister_entity (git-fixes).
  • media: smiapp: Fix error handling at NVM reading (git-fixes).
  • media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
  • mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
  • mmc: core: Rework wp-gpio handling (git-fixes).
  • mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).
  • mt76: add missing locking around ampdu action (git-fixes).
  • mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes).
  • mt76: do not use devm API for led classdev (git-fixes).
  • mt76: fix handling full tx queues in mt76dmatxqueueskb_raw (git-fixes).
  • mt76: fix LED link time failure (git-fixes).
  • mtd: cficmdset0002: do not free cfi->cfiq in error path of cfiamdstdsetup() (git-fixes).
  • mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes).
  • mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes).
  • net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes).
  • nfs: Fix security label length not being reset (bsc#1176381).
  • PCI: Avoid double hpmemsize MMIO window assignment (git-fixes).
  • PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1176979).
  • PCI: tegra194: Fix runtime PM imbalance on error (git-fixes).
  • PCI: tegra: Fix runtime PM imbalance on error (git-fixes).
  • phy: ti: am654: Fix a leak in serdesam654probe() (git-fixes).
  • pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
  • Platform: OLPC: Fix memleak in olpcecprobe (git-fixes).
  • platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).
  • platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes).
  • platform/x86: intelpmccore: do not create a static struct device (git-fixes).
  • platform/x86: intel-vbtn: Switch to an allow-list for SWTABLETMODE reporting (bsc#1175599).
  • platform/x86: thinkpadacpi: initialize tpnvram_state variable (git-fixes).
  • platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).
  • power: supply: max17040: Correct voltage reading (git-fixes).
  • Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675).
  • rtc: ds1374: fix possible race condition (git-fixes).
  • rtc: sa1100: fix possible race condition (git-fixes).
  • s390/pci: Mark all VFs as not implementing PCICOMMANDMEMORY (bsc#1176979).
  • sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/numa: Avoid creating large imbalances at task creation time (bnc#1176588).
  • sched/numa: Check numa balancing information only when enabled (bnc#1176588).
  • sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)).
  • scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
  • serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).
  • serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).
  • serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
  • serial: uartps: Wait for tx_empty in console setup (git-fixes).
  • spi: fsl-espi: Only process interrupts for expected events (git-fixes).
  • staging:r8188eu: avoid skb_clone for amsdu to msdu conversion (git-fixes).
  • thermal: rcar_thermal: Handle probe error gracefully (git-fixes).
  • Update config files. Enable ACPIPCISLOT and HOTPLUGPCIACPI (bsc#1177194).
  • usb: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).
  • USB: EHCI: ehci-mv: fix error handling in mvehciprobe() (git-fixes).
  • USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).
  • USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
  • vfio/pci: Decouple PCICOMMANDMEMORY bit checks from is_virtfn (bsc#1176979).
  • vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).
  • wlcore: fix runtime pm imbalance in wl1271txwork (git-fixes).
  • wlcore: fix runtime pm imbalance in wlcoreregdomainconfig (git-fixes).
  • xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
  • yam: fix possible memory leak in yaminitdriver (git-fixes).
References

Affected packages

SUSE:Real Time Module 15 SP2 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-13.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-13.1",
            "dlm-kmp-rt": "5.3.18-13.1",
            "kernel-rt-devel": "5.3.18-13.1",
            "cluster-md-kmp-rt": "5.3.18-13.1",
            "kernel-rt_debug-devel": "5.3.18-13.1",
            "kernel-source-rt": "5.3.18-13.1",
            "kernel-rt": "5.3.18-13.1",
            "ocfs2-kmp-rt": "5.3.18-13.1",
            "gfs2-kmp-rt": "5.3.18-13.1",
            "kernel-syms-rt": "5.3.18-13.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-13.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-13.1",
            "dlm-kmp-rt": "5.3.18-13.1",
            "kernel-rt-devel": "5.3.18-13.1",
            "cluster-md-kmp-rt": "5.3.18-13.1",
            "kernel-rt_debug-devel": "5.3.18-13.1",
            "kernel-source-rt": "5.3.18-13.1",
            "kernel-rt": "5.3.18-13.1",
            "ocfs2-kmp-rt": "5.3.18-13.1",
            "gfs2-kmp-rt": "5.3.18-13.1",
            "kernel-syms-rt": "5.3.18-13.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-13.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-13.1",
            "dlm-kmp-rt": "5.3.18-13.1",
            "kernel-rt-devel": "5.3.18-13.1",
            "cluster-md-kmp-rt": "5.3.18-13.1",
            "kernel-rt_debug-devel": "5.3.18-13.1",
            "kernel-source-rt": "5.3.18-13.1",
            "kernel-rt": "5.3.18-13.1",
            "ocfs2-kmp-rt": "5.3.18-13.1",
            "gfs2-kmp-rt": "5.3.18-13.1",
            "kernel-syms-rt": "5.3.18-13.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-13.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-13.1",
            "dlm-kmp-rt": "5.3.18-13.1",
            "kernel-rt-devel": "5.3.18-13.1",
            "cluster-md-kmp-rt": "5.3.18-13.1",
            "kernel-rt_debug-devel": "5.3.18-13.1",
            "kernel-source-rt": "5.3.18-13.1",
            "kernel-rt": "5.3.18-13.1",
            "ocfs2-kmp-rt": "5.3.18-13.1",
            "gfs2-kmp-rt": "5.3.18-13.1",
            "kernel-syms-rt": "5.3.18-13.1"
        }
    ]
}