SUSE-SU-2021:1301-1

Source
https://www.suse.com/support/update/announcement/2021/suse-su-20211301-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2021:1301-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2021:1301-1
Related
Published
2021-04-21T12:30:05Z
Modified
2021-04-21T12:30:05Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).
  • CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).
  • CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).
  • CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).
  • CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
  • CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512).
  • CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).
  • CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194).

The following non-security bugs were fixed:

  • ALSA: aloop: Fix initialization of controls (git-fixes).
  • ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
  • appletalk: Fix skb allocation size in loopback case (git-fixes).
  • ASoC: cygnus: fix foreachchild.cocci warnings (git-fixes).
  • ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
  • ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer DAI descriptions (git-fixes).
  • ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes).
  • ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
  • ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
  • ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes).
  • ath10k: hold RCU lock when calling ieee80211findstabyifaddr() (git-fixes).
  • atl1c: fix error return code in atl1c_probe() (git-fixes).
  • atl1e: fix error return code in atl1e_probe() (git-fixes).
  • batman-adv: initialize 'struct batadvtvlvttvlandata'->reserved field (git-fixes).
  • bpf: Remove MTU check in _bpfskbmaxlen (bsc#1155518).
  • brcmfmac: clear EAP/association status bits on linkdown events (git-fixes).
  • bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes).
  • cifs: change noisy error message to FYI (bsc#1181507).
  • cifsdebug: use %pd instead of messing with ->dname (bsc#1181507).
  • cifs: do not send close in compound create+close requests (bsc#1181507).
  • cifs: New optype for session operations (bsc#1181507).
  • cifs: print MIDs in decimal notation (bsc#1181507).
  • cifs: return proper error code in statfs(2) (bsc#1181507).
  • cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
  • clk: fix invalid usage of list cursor in register (git-fixes).
  • clk: fix invalid usage of list cursor in unregister (git-fixes).
  • clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
  • drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes).
  • drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
  • drm/amdgpu: fix offset calculation in amdgpuvmboclearmappings() (git-fixes).
  • drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
  • drm/msm/adreno: a5xxpower: Do not apply A540 lmsetup to other GPUs (git-fixes).
  • drm/msm: Ratelimit invalid-fence message (git-fixes).
  • drm/msm: Set drvdata to NULL when msmdrminit() fails (git-fixes).
  • enetc: Fix reporting of h/w packet counters (git-fixes).
  • fuse: fix bad inode (bsc#1184211).
  • fuse: fix live lock in fuse_iget() (bsc#1184211).
  • i40e: Fix parameters in aqgetphy_register() (jsc#SLE-8025).
  • i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
  • ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
  • kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
  • libbpf: Fix INSTALL flag order (bsc#1155518).
  • locking/mutex: Fix non debug version of mutexlockio_nested() (git-fixes).
  • mac80211: choose first enabled channel for monitor (git-fixes).
  • mac80211: fix TXQ AC confusion (git-fixes).
  • mISDN: fix crash in fritzpci (git-fixes).
  • net: atheros: switch from 'pci' to 'dma' API (git-fixes).
  • net: b44: fix error return code in b44initone() (git-fixes).
  • net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes).
  • net: hns3: Remove the left over redundant check & assignment (bsc#1154353).
  • net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
  • net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
  • net: pasemi: fix error return code in pasemimacopen() (git-fixes).
  • net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
  • net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup (git-fixes).
  • net: sched: disable TCQFNOLOCK for pfifo_fast (bsc#1183405)
  • net: wan/lmc: unregister device when no matching device is found (git-fixes).
  • platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (git-fixes).
  • platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (git-fixes).
  • PM: runtime: Fix ordering in pmruntimeget_suppliers() (git-fixes).
  • post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).
  • powerpc/64s: Fix instruction encoding for lis in ppcfunctionentry() (bsc#1065729).
  • powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
  • powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
  • powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1156395).
  • powerpc/sstep: Fix darn emulation (bsc#1156395).
  • powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
  • powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
  • qlcnic: fix error return code in qlcnic83xxrestart_hw() (git-fixes).
  • RAS/CEC: Correct ceaddelem()'s returned values (bsc#1152489).
  • rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514)
  • scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231).
  • smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).
  • smb3: fix crediting for compounding when only one request in flight (bsc#1181507).
  • soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
  • thermal/core: Add NULL pointer check before using cooling device stats (git-fixes).
  • USB: cdc-acm: downgrade message to debug (git-fixes).
  • USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes).
  • USBip: vhcihcd fix shift out-of-bounds in vhcihub_control() (git-fixes).
  • USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes).
  • x86: Introduce TSCOMPATRESTART to fix getnrrestart_syscall() (bsc#1152489).
  • x86/ioapic: Ignore IRQ2 again (bsc#1152489).
  • x86/memencrypt: Correct physical address calculation in _setclrpte_enc() (bsc#1152489).
  • xen/events: fix setting irq affinity (bsc#1184583).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.44.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.44.1",
            "kernel-azure-devel": "5.3.18-18.44.1",
            "kernel-devel-azure": "5.3.18-18.44.1",
            "kernel-syms-azure": "5.3.18-18.44.1",
            "kernel-source-azure": "5.3.18-18.44.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.44.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.44.1",
            "kernel-azure-devel": "5.3.18-18.44.1",
            "kernel-devel-azure": "5.3.18-18.44.1",
            "kernel-syms-azure": "5.3.18-18.44.1",
            "kernel-source-azure": "5.3.18-18.44.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.44.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.44.1",
            "kernel-azure-devel": "5.3.18-18.44.1",
            "kernel-devel-azure": "5.3.18-18.44.1",
            "kernel-syms-azure": "5.3.18-18.44.1",
            "kernel-source-azure": "5.3.18-18.44.1"
        }
    ]
}