Sicherheit: Mehrere Probleme in Linux

Lesezeichen hinzufügen

SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: SUSE-SU-2021:0353-1
Rating: important
References: #1046305 #1046306 #1046540 #1046542 #1046648
#1050242 #1050244 #1050536 #1050538 #1050545
#1056653 #1056657 #1056787 #1064802 #1066129
#1073513 #1074220 #1075020 #1086282 #1086301
#1086313 #1086314 #1098633 #1103990 #1103991
#1103992 #1104270 #1104277 #1104279 #1104353
#1104427 #1104742 #1104745 #1109837 #1111981
#1112178 #1112374 #1113956 #1119113 #1126206
#1126390 #1127354 #1127371 #1129770 #1136348
#1149032 #1174206 #1176395 #1176831 #1176846
#1178036 #1178049 #1178631 #1178900 #1179093
#1179508 #1179509 #1179563 #1179573 #1179575
#1179878 #1180008 #1180130 #1180765 #1180812
#1180859 #1180891 #1180912 #1181001 #1181018
#1181170 #1181230 #1181231 #1181349 #1181425
#1181553
Cross-References: CVE-2020-25211 CVE-2020-25639 CVE-2020-27835
CVE-2020-29568 CVE-2020-29569 CVE-2021-0342
CVE-2021-20177 CVE-2021-3347
CVSS scores:
CVE-2020-25211 (NVD): 6
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVE-2020-25211 (SUSE): 5.9
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2020-25639 (SUSE): 4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27835 (SUSE): 6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2020-29568 (NVD): 6.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-29568 (SUSE): 6.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-29569 (NVD): 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2020-29569 (SUSE): 8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-0342 (NVD): 6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0342 (SUSE): 7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20177 (SUSE): 4.4
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3347 (NVD): 7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3347 (SUSE): 8.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP5
SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Live Patching 12-SP5
SUSE Linux Enterprise High Availability 12-SP5
______________________________________________________________________________

An update that solves 8 vulnerabilities and has 68 fixes is
now available.

Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

- CVE-2021-3347: A use-after-free was discovered in the PI futexes during
fault handling, allowing local users to execute code in the kernel
(bnc#1181349).
- CVE-2021-20177: Fixed a kernel panic related to iptables string matching
rules. A privileged user could insert a rule which could lead to denial
of service (bnc#1180765).
- CVE-2021-0342: In tun_get_user of tun.c, there is possible memory
corruption due to a use after free. This could lead to local escalation
of privilege with System execution privileges required. (bnc#1180812)
- CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was
found, specifically in the way user calls Ioctl after open dev file and
fork. A local user could use this flaw to crash the system (bnc#1179878).
- CVE-2020-25639: Fixed a NULL pointer dereference via nouveau ioctl
(bnc#1176846).
- CVE-2020-29569: Fixed a potential privilege escalation and information
leaks related to the PV block backend, as used by Xen (bnc#1179509).
- CVE-2020-29568: Fixed a denial of service issue, related to processing
watch events (bnc#1179508).
- CVE-2020-25211: Fixed a flaw where a local attacker was able to inject
conntrack netlink configuration that could cause a denial of service or
trigger the use of incorrect protocol numbers in
ctnetlink_parse_tuple_filter (bnc#1176395).

The following non-security bugs were fixed:

- ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
(git-fixes).
- ACPI: scan: Harden acpi_device_add() against device ID overflows
(git-fixes).
- ACPI: scan: Make acpi_bus_get_device() clear return pointer on error
(git-fixes).
- ALSA: doc: Fix reference to mixart.rst (git-fixes).
- ALSA: fireface: Fix integer overflow in transmit_midi_msg() (git-fixes).
- ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
(git-fixes).
- ALSA: hda/via: Add minimum mute flag (git-fixes).
- ALSA: hda/via: Fix runtime PM for Clevo W35xSS (git-fixes).
- ALSA: pcm: Clear the full allocated memory at hw_params (git-fixes).
- ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()
(git-fixes).
- arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect()
(bsc#1180130).
- arm64: pgtable: Fix pte_accessible() (bsc#1180130).
- ASoC: dapm: remove widget from dirty list on free (git-fixes).
- ASoC: Intel: haswell: Add missing pm_ops (git-fixes).
- bnxt_en: Do not query FW when netif_running() is false (bsc#1086282).
- bnxt_en: Fix accumulation of bp->net_stats_prev (bsc#1104745 ).
- bnxt_en: fix error return code in bnxt_init_board() (git-fixes).
- bnxt_en: fix error return code in bnxt_init_one() (bsc#1050242 ).
- bnxt_en: fix HWRM error when querying VF temperature (bsc#1104745).
- bnxt_en: Improve stats context resource accounting with RDMA driver
loaded (bsc#1104745).
- bnxt_en: read EEPROM A2h address using page 0 (git-fixes).
- bnxt_en: Release PCI regions when DMA mask setup fails during probe
(git-fixes).
- bnxt_en: Reset rings if ring reservation fails during open()
(bsc#1086282).
- bnxt_en: return proper error codes in bnxt_show_temp (bsc#1104745).
- bonding: set dev->needed_headroom in bond_setup_by_slave() (git-fixes).
- btrfs: add a flags argument to LOGICAL_INO and call it LOGICAL_INO_V2
(bsc#1174206).
- btrfs: add a flag to iterate_inodes_from_logical to find all
- btrfs: add a flag to iterate_inodes_from_logical to find all extent refs
for uncompressed extents (bsc#1174206).
- btrfs: add a flag to iterate_inodes_from_logical to find all extent refs
for uncompressed extents (bsc#1174206).
- btrfs: increase output size for LOGICAL_INO_V2 ioctl (bsc#1174206).
- btrfs: qgroup: do not try to wait flushing if we're already holding a
transaction (bsc#1179575).
- caif: no need to check return value of debugfs_create functions
(git-fixes).
- can: c_can: c_can_power_up(): fix error handling (git-fixes).
- can: dev: prevent potential information leak in can_fill_info()
(git-fixes).
- can: vxcan: vxcan_xmit: fix use after free bug (git-fixes).
- chelsio/chtls: correct function return and return type (bsc#1104270).
- chelsio/chtls: correct netdevice for vlan interface (bsc#1104270 ).
- chelsio/chtls: fix a double free in chtls_setkey() (bsc#1104270 ).
- chelsio/chtls: fix always leaking ctrl_skb (bsc#1104270 ).
- chelsio/chtls: fix deadlock issue (bsc#1104270).
- chelsio/chtls: fix memory leaks caused by a race (bsc#1104270 ).
- chelsio/chtls: fix memory leaks in CPL handlers (bsc#1104270 ).
- chelsio/chtls: fix panic during unload reload chtls (bsc#1104270 ).
- chelsio/chtls: fix socket lock (bsc#1104270).
- chelsio/chtls: fix tls record info to user (bsc#1104270 ).
- chtls: Added a check to avoid NULL pointer dereference (bsc#1104270).
- chtls: Fix chtls resources release sequence (bsc#1104270 ).
- chtls: Fix hardware tid leak (bsc#1104270).
- chtls: Remove invalid set_tcb call (bsc#1104270).
- chtls: Replace skb_dequeue with skb_peek (bsc#1104270 ).
- cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled
(bsc#1109837).
- cxgb3: fix error return code in t3_sge_alloc_qset() (git-fixes).
- cxgb4/cxgb4vf: fix flow control display for auto negotiation
(bsc#1046540 bsc#1046542).
- cxgb4: fix adapter crash due to wrong MC size (bsc#1073513).
- cxgb4: fix all-mask IP address comparison (bsc#1064802 bsc#1066129).
- cxgb4: fix large delays in PTP synchronization (bsc#1046540 bsc#1046648).
- cxgb4: fix SGE queue dump destination buffer context (bsc#1073513).
- cxgb4: fix the panic caused by non smac rewrite (bsc#1064802
bsc#1066129).
- cxgb4: fix thermal zone device registration (bsc#1104279 bsc#1104277).
- cxgb4: fix throughput drop during Tx backpressure (bsc#1127354
bsc#1127371).
- cxgb4: move DCB version extern to header file (bsc#1104279 ).
- cxgb4: remove cast when saving IPv4 partial checksum (bsc#1074220).
- cxgb4: set up filter action after rewrites (bsc#1064802 bsc#1066129).
- cxgb4: use correct type for all-mask IP address comparison (bsc#1064802
bsc#1066129).
- cxgb4: use unaligned conversion for fetching timestamp (bsc#1046540
bsc#1046648).
- dmaengine: xilinx_dma: check dma_async_device_register return value
(git-fixes).
- dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (git-fixes).
- docs: Fix reST markup when linking to sections (git-fixes).
- drivers: net: xgene: Fix the order of the arguments of
'alloc_etherdev_mqs()' (git-fixes).
- drm/amdkfd: Put ACPI table after using it (bsc#1129770) Backporting
changes: * context changes
- drm/amd/powerplay: fix a crash when overclocking Vega M (bsc#1113956)
- drm/atomic: put state on error path (git-fixes).
- drm/i915: Check for all subplatform bits (git-fixes).
- drm/i915: Clear the repeater bit on HDCP disable (bsc#1112178)
Backporting changes: * context changes
- drm/i915: Fix sha_text population code (bsc#1112178) Backporting
changes: * context changes
- drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check() (bsc#1129770)
Backporting changes: * context changes * moved num_mixers from struct
dpu_crtc_state to struct dpu_crtc
- drm/msm: Fix use-after-free in msm_gem with carveout (bsc#1129770)
Backporting changes: * context changes * removed reference to
msm_gem_is_locked()
- drm/msm: Fix WARN_ON() splat in _free_object() (bsc#1129770) Backporting
changes: * context changes
- drm/nouveau/bios: fix issue shadowing expansion ROMs (git-fixes).
- drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
(git-fixes).
- drm/nouveau/privring: ack interrupts the same way as RM (git-fixes).
- drm: sun4i: hdmi: Fix inverted HPD result (bsc#1112178) Backporting
changes: * context changes
- drm: sun4i: hdmi: Remove extra HPD polling (bsc#1112178)
- drm/tve200: Fix handling of platform_get_irq() error (bsc#1129770)
- drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset()
(bsc#1112178) Backporting changes: * context changes
- EDAC/amd64: Fix PCI component registration (bsc#1112178).
- ehci: fix EHCI host controller initialization sequence (git-fixes).
- ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (git-fixes).
- floppy: reintroduce O_NDELAY fix (boo#1181018).
- futex: Do not enable IRQs unconditionally in put_pi_state()
(bsc#1149032).
- futex: Ensure the correct return value from futex_lock_pi() (bsc#1181349
bsc#1149032).
- futex: Fix incorrect should_fail_futex() handling (bsc#1181349).
- futex: Handle faults correctly for PI futexes (bsc#1181349 bsc#1149032).
- futex: Provide and use pi_state_update_owner() (bsc#1181349 bsc#1149032).
- futex: Replace pointless printk in fixup_owner() (bsc#1181349
bsc#1149032).
- futex: Simplify fixup_pi_state_owner() (bsc#1181349 bsc#1149032).
- futex: Use pi_state_update_owner() in put_pi_state() (bsc#1181349
bsc#1149032).
- i2c: octeon: check correct size of maximum RECV_LEN packet (git-fixes).
- i40e: avoid premature Rx buffer reuse (bsc#1111981).
- i40e: Fix removing driver while bare-metal VFs pass traffic (git-fixes).
- IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
(bsc#1103991).
- igb: Report speed and duplex as unknown when device is runtime suspended
(git-fixes).
- igc: fix link speed advertising (jsc#SLE-4799).
- iio: ad5504: Fix setting power-down state (git-fixes).
- iommu/vt-d: Do not dereference iommu_device if IOMMU_API is not built
(bsc#1181001, jsc#ECO-3191).
- iommu/vt-d: Gracefully handle DMAR units with no supported address
widths (bsc#1181001, jsc#ECO-3191).
- ixgbe: avoid premature Rx buffer reuse (bsc#1109837 ).
- ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K (bsc#1109837).
- kABI: Fix kABI for extended APIC-ID support (bsc#1181001, jsc#ECO-3191).
- KVM: SVM: Initialize prev_ga_tag before use (bsc#1180912).
- KVM: x86/mmu: Commit zap of remaining invalid pages when recovering
lpages (bsc#1181230).
- lockd: do not use interval-based rebinding over TCP (git-fixes).
- locking/futex: Allow low-level atomic operations to return -EAGAIN
(bsc#1149032).
- md: fix a warning caused by a race between concurrent md_ioctl()s
(git-fixes).
- md/raid10: initialize r10_bio->read_slot before use (git-fixes).
- media: gp8psk: initialize stats at power control logic (git-fixes).
- misc: vmw_vmci: fix kernel info-leak by initializing dbells in
vmci_ctx_get_chkpt_doorbells() (git-fixes).
- misdn: dsp: select CONFIG_BITREVERSE (git-fixes).
- mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() (git-fixes).
- mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
(bsc#1112374).
- mlxsw: spectrum: Do not modify cloned SKBs during xmit (git-fixes).
- mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case
reload fails (bsc#1112374).
- mlxsw: switchx2: Do not modify cloned SKBs during xmit (git-fixes).
- mmc: sdhci-xenon: fix 1.8v regulator stabilization (git-fixes).
- mm: do not wake kswapd prematurely when watermark boosting is disabled
(git fixes (mm/vmscan)).
- mm: hwpoison: disable memory error handling on 1GB hugepage (git fixes
(mm/hwpoison)).
- mm, page_alloc: fix core hung in free_pcppages_bulk() (git fixes
(mm/hotplug)).
- mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous()
(git fixes (mm/pgalloc)).
- mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly
(git fixes (mm/hmm)).
- mm/slab: use memzero_explicit() in kzfree() (git fixes (mm/slab)).
- module: delay kobject uevent until after module init call (bsc#1178631).
- net/af_iucv: always register net_device notifier (git-fixes).
- net/af_iucv: fix null pointer dereference on shutdown (bsc#1179563
LTC#190108).
- net/af_iucv: set correct sk_protocol for child sockets (git-fixes).
- net: atlantic: fix potential error handling (git-fixes).
- net: atlantic: fix use after free kasan warn (git-fixes).
- net: bcmgenet: keep MAC in reset until PHY is up (git-fixes).
- net: bcmgenet: reapply manual settings to the PHY (git-fixes).
- net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
(git-fixes).
- net: cbs: Fix software cbs to consider packet sending time (bsc#1109837).
- net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL (git-fixes).
- net: dsa: LAN9303: select REGMAP when LAN9303 enable (git-fixes).
- net: ena: set initial DMA width to avoid intel iommu issue (git-fixes).
- net: ethernet: mlx4: Avoid assigning a value to ring_cons but not used
it anymore in mlx4_en_xmit() (git-fixes).
- net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
(git-fixes).
- net_failover: fixed rollback in net_failover_open() (bsc#1109837).
- net/filter: Permit reading NET in load_bytes_relative when MAC not set
(bsc#1109837).
- net: freescale: fec: Fix ethtool -d runtime PM (git-fixes).
- net: hns3: add a missing uninit debugfs when unload driver (bsc#1104353).
- net: hns3: add compatible handling for command HCLGE_OPC_PF_RST_DONE
(git-fixes).
- net: hns3: add management table after IMP reset (bsc#1104353 ).
- net: hns3: check reset interrupt status when reset fails (git-fixes).
- net: hns3: clear reset interrupt status in hclge_irq_handle()
(git-fixes).
- net: hns3: fix a TX timeout issue (bsc#1104353).
- net: hns3: fix a wrong reset interrupt status mask (git-fixes).
- net: hns3: fix error handling for desc filling (bsc#1104353 ).
- net: hns3: fix error VF index when setting VLAN offload (bsc#1104353).
- net: hns3: fix for not calculating TX BD send size correctly
(bsc#1126390).
- net: hns3: fix interrupt clearing error for VF (bsc#1104353 ).
- net: hns3: fix mis-counting IRQ vector numbers issue (bsc#1104353).
- net: hns3: fix shaper parameter algorithm (bsc#1104353 ).
- net: hns3: fix the number of queues actually used by ARQ (bsc#1104353).
- net: hns3: fix use-after-free when doing self test (bsc#1104353 ).
- net: hns3: reallocate SSU' buffer size when pfc_en changes
(bsc#1104353).
- __netif_receive_skb_core: pass skb by reference (bsc#1109837).
- net/liquidio: Delete driver version assignment (git-fixes).
- net/liquidio: Delete non-working LIQUIDIO_PACKAGE check (git-fixes).
- net/mlx4_en: Avoid scheduling restart task if it is already running
(git-fixes).
- net/mlx5: Add handling of port type in rule deletion (bsc#1103991).
- net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq
(bsc#1103990).
- net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (git-fixes).
- net/mlx5e: Fix two double free cases (bsc#1046305).
- net/mlx5e: Fix VLAN cleanup flow (git-fixes).
- net/mlx5e: Fix VLAN create flow (git-fixes).
- net/mlx5e: IPoIB, Drop multicast packets that this interface sent
(bsc#1075020).
- net/mlx5e: TX, Fix consumer index of error cqe dump (bsc#1103990 ).
- net/mlx5: Fix memory leak on flow table creation error flow
(bsc#1046305).
- net: mvpp2: Fix error return code in mvpp2_open() (bsc#1119113 ).
- net: mvpp2: Fix GoP port 3 Networking Complex Control configurations
(bsc#1098633).
- net: mvpp2: fix pkt coalescing int-threshold configuration (bsc#1098633).
- net: phy: Allow BCM54616S PHY to setup internal TX/RX clock delay
(git-fixes).
- net: phy: broadcom: Fix RGMII delays configuration for BCM54210E
(git-fixes).
- net: phy: micrel: Discern KSZ8051 and KSZ8795 PHYs (git-fixes).
- net: phy: micrel: make sure the factory test bit is cleared (git-fixes).
- net: qca_spi: Move reset_count to struct qcaspi (git-fixes).
- net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
(bsc#1109837).
- net_sched: let qdisc_put() accept NULL pointer (bsc#1056657 bsc#1056653
bsc#1056787).
- net: smc911x: Adjust indentation in smc911x_phy_configure (git-fixes).
- net/smc: cancel event worker during device removal (git-fixes).
- net/smc: check for valid ib_client_data (git-fixes).
- net/smc: fix sleep bug in smc_pnet_find_roce_resource() (git-fixes).
- net/smc: receive pending data after RCV_SHUTDOWN (git-fixes).
- net/smc: receive returns without data (git-fixes).
- net/sonic: Add mutual exclusion for accessing shared state (git-fixes).
- net: stmmac: 16KB buffer must be 16 byte aligned (git-fixes).
- net: stmmac: Do not accept invalid MTU values (git-fixes).
- net: stmmac: dwmac-meson8b: Fix signedness bug in probe (git-fixes).
- net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes (git-fixes).
- net: stmmac: Enable 16KB buffer size (git-fixes).
- net: stmmac: fix length of PTP clock's name string (git-fixes).
- net: stmmac: gmac4+: Not all Unicast addresses may be available
(git-fixes).
- net: stmmac: RX buffer size must be 16 byte aligned (git-fixes).
- net: sunrpc: interpret the return value of kstrtou32 correctly
(git-fixes).
- net: team: fix memory leak in __team_options_register (git-fixes).
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
(git-fixes).
- net: usb: lan78xx: Fix error message format specifier (git-fixes).
- net: vlan: avoid leaks on register_vlan_dev() failures (git-fixes).
- nfp: validate the return code from dev_queue_xmit() (git-fixes).
- NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
(git-fixes).
- nfs_common: need lock during iterate through the list (git-fixes).
- nfsd4: readdirplus shouldn't return parent of export (git-fixes).
- nfsd: Fix message level for normal termination (git-fixes).
- NFS: nfs_igrab_and_active must first reference the superblock
(git-fixes).
- NFS: switch nfsiod to be an UNBOUND workqueue (git-fixes).
- NFSv4.2: condition READDIR's mask for security label based on LSM
state
(git-fixes).
- page_frag: Recover from memory pressure (git fixes (mm/pgalloc)).
- pNFS: Mark layout for return if return-on-close was not sent (git-fixes).
- powerpc/perf: Add generic compat mode pmu driver (bsc#1178900
ltc#189284).
- powerpc/perf: Fix crashes with generic_compat_pmu & BHRB (bsc#1178900
ltc#189284 git-fixes).
- powerpc/perf: init pmu from core-book3s (bsc#1178900 ltc#189284).
- qed: Fix race condition between scheduling and destroying the slowpath
workqueue (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix use after free in qed_chain_free (bsc#1050536 bsc#1050538).
- r8152: Add Lenovo Powered USB-C Travel Hub (git-fixes).
- RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel()
(bsc#1103992).
- RDMA/bnxt_re: Do not add user qps to flushlist (bsc#1050244 ).
- RDMA/bnxt_re: Do not report transparent vlan from QP1 (bsc#1104742).
- RDMA/cma: Do not overwrite sgid_attr after device is released
(bsc#1103992).
- RDMA/core: Ensure security pkey modify is not lost (bsc#1046306 ).
- RDMA/core: Fix pkey and port assignment in get_new_pps (bsc#1046306).
- RDMA/core: Fix protection fault in get_pkey_idx_qp_list (bsc#1046306).
- RDMA/core: Fix reported speed and width (bsc#1046306 ).
- RDMA/core: Fix return error value in _ib_modify_qp() to negative
(bsc#1103992).
- RDMA/core: Fix use of logical OR in get_new_pps (bsc#1046306 ).
- RDMA/hns: Bugfix for memory window mtpt configuration (bsc#1104427).
- RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
(bsc#1104427).
- RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
(bsc#1104427).
- RDMA/hns: Fix cmdq parameter of querying pf timer resource (bsc#1104427
bsc#1126206).
- RDMA/hns: Fix missing sq_sig_type when querying QP (bsc#1104427 ).
- RDMA/iw_cxgb4: Fix incorrect function parameters (bsc#1136348
jsc#SLE-4684).
- RDMA/iw_cxgb4: initiate CLOSE when entering TERM (bsc#1136348
jsc#SLE-4684).
- RDMA/mlx5: Add init2init as a modify command (bsc#1103991 ).
- RDMA/mlx5: Fix typo in enum name (bsc#1103991).
- RDMA/mlx5: Fix wrong free of blue flame register on error (bsc#1103991).
- RDMA/qedr: Fix inline size returned for iWARP (bsc#1050545 ).
- rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
(bsc#1181349 bsc#1149032).
- s390/cio: fix use-after-free in ccw_device_destroy_console (git-fixes).
- s390/dasd: fix list corruption of lcu list (bsc#1181170 LTC#190915).
- s390/dasd: fix list corruption of pavgroup group list (bsc#1181170
LTC#190915).
- s390/dasd: prevent inconsistent LCU device data (bsc#1181170 LTC#190915).
- s390/qeth: delay draining the TX buffers (git-fixes).
- s390/qeth: fix deadlock during recovery (git-fixes).
- s390/qeth: fix L2 header access in qeth_l3_osa_features_check()
(git-fixes).
- s390/qeth: fix locking for discipline setup / removal (git-fixes).
- s390/smp: perform initial CPU reset also for SMT siblings (git-fixes).
- sched/fair: Fix enqueue_task_fair warning (bsc#1179093).
- sched/fair: Fix enqueue_task_fair() warning some more (bsc#1179093).
- sched/fair: Fix reordering of enqueue/dequeue_task_fair() (bsc#1179093).
- sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (bsc#1179093).
- sched/fair: Reorder enqueue/dequeue_task_fair path (bsc#1179093).
- scsi: core: Fix VPD LUN ID designator priorities (bsc#1178049,
git-fixes).
- scsi: ibmvfc: Set default timeout to avoid crash during migration
(bsc#1181425 ltc#188252).
- scsi: lpfc: Enhancements to LOG_TRACE_EVENT for better readability
(bsc#1180891).
- scsi: lpfc: Fix auto sli_mode and its effect on CONFIG_PORT for SLI3
(bsc#1180891).
- scsi: lpfc: Fix crash when a fabric node is released prematurely
(bsc#1180891).
- scsi: lpfc: Fix error log messages being logged following SCSI task mgnt
(bsc#1180891).
- scsi: lpfc: Fix FW reset action if I/Os are outstanding (bsc#1180891).
- scsi: lpfc: Fix NVMe recovery after mailbox timeout (bsc#1180891).
- scsi: lpfc: Fix PLOGI S_ID of 0 on pt2pt config (bsc#1180891).
- scsi: lpfc: Fix target reset failing (bsc#1180891).
- scsi: lpfc: Fix vport create logging (bsc#1180891).
- scsi: lpfc: Implement health checking when aborting I/O (bsc#1180891).
- scsi: lpfc: Prevent duplicate requests to unregister with cpuhp
framework (bsc#1180891).
- scsi: lpfc: Refresh ndlp when a new PRLI is received in the PRLI issue
state (bsc#1180891).
- scsi: lpfc: Simplify bool comparison (bsc#1180891).
- scsi: lpfc: Update lpfc version to 12.8.0.7 (bsc#1180891).
- scsi: lpfc: Use the nvme-fc transport supplied timeout for LS requests
(bsc#1180891).
- serial: mvebu-uart: fix tx lost characters at power off (git-fixes).
- spi: cadence: cache reference clock rate during probe (git-fixes).
- SUNRPC: cache: ignore timestamp written to 'flush' file
(bsc#1178036).
- team: set dev->needed_headroom in team_setup_by_port() (git-fixes).
- tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS
(bsc#1109837).
- usb: chipidea: ci_hdrc_imx: add missing put_device() call in
usbmisc_get_init_data() (git-fixes).
- usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion
(git-fixes).
- USB: ehci: fix an interrupt calltrace error (git-fixes).
- usb: gadget: configfs: Preserve function ordering after bind failure
(git-fixes).
- usb: gadget: f_uac2: reset wMaxPacketSize (git-fixes).
- USB: gadget: legacy: fix return error code in acm_ms_bind() (git-fixes).
- usb: gadget: select CONFIG_CRC32 (git-fixes).
- USB: serial: iuu_phoenix: fix DMA from stack (git-fixes).
- usb: udc: core: Use lock when write to soft_connect (git-fixes).
- USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk
set (git-fixes).
- USB: yurex: fix control-URB timeout handling (git-fixes).
- veth: Adjust hard_start offset on redirect XDP frames (bsc#1109837).
- vfio iommu: Add dma available capability (bsc#1179573 LTC#190106).
- vfio-pci: Use io_remap_pfn_range() for PCI IO memory (bsc#1181231).
- vhost/vsock: fix vhost vsock cid hashing inconsistent (git-fixes).
- virtio_net: Keep vnet header zeroed if XDP is loaded for small buffer
(git-fixes).
- wan: ds26522: select CONFIG_BITREVERSE (git-fixes).
- wil6210: select CONFIG_CRC32 (git-fixes).
- x86/apic: Fix x2apic enablement without interrupt remapping
(bsc#1181001, jsc#ECO-3191).
- x86/apic: Support 15 bits of APIC ID in IOAPIC/MSI where available
(bsc#1181001, jsc#ECO-3191).
- x86/hyperv: Fix kexec panic/hang issues (bsc#1176831).
- x86/i8259: Use printk_deferred() to prevent deadlock (bsc#1112178).
- x86/ioapic: Handle Extended Destination ID field in RTE (bsc#1181001,
jsc#ECO-3191).
- x86/kvm: Add KVM_FEATURE_MSI_EXT_DEST_ID (bsc#1181001, jsc#ECO-3191).
- x86/kvm: Reserve KVM_FEATURE_MSI_EXT_DEST_ID (bsc#1181001, jsc#ECO-3191).
- x86/mm: Fix leak of pmd ptlock (bsc#1112178).
- x86/mm/numa: Remove uninitialized_var() usage (bsc#1112178).
- x86/msi: Only use high bits of MSI address for DMAR unit (bsc#1181001,
jsc#ECO-3191).
- x86/mtrr: Correct the range check before performing MTRR type lookups
(bsc#1112178).
- x86/resctrl: Do not move a task to the same resource group (bsc#1112178).
- x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC
MSR (bsc#1112178).
- xdp: Fix xsk_generic_xmit errno (bsc#1109837).
- xhci: make sure TRB is fully written before giving it to the controller
(git-fixes).
- xhci: tegra: Delay for disabling LFPS detector (git-fixes).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- SUSE Linux Enterprise Workstation Extension 12-SP5:

zypper in -t patch SUSE-SLE-WE-12-SP5-2021-353=1

- SUSE Linux Enterprise Software Development Kit 12-SP5:

zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-353=1

- SUSE Linux Enterprise Server 12-SP5:

zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-353=1

- SUSE Linux Enterprise Live Patching 12-SP5:

zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2021-353=1

- SUSE Linux Enterprise High Availability 12-SP5:

zypper in -t patch SUSE-SLE-HA-12-SP5-2021-353=1

Package List:

- SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):

kernel-default-debuginfo-4.12.14-122.60.1
kernel-default-debugsource-4.12.14-122.60.1
kernel-default-extra-4.12.14-122.60.1
kernel-default-extra-debuginfo-4.12.14-122.60.1

- SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
s390x x86_64):

kernel-obs-build-4.12.14-122.60.1
kernel-obs-build-debugsource-4.12.14-122.60.1

- SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):

kernel-docs-4.12.14-122.60.2

- SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

kernel-default-4.12.14-122.60.1
kernel-default-base-4.12.14-122.60.1
kernel-default-base-debuginfo-4.12.14-122.60.1
kernel-default-debuginfo-4.12.14-122.60.1
kernel-default-debugsource-4.12.14-122.60.1
kernel-default-devel-4.12.14-122.60.1
kernel-syms-4.12.14-122.60.1

- SUSE Linux Enterprise Server 12-SP5 (x86_64):

kernel-default-devel-debuginfo-4.12.14-122.60.1

- SUSE Linux Enterprise Server 12-SP5 (noarch):

kernel-devel-4.12.14-122.60.1
kernel-macros-4.12.14-122.60.1
kernel-source-4.12.14-122.60.1

- SUSE Linux Enterprise Server 12-SP5 (s390x):

kernel-default-man-4.12.14-122.60.1

- SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):

kernel-default-debuginfo-4.12.14-122.60.1
kernel-default-debugsource-4.12.14-122.60.1
kernel-default-kgraft-4.12.14-122.60.1
kernel-default-kgraft-devel-4.12.14-122.60.1
kgraft-patch-4_12_14-122_60-default-1-8.3.1

- SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):

cluster-md-kmp-default-4.12.14-122.60.1
cluster-md-kmp-default-debuginfo-4.12.14-122.60.1
dlm-kmp-default-4.12.14-122.60.1
dlm-kmp-default-debuginfo-4.12.14-122.60.1
gfs2-kmp-default-4.12.14-122.60.1
gfs2-kmp-default-debuginfo-4.12.14-122.60.1
kernel-default-debuginfo-4.12.14-122.60.1
kernel-default-debugsource-4.12.14-122.60.1
ocfs2-kmp-default-4.12.14-122.60.1
ocfs2-kmp-default-debuginfo-4.12.14-122.60.1

References:

https://www.suse.com/security/cve/CVE-2020-25211.html
https://www.suse.com/security/cve/CVE-2020-25639.html
https://www.suse.com/security/cve/CVE-2020-27835.html
https://www.suse.com/security/cve/CVE-2020-29568.html
https://www.suse.com/security/cve/CVE-2020-29569.html
https://www.suse.com/security/cve/CVE-2021-0342.html
https://www.suse.com/security/cve/CVE-2021-20177.html
https://www.suse.com/security/cve/CVE-2021-3347.html
https://bugzilla.suse.com/1046305
https://bugzilla.suse.com/1046306
https://bugzilla.suse.com/1046540
https://bugzilla.suse.com/1046542
https://bugzilla.suse.com/1046648
https://bugzilla.suse.com/1050242
https://bugzilla.suse.com/1050244
https://bugzilla.suse.com/1050536
https://bugzilla.suse.com/1050538
https://bugzilla.suse.com/1050545
https://bugzilla.suse.com/1056653
https://bugzilla.suse.com/1056657
https://bugzilla.suse.com/1056787
https://bugzilla.suse.com/1064802
https://bugzilla.suse.com/1066129
https://bugzilla.suse.com/1073513
https://bugzilla.suse.com/1074220
https://bugzilla.suse.com/1075020
https://bugzilla.suse.com/1086282
https://bugzilla.suse.com/1086301
https://bugzilla.suse.com/1086313
https://bugzilla.suse.com/1086314
https://bugzilla.suse.com/1098633
https://bugzilla.suse.com/1103990
https://bugzilla.suse.com/1103991
https://bugzilla.suse.com/1103992
https://bugzilla.suse.com/1104270
https://bugzilla.suse.com/1104277
https://bugzilla.suse.com/1104279
https://bugzilla.suse.com/1104353
https://bugzilla.suse.com/1104427
https://bugzilla.suse.com/1104742
https://bugzilla.suse.com/1104745
https://bugzilla.suse.com/1109837
https://bugzilla.suse.com/1111981
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1112374
https://bugzilla.suse.com/1113956
https://bugzilla.suse.com/1119113
https://bugzilla.suse.com/1126206
https://bugzilla.suse.com/1126390
https://bugzilla.suse.com/1127354
https://bugzilla.suse.com/1127371
https://bugzilla.suse.com/1129770
https://bugzilla.suse.com/1136348
https://bugzilla.suse.com/1149032
https://bugzilla.suse.com/1174206
https://bugzilla.suse.com/1176395
https://bugzilla.suse.com/1176831
https://bugzilla.suse.com/1176846
https://bugzilla.suse.com/1178036
https://bugzilla.suse.com/1178049
https://bugzilla.suse.com/1178631
https://bugzilla.suse.com/1178900
https://bugzilla.suse.com/1179093
https://bugzilla.suse.com/1179508
https://bugzilla.suse.com/1179509
https://bugzilla.suse.com/1179563
https://bugzilla.suse.com/1179573
https://bugzilla.suse.com/1179575
https://bugzilla.suse.com/1179878
https://bugzilla.suse.com/1180008
https://bugzilla.suse.com/1180130
https://bugzilla.suse.com/1180765
https://bugzilla.suse.com/1180812
https://bugzilla.suse.com/1180859
https://bugzilla.suse.com/1180891
https://bugzilla.suse.com/1180912
https://bugzilla.suse.com/1181001
https://bugzilla.suse.com/1181018
https://bugzilla.suse.com/1181170
https://bugzilla.suse.com/1181230
https://bugzilla.suse.com/1181231
https://bugzilla.suse.com/1181349
https://bugzilla.suse.com/1181425
https://bugzilla.suse.com/1181553