Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2019:0828-1
Rating:	important
References:	bsc#1012382 bsc#1075697 bsc#1082943 bsc#1098599 bsc#1102959 bsc#1105402 bsc#1107829 bsc#1108145 bsc#1109137 bsc#1109330 bsc#1110286 bsc#1117645 bsc#1119019 bsc#1120691 bsc#1121698 bsc#1121805 bsc#1122821 bsc#1124728 bsc#1124732 bsc#1124735 bsc#1125315 bsc#1127155 bsc#1127758 bsc#1127961 bsc#1128166 bsc#1129080 bsc#1129179
Cross-References:	CVE-2018-14633 CVE-2019-2024 CVE-2019-6974 CVE-2019-7221 CVE-2019-7222 CVE-2019-9213
CVSS scores:	CVE-2018-14633 ( SUSE ): 8.8 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2018-14633 ( NVD ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2018-14633 ( NVD ): 7.0 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H CVE-2019-2024 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2019-2024 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-6974 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2019-6974 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-6974 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-7221 ( SUSE ): 7.5 CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H CVE-2019-7221 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-7222 ( SUSE ): 2.8 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N CVE-2019-7222 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2019-7222 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2019-9213 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-9213 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-9213 ( NVD ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Magnum Orchestration 7 SUSE Enterprise Storage 4 SUSE Linux Enterprise High Availability Extension 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 7

An update that solves six vulnerabilities and has 21 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).
• CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166).
• CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. (bnc#1107829).
• CVE-2019-7221: The KVM implementation in the Linux kernel had a Use-after-Free (bnc#1124732).
• CVE-2019-7222: The KVM implementation in the Linux kernel had an Information Leak (bnc#1124735).
• CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, which led to a use-after-free (bnc#1124728).

The following non-security bugs were fixed:

• copy_mount_string: Limit string length to PATH_MAX (bsc#1082943).
• enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959).
• ibmvscsi: Fix empty event pool access during host removal (bsc#1119019).
• ipv4: ipv6: Adjust the frag mem limit after truesize has been changed (bsc#1110286).
• kmps: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137).
• netfilter: ipv6: Adjust the frag mem limit after truesize has been changed (bsc#1110286).
• perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805).
• perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() (bsc#1121805).
• perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805).
• perf/x86/intel: Fix memory corruption (bsc#1121805).
• perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805).
• perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805).
• perf/x86/intel: Make cpuc allocations consistent (bsc#1121805).
• pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080).
• restore cond_resched() in shrink_dcache_parent() (bsc#1098599, bsc#1105402, bsc#1127758).
• rps: flow_dissector: Fix uninitialized flow_keys used in __skb_get_hash possibly (bsc#1108145).
• scsi: megaraid_sas: Send SYNCHRONIZE_CACHE for VD to firmware (bsc#1121698).
• scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() (bsc#1125315).
• x86: Add TSX Force Abort CPUID/MSR (bsc#1121805).
• x86: respect memory size limiting via mem= parameter (bsc#1117645).
• x86/spectre_v2: Do not check microcode versions when running under hypervisors (bsc#1122821).
• x86/xen: dont add memory above max allowed allocation (bsc#1117645).
• xen-netfront: Fix hang on device removal (bnc#1012382).
• xfrm: use complete IPv6 addresses for hash (bsc#1109330).
• xfs: remove filestream item xfs_inode reference (bsc#1127961).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE OpenStack Cloud 7
  zypper in -t patch SUSE-OpenStack-Cloud-7-2019-828=1
• Magnum Orchestration 7
  zypper in -t patch SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-828=1
• SUSE Linux Enterprise High Availability Extension 12 SP2
  zypper in -t patch SUSE-SLE-HA-12-SP2-2019-828=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2
  zypper in -t patch SUSE-SLE-HA-12-SP2-2019-828=1 SUSE-SLE-SAP-12-SP2-2019-828=1
• SUSE Linux Enterprise Point of Service Image Server 12 12-SP2
  zypper in -t patch SUSE-SLE-POS-12-SP2-CLIENT-2019-828=1
• SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-828=1
• SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-ESPOS-2019-828=1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2
  zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-828=1
• SUSE Enterprise Storage 4
  zypper in -t patch SUSE-Storage-4-2019-828=1

Package List:

• SUSE OpenStack Cloud 7 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE OpenStack Cloud 7 (x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE OpenStack Cloud 7 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• Magnum Orchestration 7 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• Magnum Orchestration 7 (x86_64)
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Linux Enterprise High Availability Extension 12 SP2 (ppc64le s390x x86_64)
  • dlm-kmp-default-debuginfo-4.4.121-92.104.1
  • ocfs2-kmp-default-4.4.121-92.104.1
  • dlm-kmp-default-4.4.121-92.104.1
  • cluster-network-kmp-default-debuginfo-4.4.121-92.104.1
  • cluster-network-kmp-default-4.4.121-92.104.1
  • ocfs2-kmp-default-debuginfo-4.4.121-92.104.1
  • cluster-md-kmp-default-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • gfs2-kmp-default-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
  • cluster-md-kmp-default-debuginfo-4.4.121-92.104.1
  • gfs2-kmp-default-debuginfo-4.4.121-92.104.1
• SUSE Linux Enterprise High Availability Extension 12 SP2 (nosrc)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (ppc64le x86_64)
  • dlm-kmp-default-debuginfo-4.4.121-92.104.1
  • ocfs2-kmp-default-4.4.121-92.104.1
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
  • dlm-kmp-default-4.4.121-92.104.1
  • cluster-network-kmp-default-debuginfo-4.4.121-92.104.1
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • cluster-network-kmp-default-4.4.121-92.104.1
  • ocfs2-kmp-default-debuginfo-4.4.121-92.104.1
  • kernel-default-base-4.4.121-92.104.1
  • cluster-md-kmp-default-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • gfs2-kmp-default-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • cluster-md-kmp-default-debuginfo-4.4.121-92.104.1
  • gfs2-kmp-default-debuginfo-4.4.121-92.104.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (nosrc ppc64le x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP2 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Linux Enterprise Point of Service Image Server 12 12-SP2 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 ESPOS 12-SP2 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (nosrc ppc64le s390x x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (ppc64le s390x x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (ppc64le x86_64)
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
• SUSE Linux Enterprise Server 12 SP2 LTSS 12-SP2 (s390x)
  • kernel-default-man-4.4.121-92.104.1
• SUSE Enterprise Storage 4 (nosrc x86_64)
  • kernel-default-4.4.121-92.104.1
• SUSE Enterprise Storage 4 (x86_64)
  • kernel-default-base-debuginfo-4.4.121-92.104.1
  • kgraft-patch-4_4_121-92_104-default-1-3.3.1
  • kernel-default-base-4.4.121-92.104.1
  • kernel-default-debuginfo-4.4.121-92.104.1
  • kernel-syms-4.4.121-92.104.1
  • kernel-default-devel-4.4.121-92.104.1
  • kernel-default-debugsource-4.4.121-92.104.1
• SUSE Enterprise Storage 4 (noarch)
  • kernel-source-4.4.121-92.104.1
  • kernel-macros-4.4.121-92.104.1
  • kernel-devel-4.4.121-92.104.1

References:

• https://www.suse.com/security/cve/CVE-2018-14633.html
• https://www.suse.com/security/cve/CVE-2019-2024.html
• https://www.suse.com/security/cve/CVE-2019-6974.html
• https://www.suse.com/security/cve/CVE-2019-7221.html
• https://www.suse.com/security/cve/CVE-2019-7222.html
• https://www.suse.com/security/cve/CVE-2019-9213.html
• https://bugzilla.suse.com/show_bug.cgi?id=1012382
• https://bugzilla.suse.com/show_bug.cgi?id=1075697
• https://bugzilla.suse.com/show_bug.cgi?id=1082943
• https://bugzilla.suse.com/show_bug.cgi?id=1098599
• https://bugzilla.suse.com/show_bug.cgi?id=1102959
• https://bugzilla.suse.com/show_bug.cgi?id=1105402
• https://bugzilla.suse.com/show_bug.cgi?id=1107829
• https://bugzilla.suse.com/show_bug.cgi?id=1108145
• https://bugzilla.suse.com/show_bug.cgi?id=1109137
• https://bugzilla.suse.com/show_bug.cgi?id=1109330
• https://bugzilla.suse.com/show_bug.cgi?id=1110286
• https://bugzilla.suse.com/show_bug.cgi?id=1117645
• https://bugzilla.suse.com/show_bug.cgi?id=1119019
• https://bugzilla.suse.com/show_bug.cgi?id=1120691
• https://bugzilla.suse.com/show_bug.cgi?id=1121698
• https://bugzilla.suse.com/show_bug.cgi?id=1121805
• https://bugzilla.suse.com/show_bug.cgi?id=1122821
• https://bugzilla.suse.com/show_bug.cgi?id=1124728
• https://bugzilla.suse.com/show_bug.cgi?id=1124732
• https://bugzilla.suse.com/show_bug.cgi?id=1124735
• https://bugzilla.suse.com/show_bug.cgi?id=1125315
• https://bugzilla.suse.com/show_bug.cgi?id=1127155
• https://bugzilla.suse.com/show_bug.cgi?id=1127758
• https://bugzilla.suse.com/show_bug.cgi?id=1127961
• https://bugzilla.suse.com/show_bug.cgi?id=1128166
• https://bugzilla.suse.com/show_bug.cgi?id=1129080
• https://bugzilla.suse.com/show_bug.cgi?id=1129179