SUSE-SU-2020:2580-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20202580-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2580-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:2580-1
Related
Published
2020-09-09T06:34:31Z
Modified
2020-09-09T06:34:31Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bug was fixed:

  • CVE-2020-14386: Fixed a potential local privilege escalation via memory corruption (bsc#1176069).

The following non-security bugs were fixed:

  • bcache: allocate meta data pages as compound pages (bsc#1172873).
  • block: check queue's limits.discardgranularity in _blkdevissuediscard() (bsc#1152148).
  • block: improve discard bio alignment in _blkdevissue_discard() (bsc#1152148).
  • char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667).
  • dax: do not print error message for non-persistent memory block device (bsc#1171073).
  • dax: print error message by prinfo() in _genericfsdaxsupported() (bsc#1171073).
  • device property: Fix the secondary firmware node handling in setprimaryfwnode() (git-fixes).
  • dpaaeth: Fix one possible memleak in dpaaeth_probe (bsc#1175996).
  • drm/amd/powerplay: Fix hardmins not being sent to SMU for RV (git-fixes).
  • drm/msm/a6xx: fix crashdec section name typo (git-fixes).
  • drm/msm/adreno: fix updating ring fence (git-fixes).
  • drm/msm/gpu: make ringbuffer readonly (git-fixes).
  • drm/xen-front: Fix misused ISERROR_NULL checks (bsc#1065600).
  • efi: Add support for EFIRTPROPERTIES table (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: avoid error message when booting under Xen (bsc#1172419).
  • efi/efivars: Expose RT service availability via efivars abstraction (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: libstub/tpm: enable tpm eventlog function for ARM platforms (bsc#1173267).
  • efi: Mark all EFI runtime services as unsupported on non-EFI boot (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: Register EFI rtc platform device only when available (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: Store mask of supported runtime services in struct efi (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: Use EFI ResetSystem only when available (bsc#1174029, bsc#1174110, bsc#1174111).
  • efi: Use more granular check for availability for variable services (bsc#1174029, bsc#1174110, bsc#1174111).
  • ext4: handle read only external journal device (bsc#1176063).
  • felix: Fix initialization of ioremap resources (bsc#1175997).
  • Fix build error when CONFIG_ACPI is not set/enabled: (bsc#1065600).
  • infiniband: hfi1: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111).
  • integrity: Check properly whether EFI GetVariable() is available (bsc#1174029, bsc#1174110, bsc#1174111).
  • kabi: Fix kABI after EFIRTPROPERTIES table backport (bsc#1174029, bsc#1174110, bsc#1174111).
  • kabi/severities: ignore kABI for net/ethernet/mscc/ References: bsc#1176001,bsc#1175999 Exported symbols from drivers/net/ethernet/mscc/ are only used by drivers/net/dsa/ocelot/
  • mei: fix CNL itouch device number to match the spec (bsc#1175952).
  • mei: me: disable mei interface on LBG servers (bsc#1175952).
  • mei: me: disable mei interface on Mehlow server platforms (bsc#1175952).
  • mmc: dt-bindings: Add resets/reset-names for Mediatek MMC bindings (git-fixes).
  • mmc: mediatek: add optional module reset property (git-fixes).
  • mmc: sdhci-acpi: Fix HS400 tuning for AMDI0040 (git-fixes).
  • net: dsa: felix: send VLANs on CPU port as egress-tagged (bsc#1175998).
  • net: dsa: ocelot: the MAC table on Felix is twice as large (bsc#1175999).
  • net: enetc: fix an issue about leak system resources (bsc#1176000).
  • net: mscc: ocelot: fix untagged packet drops when enslaving to vlan aware bridge (bsc#1176001).
  • obsolete_kmp: provide newer version than the obsoleted one (boo#1170232).
  • PCI: Add device even if driver attach failed (git-fixes).
  • PCI: Avoid Pericom USB controller OHCI/EHCI PME# defect (git-fixes).
  • PCI: Mark AMD Navi10 GPU rev 0x00 ATS as broken (git-fixes).
  • PM: sleep: core: Fix the handling of pending runtime resume requests (git-fixes).
  • powerpc/book3s64/radix: Fix boot failure with large amount of guest memory (bsc#1176022 ltc#187208).
  • powerpc/perf: Fix crashes with genericcompatpmu & BHRB (bsc#1156395).
  • regulator: fix memory leak on error path of regulator_register() (git-fixes).
  • Revert 'xen/balloon: Fix crash when ballooning on x86 32 bit PAE' (bsc#1065600).
  • sched: Add a tracepoint to track rq->nr_running (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched: Better document ttwu() (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/cputime: Improve cputime_adjust() (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/debug: Add new tracepoints to track util_est (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/debug: Fix the alignment of the show-state debug output (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/fair: fix NOHZ next idle balance (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/fair: Remove unused 'sd' parameter from scalertcapacity() (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/fair: updatepickidlest() Select group with lowest grouputil when idlecpus are equal (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched: Fix use of count for nr_running tracepoint (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched: nohz: stop passing around unused 'ticks' parameter (bnc#1155798 (CPU scheduler functional and performance backports)).
  • sched/pelt: Remove redundant cap_scale() definition (bnc#1155798 (CPU scheduler functional and performance backports)).
  • scsi: iscsi: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111).
  • scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Add description for lpfcreleaserpi()'s 'ndlpl param (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Add missing miscderegister() for lpfcinit() (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Avoid another null dereference in lpfcsli4hba_unset() (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Correct some pretty obvious misdocumentation (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix no message shown for lpfchdwqueue out of range value (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: NVMe remote port devlosstmo from lldd (bcs#1173060 bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449). Replace patches.suse/lpfc-synchronize-nvme-transport-and-lpfc-driver-devlosstmo.patch with upstream version of the fix.
  • scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Provide description for lpfcmemalloc()'s 'align' param (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666 bsc#1174486 bsc#1175787 bsc#1171000 jsc#SLE-15796 jsc#SLE-15449).
  • sdhci: tegra: Add missing TMCLK for data timeout (git-fixes).
  • sdhci: tegra: Remove SDHCIQUIRKDATATIMEOUTUSES_SDCLK for Tegra186 (git-fixes).
  • sdhci: tegra: Remove SDHCIQUIRKDATATIMEOUTUSES_SDCLK for Tegra210 (git-fixes).
  • Set VIRTIO_CONSOLE=y (bsc#1175667).
  • USB: cdc-acm: rework notification_buffer resizing (git-fixes).
  • USB: gadget: f_tcm: Fix some resource leaks in some error paths (git-fixes).
  • USB: host: ohci-exynos: Fix error handling in exynosohciprobe() (git-fixes).
  • USB: host: xhci: fix ep context print mismatch in debugfs (git-fixes).
  • USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge (git-fixes).
  • USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D (git-fixes).
  • USB: rename USB quirk to USBQUIRKENDPOINT_IGNORE (git-fixes).
  • USB: serial: ftdi_sio: clean up receive processing (git-fixes).
  • USB: serial: ftdi_sio: fix break and sysrq handling (git-fixes).
  • USB: serial: ftdi_sio: make process-packet buffer unsigned (git-fixes).
  • virtiopcimodern: Fix the comment of virtiopcifind_capability() (git-fixes).
  • x86/ima: Use EFI GetVariable only when available (bsc#1174029, bsc#1174110, bsc#1174111).
  • xen/balloon: fix accounting in allocxenballoonedpages error path (bsc#1065600).
  • xen/balloon: make the balloon wait interruptible (bsc#1065600).
  • xen/gntdev: Fix dmabuf import with non-zero sgt offset (bsc#1065600).
  • xhci: Always restore EPSOFTCLEAR_TOGGLE even if ep reset failed (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.18.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.18.1",
            "kernel-azure-devel": "5.3.18-18.18.1",
            "kernel-devel-azure": "5.3.18-18.18.1",
            "kernel-syms-azure": "5.3.18-18.18.1",
            "kernel-source-azure": "5.3.18-18.18.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.18.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.18.1",
            "kernel-azure-devel": "5.3.18-18.18.1",
            "kernel-devel-azure": "5.3.18-18.18.1",
            "kernel-syms-azure": "5.3.18-18.18.1",
            "kernel-source-azure": "5.3.18-18.18.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.18.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.18.1",
            "kernel-azure-devel": "5.3.18-18.18.1",
            "kernel-devel-azure": "5.3.18-18.18.1",
            "kernel-syms-azure": "5.3.18-18.18.1",
            "kernel-source-azure": "5.3.18-18.18.1"
        }
    ]
}