SUSE-SU-2021:0739-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20210739-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:0739-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:0739-1
Related
Published
2021-03-09T15:08:49Z
Modified
2021-03-09T15:08:49Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 kernel Azure was updated to receive various security and bugfixes.

The following security bugs was fixed:

  • CVE-2021-3348: Fixed a use-after-free read in nbdqueuerq (bsc#1181504).

The following non-security bugs were fixed:

  • ACPI: configfs: add missing check after configfsregisterdefault_group() (git-fixes).
  • ACPI: property: Fix fwnode string properties matching (git-fixes).
  • ACPI: property: Satisfy kernel doc validator (part 1) (git-fixes).
  • ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode (git-fixes).
  • arm64: Update config file. Set CONFIGWATCHDOGSYSFS to true (bsc#1182560)
  • ASoC: cs42l56: fix up error handling in probe (git-fixes).
  • ath9k: fix data bus crash when setting nf_override via debugfs (git-fixes).
  • block: fix use-after-free in diskpartiter_next (bsc#1182610).
  • Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (git-fixes).
  • Bluetooth: drop HCI device reference before return (git-fixes).
  • Bluetooth: Fix initializing response id after clearing struct (git-fixes).
  • Bluetooth: Put HCI device if inquiry procedure interrupts (git-fixes).
  • bonding: Fix reference count leak in bondsysfsslave_add (git-fixes).
  • bonding: wait for sysfs kobject destruction before freeing struct slave (git-fixes).
  • btrfs: Cleanup tryflushqgroup (bsc#1182047).
  • btrfs: correctly calculate item size used when item key collision happens (bsc#1181996).
  • btrfs: correctly validate compression type (bsc#1182269).
  • btrfs: delete the ordered isize update code (bsc#1181998).
  • btrfs: Do not flush from btrfsdelayedinodereservemetadata (bsc#1182047).
  • btrfs: do not set path->leave_spinning for truncate (bsc#1181998).
  • btrfs: factor out extent dropping code from hole punch handler (bsc#1182038).
  • btrfs: fix cloning range with a hole when using the NO_HOLES feature (bsc#1182038).
  • btrfs: fix data bytesmayuse underflow with fallocate due to failed quota reserve (bsc#1182130)
  • btrfs: fix ENOSPC errors, leading to transaction aborts, when cloning extents (bsc#1182038).
  • btrfs: fix hole extent items with a zero size after range cloning (bsc#1182038).
  • btrfs: fix lost i_size update after cloning inline extent (bsc#1181998).
  • btrfs: fix mount failure caused by race with umount (bsc#1182248).
  • btrfs: Fix race between extent freeing/allocation when using bitmaps (bsc#1181574).
  • btrfs: fix unexpected cow in rundelallocnocow (bsc#1181987).
  • btrfs: fix unexpected failure of nocow buffered writes after snapshotting when low on space (bsc#1181987).
  • btrfs: Free correct amount of space in btrfsdelayedinodereservemetadata (bsc#1182047).
  • btrfs: incremental send, fix file corruption when no-holes feature is enabled (bsc#1182184).
  • btrfs: Introduce extentiotree::owner to distinguish different io_trees (bsc#1181998).
  • btrfs: introduce per-inode file extent tree (bsc#1181998).
  • btrfs: prepare for extensions in compression options (bsc#1182269).
  • btrfs: prop: fix vanished compression property after failed set (bsc#1182269).
  • btrfs: prop: fix zstd compression parameter validation (bsc#1182269).
  • btrfs: Remove btrfsinode from btrfsdelayedinodereserve_metadata (bsc#1182047).
  • btrfs: replace all uses of btrfsorderedupdateisize (bsc#1181998).
  • btrfs: send, allow clone operations within the same file (bsc#1182173)
  • btrfs: send, do not issue unnecessary truncate operations (bsc#1182173)
  • btrfs: send, fix emission of invalid clone operations within the same file (bsc#1182173)
  • btrfs: send, fix incorrect file layout after hole punching beyond eof (bsc#1182173).
  • btrfs: send: fix invalid clone operations when cloning from the same file and root (bsc#1182173)
  • btrfs: send, fix missing truncate for inode with prealloc extent past eof (bsc#1182173).
  • btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1182243 bsc#1182242).
  • btrfs: send, recompute reference path after orphanization of a directory (bsc#1182243).
  • btrfs: Simplify code flow in btrfsdelayedinodereservemetadata (bsc#1182047).
  • btrfs: transaction: Avoid deadlock due to bad initialization timing of fsinfo::journalinfo (bsc#1181931).
  • btrfs: Unlock extents in btrfszerorange in case of errors (bsc#1182047).
  • btrfs: Use bddev to generate index when devstate_hashtable add items (bsc#1181931).
  • btrfs: use btrfsorderedupdateisize in clonefinishinode_update (bsc#1181998).
  • btrfs: use the file extent tree infrastructure (bsc#1181998).
  • cifs: report error instead of invalid when revalidating a dentry fails (bsc#1177440).
  • dm: avoid filesystem lookup in dmgetdev_t() (bsc#1178049).
  • ext4: do not remount read-only with errors=continue on reboot (bsc#1182464).
  • ext4: fix a memory leak of ext4freedata (bsc#1182447).
  • ext4: fix bug for rename with RENAME_WHITEOUT (bsc#1182449).
  • ext4: fix deadlock with fs freezing and EA inodes (bsc#1182463).
  • ext4: fix superblock checksum failure when setting password salt (bsc#1182465).
  • fgraph: Initialize tracinggraphpause at task creation (git-fixes).
  • firmware: imx: select SOC_BUS to fix firmware build (git-fixes).
  • Fix unsynchronized access to sev members through svmregisterenc_region (bsc#1114648).
  • fs: fix lazytime expiration handling in _writebacksingle_inode() (bsc#1182466).
  • fs: move IDIRTYINODE to fs.h (bsc#1182612).
  • HID: core: detect and skip invalid inputs to snto32() (git-fixes).
  • HID: wacom: Ignore attempts to overwrite the touch_max value from HID (git-fixes).
  • hwrng: timeriomem - Fix cooldown period calculation (git-fixes).
  • ibmvnic: Clear failover_pending if unable to schedule (bsc#1181960 ltc#190997).
  • ibmvnic: device remove has higher precedence over reset (bsc#1065729).
  • ibmvnic: fix a race between open and reset (bsc#1176855 ltc#187293).
  • ibmvnic: fix login buffer memory leak (bsc#1081134 ltc#164631).
  • ibmvnic: serialize access to work queue on remove (bsc#1065729).
  • ibmvnic: Set to CLOSED state even on error (bsc#1084610 ltc#165122 git-fixes).
  • Input: elo - fix an error code in elo_connect() (git-fixes).
  • Input: joydev - prevent potential read overflow in ioctl (git-fixes).
  • iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
  • kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
  • kernel-binary.spec: Add back initrd and image symlink ghosts to filelist (bsc#1182140). Fixes: 76a9256314c3 ('rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).')
  • kernfs: deal with kernfsfillsuper() failures (bsc#1181809).
  • KVM: apic: Flush TLB after APIC mode/address change if VPIDs are in use (bsc#1182302).
  • KVM: Fix kABI for setvirtualapic_mode (bsc#1182310).
  • KVM: Fix kABI for tlb_flush (bsc#1182195).
  • KVM-vmx-Basic-APIC-virtualization-controls-have-thre.patch: (bsc#1182310).
  • KVM: VMX: check for existence of secondary exec controls before accessing (bsc#1182438).
  • KVM: VMX: hide flexpriority from guest when disabled at the module level (bsc#1182448).
  • KVM-vmx-Introduce-lapic_mode-enumeration.patch: (bsc#1182307).
  • KVM: x86: emulate RDPID (bsc#1182182).
  • KVM: x86: emulating RDPID failure shall return #UD rather than
  • KVM: X86: introduce invalidate_gpa argument to tlb flush (bsc#1182195).
  • libfs: fix error cast of negative value in simpleattrwrite() (bsc#1179709).
  • libnvdimm/dimm: Avoid race between probe and availableslotsshow() (bsc#1170442).
  • mac80211: fix potential overflow when multiplying to u32 integers (git-fixes).
  • media: cx25821: Fix a bug when reallocating some dma memory (git-fixes).
  • media: media/pci: Fix memleak in empress_init (git-fixes).
  • media: pwc: Use correct device for DMA (git-fixes).
  • media: pxa_camera: declare variable when DEBUG is defined (git-fixes).
  • media: qm1d1c0042: fix error return code in qm1d1c0042_init() (git-fixes).
  • media: tm6000: Fix memleak in tm6000startstream (git-fixes).
  • media: vsp1: Fix an error handling path in the probe function (git-fixes).
  • mfd: wm831x-auxadc: Prevent use after free in wm831xauxadcread_irq() (git-fixes).
  • misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (git-fixes).
  • misc: eeprom_93xx46: Fix module alias to enable module autoprobe (git-fixes).
  • mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (git-fixes).
  • mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support is disabled (bsc#1181896 ltc#191273).
  • mm: thp: kABI: move the added flag to the end of enum (bsc#1181896 ltc#191273).
  • nbd: Fix memory leak in nbdaddsocket (bsc#1181504).
  • net: bcmgenet: add support for ethtool rxnfc flows (git-fixes).
  • net: bcmgenet: code movement (git-fixes).
  • net: bcmgenet: fix mask check in bcmgenetvalidateflow() (git-fixes).
  • net: bcmgenet: Fix WoL with password after deep sleep (git-fixes).
  • net: bcmgenet: re-remove bcmgenethfbadd_filter (git-fixes).
  • net: bcmgenet: set Rx mode before starting netif (git-fixes).
  • net: bcmgenet: use _be16 for htons(ETHP_IP) (git-fixes).
  • net: bcmgenet: Use correct I/O accessors (git-fixes).
  • net: lpc-enet: fix error return code in lpcmiiinit() (git-fixes).
  • net/mlx4_en: Handle TX error CQE (bsc#1181854).
  • net: moxa: Fix a potential double 'free_irq()' (git-fixes).
  • net: sun: fix missing release regions in casinitone() (git-fixes).
  • nvme-multipath: Early exit if no path is available (git-fixes).
  • objtool: Do not fail on missing symbol table (bsc#1169514).
  • PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
  • powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning (bsc#1182571 ltc#191345).
  • powerpc: Fix alignment bug within the init sections (bsc#1065729).
  • powerpc/perf: Exclude kernel samples while counting events in user space (bsc#1065729).
  • powerpc/perf/hv-24x7: Dont create sysfs event files for dummy events (bsc#1182118 ltc#190624).
  • powerpc/pseries/dlpar: handle ibm, configure-connector delay status (bsc#1181985 ltc#188074).
  • powerpc/pseries/eeh: Make pseriespcibiosbusadddevice() static (bsc#1078720, git-fixes).
  • powerpc/pseries: extract host bridge from pci_bus prior to bus removal (bsc#1182171 ltc#190900).
  • powerpc/pseries/ras: Make initrashotplug_IRQ() static (bsc#1065729. git-fixes).
  • power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (git-fixes).
  • ptrace: reintroduce usage of subjective credentials in ptracehascap() (bsc#1163930).
  • ptrace: Set PF_SUPERPRIV when checking capability (bsc#1163930).
  • quota: Fix error codes in v2readfile_info() (bsc#1182652).
  • quota: Fix memory leak when handling corrupted quota file (bsc#1182650).
  • quota: Sanity-check quota file headers on load (bsc#1182461).
  • regulator: axp20x: Fix reference cout leak (git-fixes).
  • reiserfs: add check for an invalid ihentrycount (bsc#1182462).
  • rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058)
  • s390/pci: adaptation of iommu to multifunction (bsc#1179612).
  • s390/pci: Mark all VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
  • scsi: qla2xxx: Fix description for parameter ql2xenforceiocblimit (bsc#1179142).
  • scsi: target: Fix truncated PR-in ReadKeys response (bsc#1182590).
  • scsi: target: fix unmapzeroesdata boolean initialisation (bsc#1163617).
  • staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (git-fixes).
  • tools lib traceevent: Fix 'robust' test of dogeneratedynamiclistfile (git-fixes).
  • tpm_tis: Clean up locality release (git-fixes).
  • tpmtis: Fix checklocality for correct locality acquisition (git-fixes).
  • tracing: Check length before giving out the filter buffer (git-fixes).
  • tracing: Do not count ftrace events in top level enable output (git-fixes).
  • USB: cdc-acm: blacklist another IR Droid device (git-fixes).
  • USB: dwc2: Abort transaction after errors with unknown reason (git-fixes).
  • USB: dwc2: Make 'trimming xfer length' a debug message (git-fixes).
  • USB: musb: Fix runtime PM race in musbqueueresume_work (git-fixes).
  • USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 (git-fixes).
  • USB: serial: cp210x: add pid/vid for WSDA-200-USB (git-fixes).
  • USB: serial: mos7720: fix error code in mos7720_write() (git-fixes).
  • USB: serial: mos7720: improve OOM-handling in readmosreg() (git-fixes).
  • USB: serial: mos7840: fix error code in mos7840_write() (git-fixes).
  • USB: serial: option: Adding support for Cinterion MV31 (git-fixes).
  • USB: serial: option: add LongSung M5710 module support (git-fixes).
  • USB: uas: Add PNY USB Portable SSD to unusual_uas (git-fixes).
  • USB: usblp: fix DMA to stack (git-fixes).
  • vfio/pci: Decouple PCICOMMANDMEMORY bit checks from is_virtfn (bsc#1179612).
  • vmxnet3: Remove buf_info from device accessible structures (bsc#1181671).
  • writeback: Drop IDIRTYTIME_EXPIRE (bsc#1182460).
  • x86/apic: Add extra serialization for non-serializing MSRs (bsc#1114648).
  • x86/efistub: Disable paging at mixed mode entry (bsc#1114648).
  • x86/entry/64/compat: Fix 'x86/entry/64/compat: Preserve r8-r11 in int $0x80' (bsc#1114648).
  • x86/entry/64/compat: Preserve r8-r11 in int $0x80 (bsc#1114648).
  • x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1114648).
  • x86/resctrl: Remove unused struct mbmstate::chunksbw (bsc#1114648).
  • xen-blkfront: allow discard-* nodes to be optional (bsc#1181346).
  • xen/netback: avoid race in xenvifrxringslotsavailable() (bsc#1065600).
  • xen/netback: fix spurious event detection for common event case (bsc#1182175).
  • xfs: reduce quota reservation when doing a dax unwritten extent conversion (git-fixes bsc#1182561).
  • xhci: fix bounce buffer usage for non-sg list case (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.47.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.47.1",
            "kernel-azure-devel": "4.12.14-16.47.1",
            "kernel-devel-azure": "4.12.14-16.47.1",
            "kernel-syms-azure": "4.12.14-16.47.1",
            "kernel-azure-base": "4.12.14-16.47.1",
            "kernel-source-azure": "4.12.14-16.47.1"
        }
    ]
}