Security update for the Linux Kernel (Important) (in QA)
Description:
The SUSE Linux Enterprise 12 SP3 Teradata kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-25020: Fixed an issue in the BPF subsystem in the Linux kernel mishandled situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. (bsc#1193575) - CVE-2019-0136: Fixed an insufficient access control which allow an unauthenticated user to execute a denial of service. (bsc#1193157) - CVE-2020-35519: Fixed an out-of-bounds memory access was found in x25_bind (bsc#1183696). - CVE-2021-0935: Fixed out of bounds write due to a use after free which could lead to local escalation of privilege with System execution privileges needed in ip6_xmit. (bsc#1192032) - CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in hugetlbfs. (bsc#1192946) - CVE-2021-4083: Fixed race condition in Unix domain socket garbage collection that could lead to read memory after free. (bsc#1193727) - CVE-2021-4149: Fixed improper lock operation in btrfs that allowed users to crash the kernel or deadlock the system. (bsc#1194001) - CVE-2021-4155: Fixed a data leak flaw that allows a local attacker to leak data on the XFS filesystem. (bsc#1194272) - CVE-2021-4197: Fixed an issue in cgroups may allow local privilege escalation. (bsc#1194302) - CVE-2021-4202: Fixed race condition in nci_request() that could cause use-after-free. (bsc#1194529) - CVE-2021-20322: Fixed a bug that provides to an attacker the ability to quickly scan open UDP ports. (bsc#1191790) - CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening blkfront against event channel storms. (bsc#1193440) - CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440) - CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440 - CVE-2021-28715: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by do not queueing unlimited number of packages. (bsc#1193442) - CVE-2021-31916: Fixed a bound check failure that could allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash, a leak of internal kernel information, or a privilege escalation problem. (bnc#1192781) - CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bsc#1192877) - CVE-2021-34981: Fixed an issue that allows an attacker with a local account to escalate privileges when CAPI (ISDN) hardware connection fails. (bsc#1191961) - CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bsc#1192847) - CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses. (bsc#1194094) - CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c. (bsc#1194087)
The following non-security bugs were fixed:
- bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22918) - bpf: Disallow unprivileged bpf by default (jsc#SLE-22918). - cgroupns: Close race between cgroup_post_fork and copy_cgroup_ns (bsc#1180679). - config: disable unprivileged BPF by default (jsc#SLE-22918) - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - net/x25: fix a race in x25_bind() (networking-stable-19_03_15). - nvme: Do not allow to reset a reconnecting controller (bsc#1133874). - nvme: validate controller state before rescheduling keep alive (bsc#1103257). - ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960). - scsi: virtio_scsi: let host do exception handling (bsc#1141181 bsc#1183996). - tty: hvc: replace BUG_ON() with negative return value (git-fixes). - xen/blkfront: do not take local copy of a request from the ring page (git-fixes). - xen/blkfront: do not trust the backend response data blindly (git-fixes). - xen/blkfront: read response from backend only once (git-fixes). - xen/netfront: disentangle tx_skb_freelist (git-fixes). - xen/netfront: do not assume sk_buff_head list is empty in error handling (git-fixes). - xen/netfront: do not bug in case of too many frags (bnc#1012382). - xen/netfront: do not cache skb_shinfo() (bnc#1012382). - xen/netfront: do not read data from request on the ring page (git-fixes). - xen/netfront: do not trust the backend response data blindly (git-fixes). - xen/netfront: do not use ~0U as error return value for xennet_fill_frags() (git-fixes). - xen/netfront: read response from backend only once (git-fixes). - xen: sync include/xen/interface/io/ring.h with Xen's newest version (git-fixes).
This patch is currently in QA and not yet available for download.
openSUSE Leap 15.0 openSUSE Leap 42.3 SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11 SP4-LTSS SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 SUSE Linux Enterprise Workstation Extension 15 SUSE OpenStack Cloud 5 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud Crowbar 8