SUSE-SU-2021:2416-1

CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116)
CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to obtain full root privileges. (bsc#1188062)
CVE-2021-3609: Fixed a race condition in the CAN BCM networking protocol which allows for local privilege escalation. (bsc#1187215)
CVE-2021-3612: Fixed an out-of-bounds memory write flaw which could allows a local user to crash the system or possibly escalate their privileges on the system. (bsc#1187585)
CVE-2020-36385: Fixed a use-after-free flaw in ucma.c which allows for local privilege escalation. (bsc#1187050)

The following non-security bugs were fixed:

ACPI: property: Constify stubs for CONFIG_ACPI=n case (git-fixes).
ACPI: sysfs: Fix a buffer overrun problem with description_show() (git-fixes).
ALSA: isa: Fix error return code in sndcmi8330probe() (git-fixes).
arm_pmu: Fix write counter incorrect in ARMv7 big-endian mode (git-fixes).
arm64/mm: Fix ttbr0 values stored in struct thread_info for software-pan (git-fixes).
ASoC: cs42l42: Correct definition of CS42L42ADCPDN_MASK (git-fixes).
ASoC: hisilicon: fix missing clkdisableunprepare() on error in hi6210i2sstartup() (git-fixes).
ata: ahci_sunxi: Disable DIPM (git-fixes).
ath10k: Fix an error code in ath10kaddinterface() (git-fixes).
Bluetooth: mgmt: Fix slab-out-of-bounds in tlvdatais_valid (git-fixes).
brcmfmac: correctly report average RSSI in station info (git-fixes).
brcmfmac: fix setting of station info chains bitmask (git-fixes).
brcmsmac: mac80211_if: Fix a resource leak in an error handling path (git-fixes).
can: gw: synchronize rcu operations before removing gw job entry (git-fixes).
can: hi311x: hi3110canprobe(): silence clang warning (git-fixes).
can: peakpciefd: pucanhandle_status(): fix a potential starvation issue in TX path (git-fixes).
cfg80211: call cfg80211leaveocb when switching away from OCB (git-fixes).
char: pcmcia: error out if 'numbytesread' is greater than 4 in set_protocol() (git-fixes).
crypto: cavium/nitrox - Fix an error rhandling path in 'nitrox_probe()' (git-fixes).
cxgb4: fix wrong shift (git-fixes).
drm: qxl: ensure surf.data is ininitialized (git-fixes).
drm/nouveau: wait for moving fence after pinning v2 (git-fixes).
drm/radeon: wait for moving fence after pinning (git-fixes).
drm/rockchip: cdn-dp-core: add missing clkdisableunprepare() on error in cdndpgrf_write() (git-fixes).
extcon: max8997: Add missing modalias string (git-fixes).
extcon: sm5502: Drop invalid register write in sm5502regdata (git-fixes).
fpga: stratix10-soc: Add missing fpgamgrfree() call (git-fixes).
fuse: check connected before queueing on fpq->io (bsc#1188273).
fuse: reject internal errno (bsc#1188274).
genirq: Disable interrupts for force threaded handlers (git-fixes)
genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
genirq: Let GENERICIRQIPI select IRQDOMAINHIERARCHY (git-fixes)
genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
gve: Fix swapped vars when fetching max queues (git-fixes).
HID: Add BUSVIRTUAL to hidconnect logging (git-fixes).
HID: gt683r: add missing MODULEDEVICETABLE (git-fixes).
HID: hid-sensor-hub: Return error for hidsetfield() failure (git-fixes).
HID: usbhid: fix info leak in hidsubmitctrl (git-fixes).
hwmon: (max31722) Remove non-standard ACPI device IDs (git-fixes).
hwmon: (max31790) Fix fan speed reporting for fan7..12 (git-fixes).
i2c: robotfuzz-osif: fix control-request directions (git-fixes).
ibmvnic: Allow device probe if the device is not ready at boot (bsc#1184114 ltc#192237).
ibmvnic: fix kernel build warning (bsc#1184114 ltc#192237).
ibmvnic: fix kernel build warning in strncpy (bsc#1184114 ltc#192237).
ibmvnic: fix kernel build warnings in buildhdrdescs_arr (bsc#1184114 ltc#192237).
ibmvnic: fix sendrequestmap incompatible argument (bsc#1184114 ltc#192237).>
ibmvnic: free txpool if tsopool alloc fails (bsc#1085224 ltc#164363).
ibmvnic: parenthesize a check (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139 git-fixes).
ibmvnic: set ltb->buff to NULL after freeing (bsc#1094840 ltc#167098).
ibmvnic: Use listforeach_entry() to simplify code in ibmvnic.c (bsc#1184114 ltc#192237).
ibmvnic: Use strscpy() instead of strncpy() (bsc#1184114 ltc#192237).
iio: accel: bma180: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: accel: bma220: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: accel: hid: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: accel: kxcjk-1013: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: accel: stk8312: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: accel: stk8ba50: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: adc: mxs-lradc: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: adc: ti-ads1015: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: adc: vf610: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: adis_buffer: do not return ints in irq handlers (git-fixes).
iio: gyro: bmg160: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: humidity: am2315: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: light: isl29125: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: light: tcs3414: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
iio: ltr501: ltr501readps(): add missing endianness conversion (git-fixes).
iio: ltr501: ltr559: fix initialization of LTR501ALSCONTR (git-fixes).
iio: ltr501: mark register holding upper 8 bits of ALSDATA{0,1} and PSDATA as volatile, too (git-fixes).
iio: potentiostat: lmp91000: Fix alignment of buffer in iiopushtobufferswith_timestamp() (git-fixes).
iio: prox: pulsed-light: Fix buffer alignment in iiopushtobufferswith_timestamp() (git-fixes).
Input: hilkbd - fix error return code in hildev_connect() (git-fixes).
Input: usbtouchscreen - fix control-request directions (git-fixes).
leds: ktd2692: Fix an error handling path (git-fixes).
leds: trigger: fix potential deadlock with libata (git-fixes).
lib/decompressors: remove set but not used variabled 'level' (git-fixes).
lpfc: Decouple porttemplate and vporttemplate (bsc#1185032).
mac80211: remove iwlwifi specific workaround NDPs of null_response (git-fixes).
mac80211: remove warning in ieee80211getsband() (git-fixes).
media: dtv5100: fix control-request directions (git-fixes).
media: dvb-usb: fix wrong definition (git-fixes).
media: exynos4-is: Fix a use after free in ispvideorelease (git-fixes).
media: gspca/gl860: fix zero-length control requests (git-fixes).
media: gspca/sq905: fix control-request direction (git-fixes).
media: gspca/sunplus: fix zero-length control requests (git-fixes).
media: I2C: change 'RST' to 'RSET' to fix multiple build errors (git-fixes).
media: rtl28xxu: fix zero-length control request (git-fixes).
media: s5p-g2d: Fix a memory leak on ctx->fh.m2m_ctx (git-fixes).
media: siano: Fix out-of-bounds warnings in smscoreloadfirmware_family2() (git-fixes).
media: tc358743: Fix error return code in tc358743probeof() (git-fixes).
media: zr364xx: fix memory leak in zr364xxstartreadpipe (git-fixes).
memory: atmel-ebi: add missing ofnodeput for loop iteration (git-fixes).
memory: fsl_ifc: fix leak of IO mapping on probe failure (git-fixes).
memory: fsl_ifc: fix leak of private memory on probe failure (git-fixes).
memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (git-fixes).
mmc: block: Disable CMDQ on the ioctl path (git-fixes).
mmc: core: clear flags before allowing to retune (git-fixes).
mmc: sdhci-esdhc-imx: remove unused isimx6qusdhc (git-fixes).
mmc: sdhci: Fix warning message when accessing RPMB in HS400 mode (git-fixes).
mmc: usdhi6rol0: fix error return code in usdhi6_probe() (git-fixes).
mmc: vub3000: fix control-request direction (git-fixes).
mwifiex: re-fix for unaligned accesses (git-fixes).
net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
netsec: restore phy power state after controller reset (git-fixes).
nvme: verify MNAN value if ANA is enabled (bsc#1185791).
PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
PCI: Mark TI C667X to avoid bus reset (git-fixes).
PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
r8152: Avoid memcpy() over-reading of ETHSSSTATS (git-fixes).
reset: a10sr: add missing ofmatchtable reference (git-fixes).
reset: bail if trymoduleget() fails (git-fixes).
reset: sti: reset-syscfg: fix struct description warnings (git-fixes).
Revert 'ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro' (git-fixes).
Revert 'hwmon: (lm80) fix a missing check of bus read in lm80 probe' (git-fixes).
Revert 'ibmvnic: remove duplicate napi_schedule call in open function' (bsc#1065729).
Revert 'PCI: PM: Do not read power state in pcienabledevice_flags()' (git-fixes).
Revert 'USB: cdc-acm: fix rounding error in TIOCSSERIAL' (git-fixes).
sched/cpufreq/schedutil: Fix error path mutex unlock (git-fixes)
sched/fair: Do not assign runtime for throttled cfs_rq (git-fixes)
sched/fair: Fix unfairness caused by missing load decay (git-fixes)
sched/numa: Fix a possible divide-by-zero (git-fixes)
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (bsc#1185995).
scsi: qedf: Do not put host in qedfvportcreate() unconditionally (bsc#1170511).
serial: mvebu-uart: clarify the baud rate derivation (git-fixes).
serial: mvebu-uart: correctly calculate minimal possible baudrate (git-fixes).
serial: mvebu-uart: do not allow changing baudrate when uartclk is not available (git-fixes).
serial: mvebu-uart: fix calculation of clock divisor (git-fixes).
spi: spi-sun6i: Fix chipselect/clock bug (git-fixes).
spi: tegra114: Fix an error message (git-fixes).
staging: gdm724x: check for buffer overflow in gdmltemultisdupkt() (git-fixes).
staging: gdm724x: check for overflow in gdmltenetif_rx() (git-fixes).
tty: nozomi: Fix a resource leak in an error handling function (git-fixes).
tty: nozomi: Fix the error handling path of 'nozomicardinit()' (git-fixes).
usb: typec: Add the missed altmodeidremove() in typecregisteraltmode() (git-fixes).
watchdog: aspeed: fix hardware timeout calculation (git-fixes).
watchdog: sp805: Fix kernel doc description (git-fixes).
wcn36xx: Move halbuf allocation to devmkmalloc in probe (git-fixes).
wireless: carl9170: fix LEDS build errors and warnings (git-fixes).
x86/debug: Extend the lower bound of crash kernel low reservations (bsc#1153720).
x86/kvm: Disable all PV features on crash (bsc#1185308).
x86/kvm: Disable kvmclock on all CPUs on shutdown (bsc#1185308).
x86/kvm: Fix pr_info() for async PF setup/teardown (bsc#1185308).
x86/kvm: Teardown PV features on boot CPU as well (bsc#1185308).
x86/kvm: Unify kvmpvguestcpureboot() with kvmguestcpu_offline() (bsc#1185308).

References

Affected packages

SUSE:Linux Enterprise High Availability Extension 12 SP5 / kernel-default

Package

Name: kernel-default
Purl: pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.12.14-122.80.1",
            "gfs2-kmp-default": "4.12.14-122.80.1",
            "ocfs2-kmp-default": "4.12.14-122.80.1",
            "cluster-md-kmp-default": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kernel-default

Package

Name: kernel-default
Purl: pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-kgraft": "4.12.14-122.80.1",
            "kernel-default-kgraft-devel": "4.12.14-122.80.1",
            "kgraft-patch-4_12_14-122_80-default": "1-8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kgraft-patch-SLE12-SP5_Update_21

Package

Name: kgraft-patch-SLE12-SP5_Update_21
Purl: pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_21&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1-8.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-kgraft": "4.12.14-122.80.1",
            "kernel-default-kgraft-devel": "4.12.14-122.80.1",
            "kgraft-patch-4_12_14-122_80-default": "1-8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-docs

Package

Name: kernel-docs
Purl: pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.80.1",
            "kernel-obs-build": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-obs-build

Package

Name: kernel-obs-build
Purl: pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.80.1",
            "kernel-obs-build": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-default

Package

Name: kernel-default
Purl: pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source

Package

Name: kernel-source
Purl: pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms

Package

Name: kernel-syms
Purl: pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-default

Package

Name: kernel-default
Purl: pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source

Package

Name: kernel-source
Purl: pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms

Package

Name: kernel-syms
Purl: pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.80.1",
            "kernel-devel": "4.12.14-122.80.1",
            "kernel-default-base": "4.12.14-122.80.1",
            "kernel-default-man": "4.12.14-122.80.1",
            "kernel-default": "4.12.14-122.80.1",
            "kernel-source": "4.12.14-122.80.1",
            "kernel-syms": "4.12.14-122.80.1",
            "kernel-default-devel": "4.12.14-122.80.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP5 / kernel-default

Package

Name: kernel-default
Purl: pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-122.80.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.12.14-122.80.1"
        }
    ]
}