Oval Definition:	oval:org.opensuse.security:def:57443
Revision Date: 2021-05-18 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-36312: Fixed an issue in virt/kvm/kvm_main.c that had a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure (bnc#1184509). - CVE-2021-29650: Fixed an issue inside the netfilter subsystem that allowed attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value (bnc#1184208). - CVE-2020-27673: Fixed an issue in Xen where a guest OS users could have caused a denial of service (host OS hang) via a high rate of events to dom0 (bnc#1177411, bnc#1184583). - CVE-2021-29154: Fixed BPF JIT compilers that allowed to execute arbitrary code within the kernel context (bnc#1184391). - CVE-2020-25673: Fixed NFC endless loops caused by repeated llcp_sock_connect() (bsc#1178181). - CVE-2020-25672: Fixed NFC memory leak in llcp_sock_connect() (bsc#1178181). - CVE-2020-25671: Fixed NFC refcount leak in llcp_sock_connect() (bsc#1178181). - CVE-2020-25670: Fixed NFC refcount leak in llcp_sock_bind() (bsc#1178181). - CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h where a 'stall on CPU' could have occured because a retry loop continually finds the same bad inode (bnc#1184194, bnc#1184211). - CVE-2020-36322: Fixed an issue inside the FUSE filesystem implementation where fuse_do_getattr() calls make_bad_inode() in inappropriate situations, could have caused a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950 (bnc#1184211). - CVE-2021-30002: Fixed a memory leak issue when a webcam device exists (bnc#1184120). - CVE-2021-3483: Fixed a use-after-free bug in nosy_ioctl() (bsc#1184393). - CVE-2021-20219: Fixed a denial of service vulnerability in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could have delayed the loop and cause a threat to the system availability (bnc#1184397). - CVE-2021-29265: Fixed an issue in usbip_sockfd_store in drivers/usb/usbip/stub_dev.c that allowed attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status (bnc#1184167). - CVE-2021-29264: Fixed an issue in drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver that allowed attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled (bnc#1184168). - CVE-2021-28972: Fixed an issue in drivers/pci/hotplug/rpadlpar_sysfs.c where the RPA PCI Hotplug driver had a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination (bnc#1184198). - CVE-2021-28660: Fixed rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c that allowed writing beyond the end of the ssid array (bnc#1183593). - CVE-2020-0433: Fixed blk_mq_queue_tag_busy_iter of blk-mq-tag.c, where a possible use after free due to improper locking could have happened. This could have led to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation (bnc#1176720). - CVE-2021-28038: Fixed an issue with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931 (bnc#1183022, bnc#1183069). - CVE-2021-27365: Fixed an issue inside the iSCSI data structures that does not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (bnc#1182715). - CVE-2021-27363: Fixed an issue with a kernel pointer leak that could have been used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables (bnc#1182716). - CVE-2021-27364: Fixed an issue in drivers/scsi/scsi_transport_iscsi.c where an unprivileged user can craft Netlink messages (bnc#1182717). - CVE-2020-1749: Fixed a flaw inside of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality (bnc#1165629). The following non-security bugs were fixed: - bluetooth: eliminate the potential race condition when removing the HCI controller (bsc#1184611). - Btrfs: add missing extents release on file extent cluster relocation error (bsc#1159483). - btrfs: change timing for qgroup reserved space for ordered extents to fix reserved space leak (bsc#1172247). - btrfs: Cleanup try_flush_qgroup (bsc#1182047). - btrfs: Do not flush from btrfs_delayed_inode_reserve_metadata (bsc#1182047). - btrfs: drop unused parameter qgroup_reserved (bsc#1182261). - btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1182261). - btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata (bsc#1182261). - btrfs: Free correct amount of space in btrfs_delayed_inode_reserve_metadata (bsc#1182047). - btrfs: inode: move qgroup reserved space release to the callers of insert_reserved_file_extent() (bsc#1172247). - btrfs: inode: refactor the parameters of insert_reserved_file_extent() (bsc#1172247). - btrfs: make btrfs_ordered_extent naming consistent with btrfs_file_extent_item (bsc#1172247). - btrfs: qgroup: allow to unreserve range without releasing other ranges (bsc#1120163). - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - btrfs: qgroup: do not commit transaction when we already hold the handle (bsc#1178634). - btrfs: qgroup: Do not hold qgroup_ioctl_lock in btrfs_qgroup_inherit() (bsc#1165823). - btrfs: qgroup: do not try to wait flushing if we're already holding a transaction (bsc#1179575). - btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247). - btrfs: qgroup: fix data leak caused by race between writeback and truncate (bsc#1172247). - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975). - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974). - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup (bsc#1165823). - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (bsc#1120163). - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (bsc#1120163). - btrfs: remove unused parameter from btrfs_subvolume_release_metadata (bsc#1182261). - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - ext4: check journal inode extents more carefully (bsc#1173485). - ext4: do not allow overlapping system zones (bsc#1173485). - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485). - hv_netvsc: remove ndo_poll_controller (bsc#1185248). - KVM: Add proper lockdep assertion in I/O bus unregister (bsc#1185555). - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1185556). - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1185557). - xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022 XSA-367). - Xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022 XSA-367). Family: unix Class: patch Status: Reference(s): 1010201 1012382 1012829 1017461 1020645 1021424 1022595 1022600 1022914 1024412 1025461 1027301 1028971 1030061 1031717 1034048 1037890 1046107 1049692 1050060 1050231 1050459 1053919 1054285 1055567 1056003 1056365 1056427 1056979 1057199 1058135 1059863 1060333 1060682 1060985 1061451 1061756 1062520 1062941 1062962 1063026 1063460 1063475 1063501 1063509 1063516 1063520 1063695 1064206 1064701 1064926 1065180 1065600 1065639 1065692 1065717 1065866 1066045 1066192 1066213 1066223 1066285 1066382 1066470 1066471 1066472 1066573 1066606 1066629 1067105 1067132 1067494 1067888 1068671 1068978 1068980 1068982 1069270 1069793 1069942 1069996 1070006 1070145 1070535 1070767 1070771 1070805 1070825 1070964 1071231 1071693 1071694 1071695 1071833 1088268 1090036 1106119 1119687 1119947 1120163 1124991 1131060 1131576 1132256 1138872 1152974 1152975 1155179 1155184 1155186 1159483 1165629 1165823 1172247 1173274 1173485 1176720 1177411 1177855 1177856 1178181 1178634 1179575 1182047 1182261 1182715 1182716 1182717 1183022 1183069 1183593 1184120 1184167 1184168 1184194 1184198 1184208 1184211 1184391 1184393 1184397 1184509 1184583 1184611 1185248 1185555 1185556 1185557 801663 808085 808269 817210 820917 820919 820920 823011 823608 947494 960674 963575 964944 966170 966172 966186 966191 966316 966318 966891 969474 969475 969476 969477 971975 974590 979928 982331 987176 988361 989261 990531 994399 996376 CVE-2011-0460 CVE-2012-2737 CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 CVE-2015-4000 CVE-2015-8710 CVE-2016-5011 CVE-2017-0861 CVE-2017-1000410 CVE-2017-11600 CVE-2017-12193 CVE-2017-13720 CVE-2017-13722 CVE-2017-15115 CVE-2017-15265 CVE-2017-16528 CVE-2017-16536 CVE-2017-16537 CVE-2017-16645 CVE-2017-16646 CVE-2017-16994 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-7482 CVE-2017-8824 CVE-2018-1000199 CVE-2018-16884 CVE-2018-20346 CVE-2018-20506 CVE-2019-11070 CVE-2019-11708 CVE-2019-3880 CVE-2019-6201 CVE-2019-6251 CVE-2019-6975 CVE-2019-7285 CVE-2019-7292 CVE-2019-8503 CVE-2019-8506 CVE-2019-8515 CVE-2019-8524 CVE-2019-8535 CVE-2019-8536 CVE-2019-8544 CVE-2019-8551 CVE-2019-8558 CVE-2019-8559 CVE-2019-8563 CVE-2020-0433 CVE-2020-14422 CVE-2020-1749 CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-27673 CVE-2020-36312 CVE-2020-36322 CVE-2021-20219 CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 CVE-2021-28038 CVE-2021-28660 CVE-2021-28950 CVE-2021-28972 CVE-2021-29154 CVE-2021-29264 CVE-2021-29265 CVE-2021-29650 CVE-2021-30002 CVE-2021-3483 SUSE-SU-2016:0187-1 SUSE-SU-2016:2954-1 SUSE-SU-2017:3410-1 SUSE-SU-2018:0334-1 SUSE-SU-2018:1230-1 SUSE-SU-2019:0913-1 SUSE-SU-2019:1155-1 SUSE-SU-2019:1195-1 SUSE-SU-2019:1684-1 SUSE-SU-2019:2042-1 SUSE-SU-2020:2157-1 SUSE-SU-2021:1623-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cyrus-sasl-2.1.26-lp150.3 is installed OR cyrus-sasl-32bit-2.1.26-lp150.3 is installed OR cyrus-sasl-crammd5-2.1.26-lp150.3 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-lp150.3 is installed OR cyrus-sasl-digestmd5-2.1.26-lp150.3 is installed OR cyrus-sasl-digestmd5-32bit-2.1.26-lp150.3 is installed OR cyrus-sasl-gssapi-2.1.26-lp150.3 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-lp150.3 is installed OR cyrus-sasl-plain-2.1.26-lp150.3 is installed OR cyrus-sasl-plain-32bit-2.1.26-lp150.3 is installed OR libsasl2-3-2.1.26-lp150.3 is installed OR libsasl2-3-32bit-2.1.26-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information python-Django-2.2.4-lp151.2.3 is installed OR python3-Django-2.2.4-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libxml2-2.7.6-0.37 is installed OR libxml2-32bit-2.7.6-0.37 is installed OR libxml2-python-2.7.6-0.37 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-devel-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information dbus-1-1.8.22-24.19 is installed OR dbus-1-x11-1.8.22-24.19 is installed OR libdbus-1-3-1.8.22-24.19 is installed OR libdbus-1-3-32bit-1.8.22-24.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-9-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-9-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libXext6-1.3.2-3 is installed OR libXext6-32bit-1.3.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.144.1 is installed OR kernel-default-base-4.4.180-94.144.1 is installed OR kernel-default-devel-4.4.180-94.144.1 is installed OR kernel-devel-4.4.180-94.144.1 is installed OR kernel-macros-4.4.180-94.144.1 is installed OR kernel-source-4.4.180-94.144.1 is installed OR kernel-syms-4.4.180-94.144.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information xen-4.9.4_06-3.62 is installed OR xen-doc-html-4.9.4_06-3.62 is installed OR xen-libs-4.9.4_06-3.62 is installed OR xen-libs-32bit-4.9.4_06-3.62 is installed OR xen-tools-4.9.4_06-3.62 is installed OR xen-tools-domU-4.9.4_06-3.62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libnetpbm11-10.66.3-8.7 is installed OR libnetpbm11-32bit-10.66.3-8.7 is installed OR netpbm-10.66.3-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND python-Django-1.8.19-3.12 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information kernel-default-4.4.180-94.100 is installed OR kernel-default-base-4.4.180-94.100 is installed OR kernel-default-devel-4.4.180-94.100 is installed OR kernel-devel-4.4.180-94.100 is installed OR kernel-macros-4.4.180-94.100 is installed OR kernel-source-4.4.180-94.100 is installed OR kernel-syms-4.4.180-94.100 is installed OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed
BACK