Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2021.1376
Security update for the Linux Kernel
22 April 2021
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: linux kernel
Publisher: SUSE
Operating System: SUSE
Impact/Access: Execute Arbitrary Code/Commands -- Existing Account
Denial of Service -- Existing Account
Access Confidential Data -- Existing Account
Reduced Security -- Existing Account
Resolution: Patch/Upgrade
CVE Names: CVE-2021-30002 CVE-2021-29154 CVE-2021-28950
CVE-2021-3483 CVE-2020-36312 CVE-2020-36311
CVE-2020-36310 CVE-2020-25673 CVE-2020-25672
CVE-2020-25671 CVE-2020-25670
Reference: ESB-2021.1331
ESB-2021.1307
ESB-2021.1299
Original Bulletin:
https://www.suse.com/support/update/announcement/2021/suse-su-20211301-1
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2021:1301-1
Rating: important
References: #1047233 #1065729 #1113295 #1152489 #1154353 #1155518
#1156395 #1178181 #1181507 #1183405 #1184074 #1184120
#1184194 #1184211 #1184388 #1184391 #1184393 #1184509
#1184511 #1184512 #1184514 #1184583 #1184647
Cross-References: CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673
CVE-2020-36310 CVE-2020-36311 CVE-2020-36312 CVE-2021-28950
CVE-2021-29154 CVE-2021-30002 CVE-2021-3483
Affected Products:
SUSE Linux Enterprise Module for Public Cloud 15-SP2
______________________________________________________________________________
An update that solves 11 vulnerabilities and has 12 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
o CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
multiple bugs in NFC subsytem (bsc#1178181).
o CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
destruction of a large SEV VM (bsc#1184511).
o CVE-2021-29154: Fixed incorrect computation of branch displacements,
allowing arbitrary code execution (bsc#1184391).
o CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy
(bsc#1184120).
o CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
o CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#
1184512).
o CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).
o CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop
continually was finding the same bad inode (bsc#1184194).
The following non-security bugs were fixed:
o ALSA: aloop: Fix initialization of controls (git-fixes).
o ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
o appletalk: Fix skb allocation size in loopback case (git-fixes).
o ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
o ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
o ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer
DAI descriptions (git-fixes).
o ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes).
o ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
o ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
o ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
(git-fixes).
o ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
(git-fixes).
o atl1c: fix error return code in atl1c_probe() (git-fixes).
o atl1e: fix error return code in atl1e_probe() (git-fixes).
o batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
(git-fixes).
o bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
o brcmfmac: clear EAP/association status bits on linkdown events (git-fixes).
o bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes).
o cifs: change noisy error message to FYI (bsc#1181507).
o cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
o cifs: do not send close in compound create+close requests (bsc#1181507).
o cifs: New optype for session operations (bsc#1181507).
o cifs: print MIDs in decimal notation (bsc#1181507).
o cifs: return proper error code in statfs(2) (bsc#1181507).
o cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
o clk: fix invalid usage of list cursor in register (git-fixes).
o clk: fix invalid usage of list cursor in unregister (git-fixes).
o clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
o drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes).
o drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
o drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
(git-fixes).
o drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
o drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs
(git-fixes).
o drm/msm: Ratelimit invalid-fence message (git-fixes).
o drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
o enetc: Fix reporting of h/w packet counters (git-fixes).
o fuse: fix bad inode (bsc#1184211).
o fuse: fix live lock in fuse_iget() (bsc#1184211).
o i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
o i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
o ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
o kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
o libbpf: Fix INSTALL flag order (bsc#1155518).
o locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes).
o mac80211: choose first enabled channel for monitor (git-fixes).
o mac80211: fix TXQ AC confusion (git-fixes).
o mISDN: fix crash in fritzpci (git-fixes).
o net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
o net: b44: fix error return code in b44_init_one() (git-fixes).
o net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes).
o net: hns3: Remove the left over redundant check & assignment (bsc#1154353).
o net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
o net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
o net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
o net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
o net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup
(git-fixes).
o net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
o net: wan/lmc: unregister device when no matching device is found
(git-fixes).
o platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
(git-fixes).
o platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
(git-fixes).
o PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
o post.sh: Return an error when module update fails (bsc#1047233 bsc#
1184388).
o powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#
1065729).
o powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
o powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
o powerpc/sstep: Check instruction validity against ISA version before
emulation (bsc#1156395).
o powerpc/sstep: Fix darn emulation (bsc#1156395).
o powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
o powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
o qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
o RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
o rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#
1184514)
o scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231).
o smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).
o smb3: fix crediting for compounding when only one request in flight (bsc#
1181507).
o soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
o thermal/core: Add NULL pointer check before using cooling device stats
(git-fixes).
o USB: cdc-acm: downgrade message to debug (git-fixes).
o USB: cdc-acm: untangle a circular dependency between callback and softint
(git-fixes).
o USBip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (git-fixes).
o USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
(git-fixes).
o x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#
1152489).
o x86/ioapic: Ignore IRQ2 again (bsc#1152489).
o x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc
() (bsc#1152489).
o xen/events: fix setting irq affinity (bsc#1184583).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2021-1301=1
Package List:
o SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):
kernel-devel-azure-5.3.18-18.44.1
kernel-source-azure-5.3.18-18.44.1
o SUSE Linux Enterprise Module for Public Cloud 15-SP2 (x86_64):
kernel-azure-5.3.18-18.44.1
kernel-azure-debuginfo-5.3.18-18.44.1
kernel-azure-debugsource-5.3.18-18.44.1
kernel-azure-devel-5.3.18-18.44.1
kernel-azure-devel-debuginfo-5.3.18-18.44.1
kernel-syms-azure-5.3.18-18.44.1
References:
o https://www.suse.com/security/cve/CVE-2020-25670.html
o https://www.suse.com/security/cve/CVE-2020-25671.html
o https://www.suse.com/security/cve/CVE-2020-25672.html
o https://www.suse.com/security/cve/CVE-2020-25673.html
o https://www.suse.com/security/cve/CVE-2020-36310.html
o https://www.suse.com/security/cve/CVE-2020-36311.html
o https://www.suse.com/security/cve/CVE-2020-36312.html
o https://www.suse.com/security/cve/CVE-2021-28950.html
o https://www.suse.com/security/cve/CVE-2021-29154.html
o https://www.suse.com/security/cve/CVE-2021-30002.html
o https://www.suse.com/security/cve/CVE-2021-3483.html
o https://bugzilla.suse.com/1047233
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1113295
o https://bugzilla.suse.com/1152489
o https://bugzilla.suse.com/1154353
o https://bugzilla.suse.com/1155518
o https://bugzilla.suse.com/1156395
o https://bugzilla.suse.com/1178181
o https://bugzilla.suse.com/1181507
o https://bugzilla.suse.com/1183405
o https://bugzilla.suse.com/1184074
o https://bugzilla.suse.com/1184120
o https://bugzilla.suse.com/1184194
o https://bugzilla.suse.com/1184211
o https://bugzilla.suse.com/1184388
o https://bugzilla.suse.com/1184391
o https://bugzilla.suse.com/1184393
o https://bugzilla.suse.com/1184509
o https://bugzilla.suse.com/1184511
o https://bugzilla.suse.com/1184512
o https://bugzilla.suse.com/1184514
o https://bugzilla.suse.com/1184583
o https://bugzilla.suse.com/1184647
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYID74+NLKJtyKPYoAQhiGw//R7cDt2NRBf61P/A4n+SHl3hxG+QWEK7K
LA2HnlnuMQzZGkhUwrumKqTY0UC99q0bWCSXI238tgj3KykIA5FbgLUxIOzWrfbS
LSmGulDBAFMLSkwg+hQBU4AO539+Eglon8d6MkGmc0J7YPfseeXhxn4bihkUaUG8
8alNlnQX5sht6NEVk6+EreyFdvh2nsslmpYjiS+kh44xwiNIRxKY7UbT1914QpVV
CV+WHRMD90NJru8wBLBB+y0363l5e6SsgtbUjqs19qMRv6bR8E58YCV/MzkrjH69
UzZSiusI3dEVnenK/DqZKEqogZXQzyIv8xoN3vdmyTzqEDTBUVs8au1huXxrZxZ1
ZoqXRqmmsmbnSqDKn4T/Lk+3JZVe26M5RaicVUo41hz31B23pUjiruz0fPeEpCIe
n92t/gL4oitE1nTZoEtYgUKC8yyKX1Chagjm8cda48rNADXR0l0127cOtCTRTD7T
8JOmCoapt+8xSD2h+RaYLs5BTEIEoM/E6WQsTuHAr7hO10de9fYjGqmKfcvDF5cM
0lOvYOz3gO+XFx8lyHlqNuRu4aK9q5PSRkiRjvalqlIXZarSUDYduRFuiBkhYmVj
uf9NyEbz0EogB6gWHVYp8XQqMqtafCACLUNC/EalaQyI1kAM0e5hEjVJhqVQ2HPP
qqQnxhrCcLs=
=KGvQ
-----END PGP SIGNATURE-----