SUSE-SU-2020:3273-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203273-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3273-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3273-1
Related
Published
2020-11-14T07:22:03Z
Modified
2020-11-14T07:22:03Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bug fixes.

The following security bugs were fixed:

  • CVE-2020-25656: Fixed a concurrency use-after-free in vtdokdgkb_ioctl (bnc#1177766).
  • CVE-2020-8694: Restricted energy meter to root access (bsc#1170415).
  • CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721)

The following non-security bugs were fixed:

  • actife: load meta modules before tcfidrcheckalloc() (networking-stable-200924).
  • ath10k: check idx validity in _ath10khttrxringfilln() (git-fixes).
  • ath9k: hifusb: fix race condition between usbgeturb() and usbkillanchoredurbs() (git-fixes).
  • block: Set samepage to false in _biotrymerge_page if ret is false (git-fixes).
  • Bluetooth: btusb: Fix memleak in btusbmtksubmitwmtrecv_urb (git-fixes).
  • Bluetooth: Only mark socket zapped after unlocking (git-fixes).
  • bnxten: Protect bnxtseteee() and bnxtset_pauseparam() with mutex (git-fixes).
  • bonding: show saner speed for broadcast mode (networking-stable-200824).
  • brcm80211: fix possible memleak in brcmfprotomsgbuf_attach (git-fixes).
  • brcmsmac: fix memory leak in wlcphyattach_lcnphy (git-fixes).
  • btrfs: allocate scrub workqueues outside of locks (bsc#1178183).
  • btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
  • btrfs: drop path before adding new uuid tree entry (bsc#1178176).
  • btrfs: fix filesystem corruption after a device replace (bsc#1178395).
  • btrfs: fix NULL pointer dereference after failure to create snapshot (bsc#1178190).
  • btrfs: fix overflow when copying corrupt csums for a message (bsc#1178191).
  • btrfs: fix space cache memory leak after transaction abort (bsc#1178173).
  • btrfs: move btrfsrmdevreplacefree_srcdev outside of all locks (bsc#1178395).
  • btrfs: move btrfsscratchsuperblocks into btrfsdevreplace_finishing (bsc#1178395).
  • btrfs: set the correct lockdep class for new nodes (bsc#1178184).
  • btrfs: set the lockdep class for log tree extent buffers (bsc#1178186).
  • can: flexcan: flexcanchipstop(): add error handling and propagate error value (git-fixes).
  • ceph: promote to unsigned long long before shifting (bsc#1178175).
  • crypto: ccp - fix error handling (git-fixes).
  • cxgb4: fix memory leak during module unload (networking-stable-200924).
  • cxgb4: Fix offset when clearing filter byte counters (networking-stable-200924).
  • Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes
  • Disable module compression on SLE15 SP2 (bsc#1178307)
  • dmaengine: dw: Activate FIFO-mode for memory peripherals only (git-fixes).
  • eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
  • futex: Adjust absolute futex timeouts with per time namespace offset (bsc#1164648).
  • futex: Consistently use fshared as boolean (bsc#1149032).
  • futex: Fix incorrect shouldfailfutex() handling (bsc#1149032).
  • futex: Remove putfutexkey() (bsc#1149032).
  • futex: Remove unused or redundant includes (bsc#1149032).
  • gre6: Fix reception with IP6TNLFRCVDSCPCOPY (networking-stable-2008_24).
  • gtp: add GTPALINK info to msg sent to userspace (networking-stable-2009_11).
  • HID: ite: Add USB id match for Acer One S1003 keyboard dock (git-fixes).
  • ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
  • ibmvnic: fix ibmvnicsetmac (bsc#1066382 ltc#160943 git-fixes).
  • icmp: randomize the global rate limiter (git-fixes).
  • ip: fix tos reflection in ack and reset packets (networking-stable-200924).
  • ipv4: Initialize flowi4multipathhash in data path (networking-stable-200924).
  • ipv4: Restore flowi4oif update before call to xfrmlookup_route (git-fixes).
  • ipv4: Update exception handling for multipath routes via same device (networking-stable-200924).
  • ipv6: avoid lockdep issue in fib6del() (networking-stable-2009_24).
  • ipv6: Fix sysctl max for fibmultipathhashpolicy (networking-stable-2009_11).
  • ipvlan: fix device features (networking-stable-200824).
  • kallsyms: Refactor kallsymsshowvalue() to take cred (git-fixes).
  • kbuild: enforce -Werror=return-type (bsc#1177281).
  • KVM: x86/mmu: Commit zap of remaining invalid pages when recovering lpages (git-fixes).
  • libceph: clear con->outmsg on Policy::statefulserver faults (bsc#1178177).
  • mac80211: handle lack of sband->bitrates in rates (git-fixes).
  • mailbox: avoid timer start from callback (git-fixes).
  • media: ati_remote: sanity check for both endpoints (git-fixes).
  • media: bdisp: Fix runtime PM imbalance on error (git-fixes).
  • media: exynos4-is: Fix a reference count leak (git-fixes).
  • media: exynos4-is: Fix a reference count leak due to pmruntimeget_sync (git-fixes).
  • media: exynos4-is: Fix several reference count leaks due to pmruntimeget_sync (git-fixes).
  • media: firewire: fix memory leak (git-fixes).
  • media: i2c: ov5640: Enable data pins on poweron for DVP mode (git-fixes).
  • media: i2c: ov5640: Remain in power down for DVP mode unless streaming (git-fixes).
  • media: i2c: ov5640: Separate out mipi configuration from s_power (git-fixes).
  • media: media/pci: prevent memory leak in bttv_probe (git-fixes).
  • media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).
  • media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
  • media: rcardrif: Allocate v4l2async_subdev dynamically (git-fixes).
  • media: rcar_drif: Fix fwnode reference leak when parsing DT (git-fixes).
  • media: saa7134: avoid a shift overflow (git-fixes).
  • media: st-delta: Fix reference count leak in deltarunwork (git-fixes).
  • media: sti: Fix reference count leaks (git-fixes).
  • media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
  • media: venus: core: Fix runtime PM imbalance in venus_probe (git-fixes).
  • media: vsp1: Fix runtime PM imbalance on error (git-fixes).
  • mic: vop: copy data to kernel space then write to io memory (git-fixes).
  • misc: rtsx: Fix memory leak in rtsxpciprobe (git-fixes).
  • misc: vop: add roundup(x,4) for vringsize to avoid kernel panic (git-fixes).
  • mm: fix a race during THP splitting (bsc#1178255).
  • mm: madvise: fix vma user-after-free (git-fixes).
  • mmc: sdio: Check for CISTPLVERS1 buffer size (git-fixes).
  • module: Correctly truncate sysfs sections output (git-fixes).
  • module: Do not expose section addresses to non-CAP_SYSLOG (git-fixes).
  • module: Refactor section attr into bin attribute (git-fixes).
  • module: statically initialize init section freeing data (git-fixes).
  • mwifiex: do not call deltimersync() on uninitialized timer (git-fixes).
  • net/core: check length before updating Ethertype in skbmpls{push,pop} (git-fixes).
  • net/mlx5: Fix FTE cleanup (networking-stable-200924).
  • net/mlx5e: Enable adding peer miss rules only if merged eswitch is supported (networking-stable-200924).
  • net/mlx5e: TLS, Do not expose FPGA TLS counter if not supported (networking-stable-200924).
  • net/sched: actct: Fix skb double-free in tcfcthandlefragments() error flow (networking-stable-200824).
  • net/smc: Prevent kernel-infoleak in _smcdiagdump() (networking-stable-2008_24).
  • net: bridge: brvlangetpvidrcu() should dereference the VLAN group under RCU (networking-stable-200924).
  • net: DCB: Validate DCBATTRDCBBUFFER argument (networking-stable-2009_24).
  • net: disable netpoll on fresh napis (networking-stable-200911).
  • net: dsa: b53: check for timeout (networking-stable-200824).
  • net: dsa: rtl8366: Properly clear member config (networking-stable-200924).
  • net: fec: correct the error path for regulator disable in probe (networking-stable-200824).
  • net: Fix bridge enslavement failure (networking-stable-200924).
  • net: Fix potential wrong skb->protocol in skbvlanuntag() (networking-stable-200824).
  • net: hns: Fix memleak in hnsnicdevprobe (networking-stable-2009_11).
  • net: ipv6: fix kconfig dependency warning for IPV6SEG6HMAC (networking-stable-200924).
  • net: lantiq: Disable IRQs only if NAPI gets scheduled (networking-stable-200924).
  • net: lantiq: Use napicompletedone() (networking-stable-200924).
  • net: lantiq: use netiftxnapiadd() for TX NAPI (networking-stable-2009_24).
  • net: lantiq: Wake TX queue again (networking-stable-200924).
  • net: phy: Avoid NPD upon phydetach() when driver is unbound (networking-stable-2009_24).
  • net: phy: Do not warn in phystop() on PHYDOWN (networking-stable-200924).
  • net: qrtr: fix usage of idr in port assignment to socket (networking-stable-200824).
  • net: sctp: Fix IPv6 ancestorsize calc in sctpcopydescendant (networking-stable-2009_24).
  • net: sctp: Fix negotiation of the number of data streams (networking-stable-200824).
  • net: systemport: Fix memleak in bcmsysportprobe (networking-stable-200911).
  • net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-200911).
  • net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
  • net: usb: rtl8150: set random MAC address when setethernetaddr() fails (git-fixes).
  • netlabel: fix problems with mapping removal (networking-stable-200911).
  • nfp: use correct define to return NONE fec (networking-stable-200924).
  • PM: hibernate: remove the bogus call to getgendisk() in softwareresume() (git-fixes).
  • r8169: fix issue with forced threading in combination with shared interrupts (git-fixes).
  • rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886) The in-tree KMP that is built with SLE kernels have a different scriptlet that is embedded in kernel-binary.spec.in rather than *.sh files.
  • rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
  • rtl8xxxu: prevent potential memory leak (git-fixes).
  • rtw88: increse the size of rx buffer size (git-fixes).
  • s390/cio: add condresched() in the slowevalknownfn() loop (bsc#1177799 LTC#188733).
  • s390/dasd: Fix zero write for FBA devices (bsc#1177801 LTC#188735).
  • scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).
  • sctp: not disable bh in the whole sctpgetportlocal() (networking-stable-2009_11).
  • selftests/timers: Turn off timeout setting (git-fixes).
  • spi: spi-s3c64xx: Check return values (git-fixes).
  • spi: spi-s3c64xx: swap s3c64xxspisetcs() and s3c64xxenable_datapath() (git-fixes).
  • taprio: Fix allowing too small intervals (networking-stable-200924).
  • time: Prevent undefined behaviour in timespec64tons() (bsc#1164648).
  • tipc: fix memory leak caused by tipcbufappend() (git-fixes).
  • tipc: Fix memory leak in tipcgroupcreatemember() (networking-stable-2009_24).
  • tipc: fix shutdown() of connection oriented socket (networking-stable-200924).
  • tipc: fix shutdown() of connectionless socket (networking-stable-200911).
  • tipc: fix the skbunshare() in tipcbuf_append() (git-fixes).
  • tipc: fix uninit skb->data in tipcnlcompatdumpit() (networking-stable-2008_24).
  • tipc: use skbunshare() instead in tipcbufappend() (networking-stable-2009_24).
  • tty: ipwireless: fix error handling (git-fixes).
  • tty: serial: fsllpuart: fix lpuart32pollgetchar (git-fixes).
  • usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
  • usb: cdc-acm: handle broken union descriptors (git-fixes).
  • usb: cdc-wdm: Make wdmflush() interruptible and add wdmfsync() (git-fixes).
  • usb: core: Solve race condition in anchor cleanup functions (git-fixes).
  • usb: dwc3: simple: add support for Hikey 970 (git-fixes).
  • usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).
  • usb: gadget: function: printer: fix use-after-free in _lockacquire (git-fixes).
  • usb: ohci: Default to per-port over-current protection (git-fixes).
  • x86/alternative: Do not call text_poke() in lazy TLB mode (bsc#1175749).
  • xen/gntdev.c: Mark pages as dirty (bsc#1065600).
  • xfs: fix high key handling in the rt allocator's query_range function (git-fixes).
  • xfs: fix xfsbmapvalidateextentraw when checking attr fork of rt files (git-fixes).
  • xfs: limit entries returned when counting fsmap records (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.37.1",
            "kernel-devel": "5.3.18-24.37.1",
            "kernel-default-base": "5.3.18-24.37.1.9.13.1",
            "kernel-preempt": "5.3.18-24.37.1",
            "kernel-default-devel": "5.3.18-24.37.1",
            "kernel-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-default-base

Package

Name
kernel-default-base
Purl
purl:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1.9.13.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.37.1",
            "kernel-devel": "5.3.18-24.37.1",
            "kernel-default-base": "5.3.18-24.37.1.9.13.1",
            "kernel-preempt": "5.3.18-24.37.1",
            "kernel-default-devel": "5.3.18-24.37.1",
            "kernel-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-preempt

Package

Name
kernel-preempt
Purl
purl:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.37.1",
            "kernel-devel": "5.3.18-24.37.1",
            "kernel-default-base": "5.3.18-24.37.1.9.13.1",
            "kernel-preempt": "5.3.18-24.37.1",
            "kernel-default-devel": "5.3.18-24.37.1",
            "kernel-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.37.1",
            "kernel-devel": "5.3.18-24.37.1",
            "kernel-default-base": "5.3.18-24.37.1.9.13.1",
            "kernel-preempt": "5.3.18-24.37.1",
            "kernel-default-devel": "5.3.18-24.37.1",
            "kernel-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-docs

Package

Name
kernel-docs
Purl
purl:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.37.1",
            "kernel-syms": "5.3.18-24.37.1",
            "kernel-preempt-devel": "5.3.18-24.37.1",
            "kernel-source": "5.3.18-24.37.1",
            "kernel-obs-build": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
purl:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.37.1",
            "kernel-syms": "5.3.18-24.37.1",
            "kernel-preempt-devel": "5.3.18-24.37.1",
            "kernel-source": "5.3.18-24.37.1",
            "kernel-obs-build": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-preempt

Package

Name
kernel-preempt
Purl
purl:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.37.1",
            "kernel-syms": "5.3.18-24.37.1",
            "kernel-preempt-devel": "5.3.18-24.37.1",
            "kernel-source": "5.3.18-24.37.1",
            "kernel-obs-build": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.37.1",
            "kernel-syms": "5.3.18-24.37.1",
            "kernel-preempt-devel": "5.3.18-24.37.1",
            "kernel-source": "5.3.18-24.37.1",
            "kernel-obs-build": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.37.1",
            "kernel-syms": "5.3.18-24.37.1",
            "kernel-preempt-devel": "5.3.18-24.37.1",
            "kernel-source": "5.3.18-24.37.1",
            "kernel-obs-build": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Legacy 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "5.3.18-24.37.1",
            "kernel-default-livepatch-devel": "5.3.18-24.37.1",
            "kernel-livepatch-5_3_18-24_37-default": "1-5.3.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP2 / kernel-livepatch-SLE15-SP2_Update_7

Package

Name
kernel-livepatch-SLE15-SP2_Update_7
Purl
purl:rpm/suse/kernel-livepatch-SLE15-SP2_Update_7&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-5.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "5.3.18-24.37.1",
            "kernel-default-livepatch-devel": "5.3.18-24.37.1",
            "kernel-livepatch-5_3_18-24_37-default": "1-5.3.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "5.3.18-24.37.1",
            "gfs2-kmp-default": "5.3.18-24.37.1",
            "ocfs2-kmp-default": "5.3.18-24.37.1",
            "cluster-md-kmp-default": "5.3.18-24.37.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.37.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "5.3.18-24.37.1"
        }
    ]
}