SUSE-SU-2020:1699-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:1699-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:1699-1
- Related
- Published
- 2020-06-22T07:52:05Z
- Modified
- 2020-06-22T07:52:05Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-10768: The prctl() function could be used to enable indirect branch speculation even after it has been disabled. (bnc#1172783)
- CVE-2020-10766: A bug in the logic handling could allow an attacker with a local account to disable SSBD protection. (bnc#1172781)
- CVE-2020-10767: A IBPB would be disabled when STIBP was not available or when Enhanced Indirect Branch Restricted Speculation (IBRS) was available. This is unexpected behaviour could leave the system open to a spectre v2 style attack (bnc#1172782)
- CVE-2020-13974: drivers/tty/vt/keyboard.c had an integer overflow if k_ascii was called several times in a row (bnc#1172775)
- CVE-2019-20810: go7007sndinit did not call sndcardfree for a failure path, which caused a memory leak (bnc#1172458)
The following non-security bugs were fixed:
- ACPI: PM: Avoid using power resources if there are none for D0 (bsc#1051510).
- ALSA: es1688: Add the missed sndcardfree() (bsc#1051510).
- ALSA: hda/hdmi - enable runtime pm for newer AMD display audio (bsc#1111666).
- ALSA: hda/realtek - Add LED class support for micmute LED (bsc#1111666).
- ALSA: hda/realtek - Enable micmute LED on and HP system (bsc#1111666).
- ALSA: hda/realtek - Fix unused variable warning w/o CONFIGLEDSTRIGGER_AUDIO (bsc#1111666).
- ALSA: hda/realtek - Introduce polarity for micmute LED GPIO (bsc#1111666).
- ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines (bsc#1111666).
- ALSA: hda: Add ElkhartLake HDMI codec vid (bsc#1111666).
- ALSA: hda: add siennacichlid audio asic id for siennacichlid up (bsc#1111666).
- ALSA: pcm: disallow linking stream to itself (bsc#1111666).
- ALSA: usb-audio: Add Pioneer DJ DJM-900NXS2 support (bsc#1111666).
- ALSA: usb-audio: Add duplex sound support for USB devices using implicit feedback (bsc#1111666).
- ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt Dock (bsc#1111666).
- ALSA: usb-audio: Clean up quirk entries with macros (bsc#1111666).
- ALSA: usb-audio: Fix inconsistent card PM state after resume (bsc#1111666).
- ALSA: usb-audio: Fix racy list management in output queue (bsc#1111666).
- ALSA: usb-audio: Manage auto-pm of all bundled interfaces (bsc#1111666).
- ALSA: usb-audio: Use the new macro for HP Dock rename quirks (bsc#1111666).
- CDC-ACM: heed quirk also in error handling (git-fixes).
- HID: sony: Fix for broken buttons on DS3 USB dongles (bsc#1051510).
- KVM: x86/mmu: Set mmio_value to '0' if reserved #PF can't be generated (bsc#1171904).
- KVM: x86: only do L1TF workaround on affected processors (bsc#1171904).
- NFS: Fix an RCU lock leak in nfs4refreshdelegation_stateid() (bsc#1170592).
- NFSv4: Retry CLOSE and DELEGRETURN on NFS4ERROLDSTATEID (bsc#1170592).
- PCI/PM: Call .bridge_d3() hook only if non-NULL (git-fixes).
- PCI/PTM: Inherit Switch Downstream Port PTM settings from Upstream Port (bsc#1051510).
- PCI: Allow pciresizeresource() for devices on root bus (bsc#1051510).
- PCI: Fix pciregisterhostbridge() deviceregister() error handling (bsc#1051510).
- PCI: Program MPS for RCiEP devices (bsc#1051510).
- RDMA/efa: Fix setting of wrong bit in get/set_feature commands (bsc#1111666)
- RDMA/efa: Support remote read access in MR registration (bsc#1111666)
- RDMA/efa: Unified getters/setters for device structs bitmask access (bsc#1111666)
- USB: gadget: udc: s3c2410udc: Remove pointless NULL check in s3c2410udc_nuke (bsc#1051510).
- USB: host: ehci-mxc: Add error handling in ehcimxcdrv_probe() (bsc#1051510).
- USB: serial: option: add Telit LE910C1-EUX compositions (bsc#1051510).
- USB: serial: qcserial: add DW5816e QDL support (bsc#1051510).
- USB: serial: usb_wwan: do not resubmit rx urb on fatal errors (bsc#1051510).
- USB: serial: usb_wwan: do not resubmit rx urb on fatal errors (git-fixes).
- arm64: map FDT as RW for earlyinitdt_scan() (jsc#SLE-12423).
- bcache: Fix an error code in bchdumpread() (git fixes (block drivers)).
- block: remove QUEUEFLAGSTACKABLE (git fixes (block drivers)).
- block: sed-opal: fix sparse warning: convert __be64 data (git fixes (block drivers)).
- brcmfmac: fix wrong location to get firmware feature (bsc#1111666).
- btrfs: do not zero f_bavail if we have available space (bsc#1168081).
- btrfs: do not zero f_bavail if we have available space (bsc#1168081).
- char/random: Add a newline at the end of the file (jsc#SLE-12423).
- cifs: get rid of unused parameter in reconnsetupdfs_targets() (bsc#1144333).
- cifs: handle hostnames that resolve to same ip in failover (bsc#1144333 bsc#1161016).
- cifs: set up next DFS target before genericipconnect() (bsc#1144333 bsc#1161016).
- clk: bcm2835: Fix return type of bcm2835registergate (bsc#1051510).
- clk: clk-flexgen: fix clock-critical handling (bsc#1051510).
- clk: sunxi: Fix incorrect usage of round_down() (bsc#1051510).
- compat_ioctl: block: handle BLKREPORTZONE/BLKRESETZONE (git fixes (block drivers)).
- compat_ioctl: block: handle Persistent Reservations (git fixes (block drivers)).
- copy{to,from}user(): consolidate object size checks (git fixes).
- crypto: caam - update xts sector size for large input length (bsc#1111666).
- crypto: chelsio/chtls: properly set tp->lsndtime (bsc#1111666).
- dm btree: increase rebalance threshold in __rebalance2() (git fixes (block drivers)).
- dm cache: fix a crash due to incorrect work item cancelling (git fixes (block drivers)).
- dm crypt: fix benbi IV constructor crash if used in authenticated mode (git fixes (block drivers)).
- dm space map common: fix to ensure new block isn't already in use (git fixes (block drivers)).
- dm verity fec: fix hash block number in verityfecdecode (git fixes (block drivers)).
- dm verity fec: fix memory leak in verityfecdtr (git fixes (block drivers)).
- dm: fix potential for q->makerequestfn NULL pointer (git fixes (block drivers)).
- dm: various cleanups to md->queue initialization code (git fixes).
- dmaengine: tegra210-adma: Fix an error handling path in 'tegraadmaprobe()' (bsc#1111666).
- drivers: soc: ti: knavqmssqueue: Make knavgprange_ops static (bsc#1051510).
- drm/i915: Whitelist context-local timestamp in the gen9 cmdparser (bsc#1111666).
- drm: amd/display: fix Kconfig help text (bsc#1113956)
- efi/random: Increase size of firmware supplied randomness (jsc#SLE-12423).
- efi/random: Treat EFIRNGPROTOCOL output as bootloader randomness (jsc#SLE-12423).
- efi: READ_ONCE rng seed size before munmap (jsc#SLE-12423).
- efi: Reorder prnotice() with adddevice_randomness() call (jsc#SLE-12423).
- evm: Check also if *tfm is an error pointer in init_desc() (bsc#1051510).
- evm: Fix a small race in init_desc() (bsc#1051510).
- extcon: adc-jack: Fix an error handling path in 'adcjackprobe()' (bsc#1051510).
- fdt: Update CRC check for rng-seed (jsc#SLE-12423).
- fdt: add support for rng-seed (jsc#SLE-12423).
- firmware: imx: scu: Fix corruption of header (git-fixes).
- firmware: imx: scu: Fix possible memory leak in imxscuprobe() (bsc#1111666).
- fpga: dfl: afu: Corrected error handling levels (git-fixes).
- fs/reiserfs: Reenabled reiserfs (bsc#1172884)
- gpiolib: Document that GPIO line names are not globally unique (bsc#1051510).
- gpu: ipu-v3: pre: do not trigger update if buffer address does not change (bsc#1111666).
- iio: buffer: Do not allow buffers without any channels enabled to be activated (bsc#1051510).
- iio: pressure: bmp280: Tolerate IRQ before registering (bsc#1051510).
- ima: Directly assign the imadefaultpolicy pointer to ima_rules (bsc#1051510).
- ima: Fix ima digest hash table key calculation (bsc#1051510).
- include/asm-generic/topology.h: guard cpumaskofnode() macro argument (bsc#1148868).
- kabi: ppc64le: prevent struct dmamapops to become defined (jsc#SLE-12423).
- kvm: x86: Fix L1TF mitigation for shadow MMU (bsc#1171904).
- livepatch: Apply vmlinux-specific KLP relocations early (bsc#1071995).
- livepatch: Disallow vmlinux.ko (bsc#1071995).
- livepatch: Make klpapplyobject_relocs static (bsc#1071995).
- livepatch: Prevent module-specific KLP rela sections from referencing vmlinux symbols (bsc#1071995).
- livepatch: Remove .klp.arch (bsc#1071995).
- mac80211: add option for setting control flags (bsc#1111666).
- mac80211: set IEEE80211TXCTRLPORTCTRL_PROTO for nl80211 TX (bsc#1111666).
- mailbox: imx: Disable the clock on devmmboxcontroller_register() failure (git-fixes).
- md: Avoid namespace collision with bitmap API (git fixes (block drivers)).
- md: use memalloc scope APIs in mddevsuspend()/mddevresume() (bsc#1166985)).
- md: use memalloc scope APIs in mddevsuspend()/mddevresume() (git fixes (block drivers)).
- mdraid: fix read/write bytes accounting (bsc#1172537).
- mmc: block: Fix request completion in the CQE timeout path (bsc#1111666).
- mmc: block: Fix use-after-free issue for rpmb (bsc#1111666).
- mmc: fix compilation of user API (bsc#1051510).
- netfilter: connlabels: prefer static lock initialiser (git-fixes).
- netfilter: not mark a spinlock as _readmostly (git-fixes).
- nl80211: fix NL80211ATTRCHANNEL_WIDTH attribute type (bsc#1111666).
- nvme-fc: Fail transport errors with NVMESCHOST_PATH (bsc#1158983 bsc#1172538).
- nvme-tcp: fail command with NVMESCHOSTPATHERROR send failed (bsc#1158983 bsc#1172538).
- nvme: fail cancelled commands with NVMESCHOSTPATHERROR (bsc#1158983 bsc#1172538).
- overflow.h: Add arithmetic shift helper (git fixes).
- overflow: Fix -Wtype-limits compilation warnings (git fixes).
- p54usb: add AirVasT USB stick device-id (bsc#1051510).
- pcmnative: result of putuser() needs to be checked (bsc#1111666).
- perf, pt, coresight: Fix address filters for vmas with non-zero offset (git-fixes).
- perf, pt, coresight: Fix address filters for vmas with non-zero offset (git-fixes).
- perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).
- perf/cgroup: Fix perf cgroup hierarchy support (git-fixes).
- perf/core: Add sanity check to deal with pinned event failure (git-fixes).
- perf/core: Add sanity check to deal with pinned event failure (git-fixes).
- perf/core: Avoid freeing static PMU contexts when PMU is unregistered (git-fixes).
- perf/core: Avoid freeing static PMU contexts when PMU is unregistered (git-fixes).
- perf/core: Correct event creation with PERFFORMATGROUP (git-fixes).
- perf/core: Correct event creation with PERFFORMATGROUP (git-fixes).
- perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).
- perf/core: Do not WARN() for impossible ring-buffer sizes (git-fixes).
- perf/core: Fix _perfreadgroupadd() locking (git-fixes (dependent patch)).
- perf/core: Fix _perfreadgroupadd() locking (git-fixes (dependent patch)).
- perf/core: Fix bad use of igrab() (git fixes (dependent patch)).
- perf/core: Fix crash when using HW tracing kernel filters (git-fixes).
- perf/core: Fix ctxeventtype in ctx_resched() (git-fixes).
- perf/core: Fix ctxeventtype in ctx_resched() (git-fixes).
- perf/core: Fix error handling in perfeventalloc() (git-fixes).
- perf/core: Fix error handling in perfeventalloc() (git-fixes).
- perf/core: Fix exclusive events' grouping (git-fixes).
- perf/core: Fix exclusive events' grouping (git-fixes).
- perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).
- perf/core: Fix group scheduling with mixed hw and sw events (git-fixes).
- perf/core: Fix impossible ring-buffer sizes warning (git-fixes).
- perf/core: Fix impossible ring-buffer sizes warning (git-fixes).
- perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes (dependent patch for 18736eef1213)).
- perf/core: Fix lock inversion between perf,trace,cpuhp (git-fixes (dependent patch for 18736eef1213)).
- perf/core: Fix locking for children siblings group read (git-fixes).
- perf/core: Fix locking for children siblings group read (git-fixes).
- perf/core: Fix perfeventread_value() locking (git-fixes).
- perf/core: Fix perfeventread_value() locking (git-fixes).
- perf/core: Fix perfpmuunregister() locking (git-fixes).
- perf/core: Fix perfpmuunregister() locking (git-fixes).
- perf/core: Fix perfsampleregs_user() mm check (git-fixes).
- perf/core: Fix perfsampleregs_user() mm check (git-fixes).
- perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).
- perf/core: Fix possible Spectre-v1 indexing for ->aux_pages (git-fixes).
- perf/core: Fix race between close() and fork() (git-fixes).
- perf/core: Fix race between close() and fork() (git-fixes).
- perf/core: Fix the address filtering fix (git-fixes).
- perf/core: Fix the address filtering fix (git-fixes).
- perf/core: Fix use-after-free in uprobeperfclose() (git-fixes).
- perf/core: Fix use-after-free in uprobeperfclose() (git-fixes).
- perf/core: Force USER_DS when recording user stack data (git-fixes).
- perf/core: Force USER_DS when recording user stack data (git-fixes).
- perf/core: Restore mmap record type correctly (git-fixes).
- perf/core: Restore mmap record type correctly (git-fixes).
- perf/ioctl: Add check for the sample_period value (git-fixes).
- perf/ioctl: Add check for the sample_period value (git-fixes).
- perf/x86/pt, coresight: Clean up address filter structure (git fixes (dependent patch)).
- perf: Allocate context taskctxdata for child event (git-fixes).
- perf: Allocate context taskctxdata for child event (git-fixes).
- perf: Copy parent's address filter offsets on clone (git-fixes).
- perf: Copy parent's address filter offsets on clone (git-fixes).
- perf: Fix header.size for namespace events (git-fixes).
- perf: Fix header.size for namespace events (git-fixes).
- perf: Return proper values for user stack errors (git-fixes).
- perf: Return proper values for user stack errors (git-fixes).
- pid: Improve the comment about waiting in zappidns_processes (git fixes)).
- pinctrl: freescale: imx: Fix an error handling path in 'imxpinctrlprobe()' (bsc#1051510).
- pinctrl: imxl: Fix an error handling path in 'imx1pinctrlcore_probe()' (bsc#1051510).
- pinctrl: samsung: Save/restore eintmask over suspend for EINTTYPE GPIOs (bsc#1051510).
- platform/x86: dell-laptop: do not register micmute LED if there is no token (bsc#1111666).
- pnp: Use listforeach_entry() instead of open coding (git fixes).
- power: supply: bq24257charger: Replace depends on REGMAPI2C with select (bsc#1051510).
- power: supply: lp8788: Fix an error handling path in 'lp8788chargerprobe()' (bsc#1051510).
- power: supply: smb347-charger: IRQSTAT_D is volatile (bsc#1051510).
- powerpc/64s: Do not let DT CPU features set FSCR_DSCR (bsc#1065729).
- powerpc/64s: Save FSCR to init_task.thread.fscr after feature init (bsc#1065729).
- powerpc/xive: Clear the page tables for the ESB IO mapping (bsc#1085030).
- raid5: remove gfp flags from scribble_alloc() (bsc#1166985).
- raid5: remove gfp flags from scribble_alloc() (git fixes (block drivers)).
- resolve KABI warning for perf-pt-coresight (git-fixes).
- resolve KABI warning for perf-pt-coresight (git-fixes).
- s390/bpf: Maintain 8-byte stack alignment (bsc#1169194).
- scsi: ibmvscsi: Do not send host info in adapter info MAD after LPM (bsc#1172759 ltc#184814).
- spi: dw: use 'smp_mb()' to avoid sending spi data error (bsc#1051510).
- spi: spi-mem: Fix Dual/Quad modes on Octal-capable devices (bsc#1111666).
- staging: rtl8712: Fix IEEE80211ADDBAPARAMBUFSIZE_MASK (bsc#1051510).
- staging: sm750fb: add missing case while setting FB_VISUAL (bsc#1051510).
- tty: n_gsm: Fix SOF skipping (bsc#1051510).
- tty: ngsm: Fix bogus i++ in gsmdata_kick (bsc#1051510).
- tty: n_gsm: Fix waking up upper tty layer when room available (bsc#1051510).
- usb: dwc2: gadget: move gadget resume after the core is in L0 state (bsc#1051510).
- usb: gadget: lpc32xx_udc: do not dereference ep pointer before null check (bsc#1051510).
- usb: musb: Fix runtime PM imbalance on error (bsc#1051510).
- usb: musb: start session in resume for host port (bsc#1051510).
- virtio-blk: handle blockdeviceoperations callbacks after hot unplug (git fixes (block drivers)).
- w1: omap-hdq: cleanup to add missing newline for some dev_dbg (bsc#1051510).
- watchdog: sp805: fix restart handler (bsc#1111666).
- wil6210: add general initialization/size checks (bsc#1111666).
- wil6210: check rxbuffmgmt before accessing it (bsc#1111666).
- wil6210: ignore HALP ICR if already handled (bsc#1111666).
- work around mvfs bug (bsc#1162063).
- x86/cpu/amd: Make erratum #1054 a legacy erratum (bsc#1114279).
- x86: Fix early boot crash on gcc-10, third try (bsc#1114279).
- xfrm: fix error in comment (git fixes).
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20201699-1/
- https://bugzilla.suse.com/1051510
- https://bugzilla.suse.com/1065729
- https://bugzilla.suse.com/1071995
- https://bugzilla.suse.com/1085030
- https://bugzilla.suse.com/1111666
- https://bugzilla.suse.com/1113956
- https://bugzilla.suse.com/1114279
- https://bugzilla.suse.com/1144333
- https://bugzilla.suse.com/1148868
- https://bugzilla.suse.com/1158983
- https://bugzilla.suse.com/1161016
- https://bugzilla.suse.com/1162063
- https://bugzilla.suse.com/1166985
- https://bugzilla.suse.com/1168081
- https://bugzilla.suse.com/1169194
- https://bugzilla.suse.com/1170592
- https://bugzilla.suse.com/1171904
- https://bugzilla.suse.com/1172458
- https://bugzilla.suse.com/1172472
- https://bugzilla.suse.com/1172537
- https://bugzilla.suse.com/1172538
- https://bugzilla.suse.com/1172759
- https://bugzilla.suse.com/1172775
- https://bugzilla.suse.com/1172781
- https://bugzilla.suse.com/1172782
- https://bugzilla.suse.com/1172783
- https://bugzilla.suse.com/1172884
- https://www.suse.com/security/cve/CVE-2019-20810
- https://www.suse.com/security/cve/CVE-2020-10766
- https://www.suse.com/security/cve/CVE-2020-10767
- https://www.suse.com/security/cve/CVE-2020-10768
- https://www.suse.com/security/cve/CVE-2020-13974
Affected packages
SUSE:Linux Enterprise Server 12 SP5 / kernel-azure
Package
- Name
- kernel-azure
- Purl
- purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure
Package
- Name
- kernel-source-azure
- Purl
- purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure
Package
- Name
- kernel-syms-azure
- Purl
- purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure
Package
- Name
- kernel-azure
- Purl
- purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure
Package
- Name
- kernel-source-azure
- Purl
- purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5