Oval Definition:oval:org.opensuse.security:def:57549
Revision Date:2021-02-12Version:1
Title:Security update for the Linux Kernel (Important)
Description:

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes.



The following security bugs were fixed:

- CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349). - CVE-2020-25211: Fixed a buffer overflow in ctnetlink_parse_tuple_filter() which could be triggered by a local attackers by injecting conntrack netlink configuration (bnc#1176395). - CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was found, specifically in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system (bnc#1179878). - CVE-2020-29569: Fixed a potential privilege escalation and information leaks related to the PV block backend, as used by Xen (bnc#1179509). - CVE-2020-29568: Fixed a denial of service issue, related to processing watch events (bnc#1179508). - CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031). - CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666). - CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141). - CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086). - CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107). - CVE-2020-27786: Fixed an out-of-bounds write in the MIDI implementation (bnc#1179601). - CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589). - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559). - CVE-2020-11668: Fixed the mishandling of invalid descriptors in the Xirlink camera USB driver (bnc#1168952). - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485). - CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA fault statistics were inappropriately freed (bsc#1179663). - CVE-2018-10902: It was found that the raw midi kernel driver did not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bnc#1105322).

The following non-security bugs were fixed:

- cifs: do not revalidate mountpoint dentries (bsc#1177440). - cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944). - cifs: ignore revalidate failures in case of process gets signaled (bsc#1177440). - epoll: Keep a reference on files added to the check list (bsc#1180031). - fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes). - futex: Avoid freeing an active timer (bsc#969755). - futex: Avoid violating the 10th rule of futex (bsc#969755). - futex: Change locking rules (bsc#969755). - futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#969755). - futex: Drop hb->lock before enqueueing on the rtmutex (bsc#969755). - futex: Fix incorrect should_fail_futex() handling (bsc#969755). - futex: Fix more put_pi_state() vs. exit_pi_state_list() races (bsc#969755). - futex: Fix OWNER_DEAD fixup (bsc#969755). - futex: Fix pi_state->owner serialization (bsc#969755). - futex: Fix small (and harmless looking) inconsistencies (bsc#969755). - futex: Futex_unlock_pi() determinism (bsc#969755). - futex: Handle early deadlock return correctly (bsc#969755). - futex: Handle transient 'ownerless' rtmutex state correctly (bsc#969755). - futex: Pull rt_mutex_futex_unlock() out from under hb->lock (bsc#969755). - futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock() (bsc#969755). - futex: Rework inconsistent rt_mutex/futex_q state (bsc#969755). - futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock() (bsc#969755). - futex,rt_mutex: Introduce rt_mutex_init_waiter() (bsc#969755). - futex,rt_mutex: Provide futex specific rt_mutex API (bsc#969755). - futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock() (bsc#969755). - HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052). - IB/hfi1: Clean up hfi1_user_exp_rcv_setup function (bsc#1179878). - IB/hfi1: Clean up pin_vector_pages() function (bsc#1179878). - IB/hfi1: Fix the bail out code in pin_vector_pages() function (bsc#1179878). - IB/hfi1: Move structure definitions from user_exp_rcv.c to user_exp_rcv.h (bsc#1179878). - IB/hfi1: Name function prototype parameters (bsc#1179878). - IB/hfi1: Use filedata rather than filepointer (bsc#1179878). - locking/futex: Allow low-level atomic operations to return -EAGAIN (bsc#969755). - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204). - scsi: iscsi: Fix a potential deadlock in the timeout handler (bsc#1178272). - Use r3 instead of r13 for l1d fallback flush in do_uaccess_fush (bsc#1181096 ltc#190883). - video: hyperv_fb: include vmalloc.h (bsc#1175306).
Family:unixClass:patch
Status:Reference(s):1010685
1027519
1038709
1038711
1038713
1055695
1056278
1056280
1056281
1056282
1078808
1079869
1080042
1082041
1083625
1103098
1105322
1105323
1124729
1124734
1128378
1129271
1129272
1139944
1144903
1149294
1149295
1149296
1149297
1149298
1149299
1149303
1149304
1149324
1153108
1153158
1153161
1168630
1168952
1173942
1175306
1176395
1176485
1177440
1177666
1178182
1178272
1178589
1178886
1179107
1179140
1179141
1179204
1179419
1179508
1179509
1179601
1179616
1179663
1179666
1179745
1179877
1179878
1179960
1179961
1180008
1180027
1180028
1180029
1180030
1180031
1180032
1180052
1180086
1180559
1180562
1180815
1181096
1181158
1181349
1181553
934524
934527
934528
959724
960961
962779
969755
988903
995374
CVE-2011-2483
CVE-2011-3177
CVE-2012-2396
CVE-2013-1982
CVE-2013-6473
CVE-2013-6474
CVE-2013-6475
CVE-2013-6476
CVE-2014-2707
CVE-2014-4336
CVE-2014-4337
CVE-2014-4338
CVE-2014-9556
CVE-2014-9732
CVE-2015-2265
CVE-2015-3258
CVE-2015-3279
CVE-2015-4470
CVE-2015-4471
CVE-2015-7744
CVE-2015-8327
CVE-2015-8560
CVE-2016-0502
CVE-2016-0505
CVE-2016-0546
CVE-2016-0596
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0616
CVE-2016-1248
CVE-2016-6329
CVE-2017-14316
CVE-2017-14317
CVE-2017-14318
CVE-2017-14319
CVE-2017-5715
CVE-2017-7478
CVE-2017-7479
CVE-2018-1064
CVE-2018-10902
CVE-2018-5391
CVE-2018-6764
CVE-2019-10220
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11752
CVE-2019-11753
CVE-2019-17133
CVE-2019-20934
CVE-2019-5418
CVE-2019-5419
CVE-2019-6974
CVE-2019-7221
CVE-2019-9213
CVE-2019-9812
CVE-2020-0444
CVE-2020-0465
CVE-2020-0466
CVE-2020-11668
CVE-2020-15436
CVE-2020-15437
CVE-2020-25211
CVE-2020-25285
CVE-2020-25669
CVE-2020-27068
CVE-2020-27777
CVE-2020-27786
CVE-2020-27825
CVE-2020-27835
CVE-2020-28915
CVE-2020-28974
CVE-2020-29568
CVE-2020-29569
CVE-2020-29660
CVE-2020-29661
CVE-2020-36158
CVE-2020-4788
CVE-2020-6819
CVE-2020-6820
CVE-2021-3347
SUSE-SU-2015:2131-1
SUSE-SU-2016:0348-1
SUSE-SU-2016:2942-1
SUSE-SU-2017:1622-1
SUSE-SU-2017:2519-1
SUSE-SU-2018:0861-1
SUSE-SU-2019:0915-1
SUSE-SU-2019:2436-1
SUSE-SU-2020:0928-1
SUSE-SU-2021:0452-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kinit-5.45.0-lp150.1 is installed
  • OR kinit-lang-5.45.0-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaThunderbird-60.8.0-lp151.2.10 is installed
  • OR MozillaThunderbird-buildsymbols-60.8.0-lp151.2.10 is installed
  • OR MozillaThunderbird-translations-common-60.8.0-lp151.2.10 is installed
  • OR MozillaThunderbird-translations-other-60.8.0-lp151.2.10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND cabextract-1.2-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_85-default-12-2 is installed
  • OR kgraft-patch-3_12_74-60_64_85-xen-12-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_26-12-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • cups-filters-1.0.58-13 is installed
  • OR cups-filters-cups-browsed-1.0.58-13 is installed
  • OR cups-filters-foomatic-rip-1.0.58-13 is installed
  • OR cups-filters-ghostscript-1.0.58-13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND clamav-0.100.2-33.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_85-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-60.9.0-109.86 is installed
  • OR MozillaFirefox-devel-60.9.0-109.86 is installed
  • OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.138.1 is installed
  • OR kernel-default-base-4.4.180-94.138.1 is installed
  • OR kernel-default-devel-4.4.180-94.138.1 is installed
  • OR kernel-devel-4.4.180-94.138.1 is installed
  • OR kernel-macros-4.4.180-94.138.1 is installed
  • OR kernel-source-4.4.180-94.138.1 is installed
  • OR kernel-syms-4.4.180-94.138.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_100-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • cups-1.7.5-20.26 is installed
  • OR cups-client-1.7.5-20.26 is installed
  • OR cups-libs-1.7.5-20.26 is installed
  • OR cups-libs-32bit-1.7.5-20.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND dstat-0.7.3-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionpack-4_2-4.2.9-7.6 is installed
  • OR rubygem-actionpack-4_2-4.2.9-7.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
    • BACK