OVAL Reference oval:org.opensuse.security:def:56996

Oval Definition:

oval:org.opensuse.security:def:56996

Revision Date:	2021-05-18	Version:	1
Title:	Security update for the Linux Kernel (Important)
Description:	The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509). - CVE-2021-29650: Fixed an issue inside the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208). - CVE-2020-27673: Fixed an issue in Xen where a guest OS users could have caused a denial of service (host OS hang) via a high rate of events to dom0 (bnc#1177411, bnc#1184583). - CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bnc#1184391). - CVE-2020-25673: Fixed NFC endless loops caused by repeated llcp_sock_connect() (bsc#1178181). - CVE-2020-25672: Fixed NFC memory leak in llcp_sock_connect() (bsc#1178181). - CVE-2020-25671: Fixed NFC refcount leak in llcp_sock_connect() (bsc#1178181). - CVE-2020-25670: Fixed NFC refcount leak in llcp_sock_bind() (bsc#1178181). - CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h where a 'stall on CPU' could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211). - CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bnc#1184211). - CVE-2021-30002: Fixed a memory leak issue when a webcam device exists (bnc#1184120). - CVE-2021-3483: Fixed a use-after-free bug in nosy_ioctl() (bsc#1184393). - CVE-2021-20219: Fixed a denial of service vulnerability in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could have delayed the loop and cause a threat to the system availability (bnc#1184397). - CVE-2021-29265: Fixed an issue in usbip_sockfd_store in drivers/usb/usbip/stub_dev.c that allowed attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status (bnc#1184167). - CVE-2021-29264: Fixed an issue in drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver that allowed attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled (bnc#1184168). - CVE-2021-28972: Fixed an issue in drivers/pci/hotplug/rpadlpar_sysfs.c where the RPA PCI Hotplug driver had a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination (bnc#1184198). - CVE-2021-28660: Fixed rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c that allowed writing beyond the end of the ssid array (bnc#1183593). - CVE-2020-0433: Fixed blk_mq_queue_tag_busy_iter of blk-mq-tag.c, where a possible use after free due to improper locking could have happened. This could have led to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1176720). - CVE-2021-28038: Fixed an issue with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931 (bnc#1183022, bnc#1183069). - CVE-2021-27365: Fixed an issue inside the iSCSI data structures that does not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bnc#1182715). - CVE-2021-27363: Fixed an issue with a kernel pointer leak that could have been used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables (bnc#1182716). - CVE-2021-27364: Fixed an issue in drivers/scsi/scsi_transport_iscsi.c where an unprivileged user can craft Netlink messages (bnc#1182717). - CVE-2020-1749: Fixed a flaw inside of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1165629). The following non-security bugs were fixed: - bluetooth: eliminate the potential race condition when removing the HCI controller (bsc#1184611). - Btrfs: add missing extents release on file extent cluster relocation error (bsc#1159483). - btrfs: change timing for qgroup reserved space for ordered extents to fix reserved space leak (bsc#1172247). - btrfs: Cleanup try_flush_qgroup (bsc#1182047). - btrfs: Do not flush from btrfs_delayed_inode_reserve_metadata (bsc#1182047). - btrfs: drop unused parameter qgroup_reserved (bsc#1182261). - btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1182261). - btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata (bsc#1182261). - btrfs: Free correct amount of space in btrfs_delayed_inode_reserve_metadata (bsc#1182047). - btrfs: inode: move qgroup reserved space release to the callers of insert_reserved_file_extent() (bsc#1172247). - btrfs: inode: refactor the parameters of insert_reserved_file_extent() (bsc#1172247). - btrfs: make btrfs_ordered_extent naming consistent with btrfs_file_extent_item (bsc#1172247). - btrfs: qgroup: allow to unreserve range without releasing other ranges (bsc#1120163). - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - btrfs: qgroup: do not commit transaction when we already hold the handle (bsc#1178634). - btrfs: qgroup: Do not hold qgroup_ioctl_lock in btrfs_qgroup_inherit() (bsc#1165823). - btrfs: qgroup: do not try to wait flushing if we're already holding a transaction (bsc#1179575). - btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247). - btrfs: qgroup: fix data leak caused by race between writeback and truncate (bsc#1172247). - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975). - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974). - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup (bsc#1165823). - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (bsc#1120163). - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (bsc#1120163). - btrfs: remove unused parameter from btrfs_subvolume_release_metadata (bsc#1182261). - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - ext4: check journal inode extents more carefully (bsc#1173485). - ext4: do not allow overlapping system zones (bsc#1173485). - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485). - hv_netvsc: remove ndo_poll_controller (bsc#1185248). - KVM: Add proper lockdep assertion in I/O bus unregister (bsc#1185555). - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1185556). - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1185557). - xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022 XSA-367). - Xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022 XSA-367).
Family:	unix	Class:	patch
Status:		Reference(s):	1006180 1011913 1012382 1012829 1013887 1019151 1020645 1020657 1020905 1021424 1022476 1022743 1022967 1023175 1024405 1027519 1027575 1028173 1028286 1029693 1030472 1030476 1030552 1030850 1031515 1031717 1031784 1033084 1033085 1033087 1033088 1033089 1033090 1033587 1034048 1034075 1034762 1036303 1036632 1037344 1037404 1037994 1038078 1038564 1038583 1038616 1038690 1038792 1039357 1039915 1040307 1040351 1041282 1041283 1041958 1042286 1042314 1042422 1042778 1042892 1043652 1044112 1044636 1044946 1045154 1045563 1045922 1046191 1046682 1046821 1046985 1047027 1047048 1047096 1047118 1047121 1047152 1047277 1047343 1047354 1047487 1047651 1047653 1047670 1048155 1048221 1048299 1048317 1048891 1048893 1048914 1048934 1049226 1049483 1049486 1049580 1049603 1049645 1049882 1050061 1050188 1050751 1051022 1051059 1051239 1051399 1051478 1051479 1051556 1051663 1051790 1052049 1052223 1052533 1052580 1052593 1052709 1052773 1052794 1052888 1053117 1053802 1053915 1053919 1054084 1055013 1055096 1055359 1055493 1055755 1055896 1056261 1056588 1056827 1056982 1057015 1057358 1058038 1058058 1058116 1058410 1058507 1059051 1059465 1059777 1060197 1061017 1061046 1061064 1061067 1061076 1061077 1061080 1061081 1061082 1061084 1061086 1061087 1061172 1061831 1061872 1063667 1063671 1064206 1064388 1064392 1066471 1066472 1088268 1090036 1102682 1103203 1105323 1106390 1107067 1111973 1112723 1112726 1120163 1121826 1123685 1125007 1151178 1152974 1152975 1155179 1155184 1155186 1159483 1160968 1165629 1165823 1172247 1173485 1176720 1177411 1177855 1177856 1178181 1178634 1179575 1182047 1182261 1182715 1182716 1182717 1183022 1183069 1183593 1184120 1184167 1184168 1184194 1184198 1184208 1184211 1184391 1184393 1184397 1184509 1184583 1184611 1185248 1185555 1185556 1185557 964063 971975 974215 981309 986858 CVE-2010-4352 CVE-2012-2944 CVE-2012-3524 CVE-2013-2168 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-7824 CVE-2014-8148 CVE-2015-0245 CVE-2016-10254 CVE-2016-10255 CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-0861 CVE-2017-1000252 CVE-2017-1000366 CVE-2017-1000381 CVE-2017-10810 CVE-2017-11472 CVE-2017-11473 CVE-2017-11499 CVE-2017-12134 CVE-2017-12153 CVE-2017-12154 CVE-2017-13080 CVE-2017-13080 CVE-2017-14051 CVE-2017-14106 CVE-2017-14489 CVE-2017-15588 CVE-2017-15589 CVE-2017-15590 CVE-2017-15591 CVE-2017-15592 CVE-2017-15593 CVE-2017-15594 CVE-2017-15595 CVE-2017-15649 CVE-2017-15649 CVE-2017-2636 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 CVE-2017-5526 CVE-2017-7518 CVE-2017-7533 CVE-2017-7541 CVE-2017-7542 CVE-2017-7607 CVE-2017-7608 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2017-7645 CVE-2017-8831 CVE-2017-8890 CVE-2017-9242 CVE-2017-9798 CVE-2018-1000199 CVE-2018-10902 CVE-2018-16062 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2018-5390 CVE-2019-16239 CVE-2019-6133 CVE-2019-7150 CVE-2019-7665 CVE-2020-0433 CVE-2020-1749 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-27673 CVE-2020-36312 CVE-2020-36322 CVE-2021-20219 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28660 CVE-2021-28950 CVE-2021-28972 CVE-2021-29154 CVE-2021-29264 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 CVE-2021-3483 SUSE-SU-2017:0490-1 SUSE-SU-2017:1614-1 SUSE-SU-2017:2049-1 SUSE-SU-2017:2168-1 SUSE-SU-2017:2542-1 SUSE-SU-2017:2864-1 SUSE-SU-2017:2869-1 SUSE-SU-2017:3157-1 SUSE-SU-2018:1251-1 SUSE-SU-2019:1733-1 SUSE-SU-2019:2035-1 SUSE-SU-2019:2744-1 SUSE-SU-2020:0628-1 SUSE-SU-2021:1623-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND libopus0-1.2.1-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND skopeo-0.1.32-lp151.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-63.0.3368.66-lp151.2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information elfutils-0.158-7.7 is installed OR libasm1-0.158-7.7 is installed OR libdw1-0.158-7.7 is installed OR libdw1-32bit-0.158-7.7 is installed OR libebl1-0.158-7.7 is installed OR libebl1-32bit-0.158-7.7 is installed OR libelf-devel-0.158-7.7 is installed OR libelf1-0.158-7.7 is installed OR libelf1-32bit-0.158-7.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information java-1_7_0-openjdk-1.7.0.131-39 is installed OR java-1_7_0-openjdk-demo-1.7.0.131-39 is installed OR java-1_7_0-openjdk-devel-1.7.0.131-39 is installed OR java-1_7_0-openjdk-headless-1.7.0.131-39 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-6-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information dbus-1-1.8.16-19 is installed OR dbus-1-x11-1.8.16-19 is installed OR libdbus-1-3-1.8.16-19 is installed OR libdbus-1-3-32bit-1.8.16-19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND wpa_supplicant-2.6-15.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ant-1.9.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20200602-13.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND clamav-0.100.3-33.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.144.1 is installed OR kernel-default-base-4.4.180-94.144.1 is installed OR kernel-default-devel-4.4.180-94.144.1 is installed OR kernel-default-kgraft-4.4.180-94.144.1 is installed OR kernel-default-man-4.4.180-94.144.1 is installed OR kernel-devel-4.4.180-94.144.1 is installed OR kernel-macros-4.4.180-94.144.1 is installed OR kernel-source-4.4.180-94.144.1 is installed OR kernel-syms-4.4.180-94.144.1 is installed OR kgraft-patch-4_4_180-94_144-default-1-4.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information bluez-5.13-5.7 is installed OR libbluetooth3-5.13-5.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-32.3 is installed OR avahi-glib2-0.6.32-32.3 is installed OR avahi-lang-0.6.32-32.3 is installed OR avahi-utils-0.6.32-32.3 is installed OR libavahi-client3-0.6.32-32.3 is installed OR libavahi-client3-32bit-0.6.32-32.3 is installed OR libavahi-common3-0.6.32-32.3 is installed OR libavahi-common3-32bit-0.6.32-32.3 is installed OR libavahi-core7-0.6.32-32.3 is installed OR libavahi-glib1-0.6.32-32.3 is installed OR libavahi-glib1-32bit-0.6.32-32.3 is installed OR libdns_sd-0.6.32-32.3 is installed OR libdns_sd-32bit-0.6.32-32.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information nodejs-common-1.0-2 is installed OR nodejs6-6.11.1-11.5 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND ucode-intel-20191112-13.53 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information mariadb-10.2.31-3.25 is installed OR mariadb-galera-10.2.31-3.25 is installed

BACK