Security update for the Linux Kernel

Announcement ID: SUSE-SU-2020:2972-1
Rating: critical
References:
Cross-References:
CVSS scores:
  • CVE-2020-12351 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-12351 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-12352 ( SUSE ): 3.1 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2020-12352 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-25645 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-25645 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
  • Basesystem Module 15-SP1
  • Development Tools Module 15-SP1
  • Legacy Module 15-SP1
  • SUSE Linux Enterprise Desktop 15 SP1
  • SUSE Linux Enterprise High Availability Extension 15 SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise Live Patching 15-SP1
  • SUSE Linux Enterprise Real Time 15 SP1
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server 15 SP1 Business Critical Linux 15-SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Linux Enterprise Workstation Extension 15 SP1
  • SUSE Manager Proxy 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0

An update that solves three vulnerabilities and has 10 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" (bsc#1177724).
  • CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka "BleedingTooth" aka "BadChoice" (bsc#1177725).
  • CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511).

The following non-security bugs were fixed:

  • drm/sun4i: mixer: Extend regmap max_register (git-fixes).
  • i2c: meson: fix clock setting overwrite (git-fixes).
  • iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
  • mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
  • macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).
  • mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
  • mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685).
  • NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340).
  • NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).
  • nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). add two previous futile attempts to fix the bug to blacklist.conf
  • nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
  • nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
  • nvme: fix possible io failures when removing multipathed ns (bsc#1174748).
  • nvme: make nvme_identify_ns propagate errors back (bsc#1174748). Refresh: - patches.suse/nvme-flush-scan_work-when-resetting-controller.patch
  • nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
  • nvme-multipath: do not reset on unknown status (bsc#1174748).
  • nvme: Namepace identification descriptor list is optional (bsc#1174748).
  • nvme: pass status to nvme_error_status (bsc#1174748).
  • nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
  • nvme: return error from nvme_alloc_ns() (bsc#1174748).
  • powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
  • scsi-hisi-kabi-fixes.patch
  • scsi-hisi-kabi-fixes.patch
  • scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683).
  • scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
  • scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683).
  • scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683).
  • scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683).
  • scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
  • scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683).
  • scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh:
  • scsi-hisi_sas-Issue-internal-abort-on-all-relevant-q.patch
  • scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update:
  • scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
  • scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).

Special Instructions and Notes:

  • Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • Basesystem Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2972=1
  • Development Tools Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-2972=1
  • Legacy Module 15-SP1
    zypper in -t patch SUSE-SLE-Module-Legacy-15-SP1-2020-2972=1
  • SUSE Linux Enterprise Live Patching 15-SP1
    zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2020-2972=1
    Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates.
  • SUSE Linux Enterprise High Availability Extension 15 SP1
    zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2020-2972=1
  • SUSE Linux Enterprise Workstation Extension 15 SP1
    zypper in -t patch SUSE-SLE-Product-WE-15-SP1-2020-2972=1

Package List:

  • Basesystem Module 15-SP1 (aarch64 ppc64le s390x x86_64 nosrc)
    • kernel-default-4.12.14-197.64.1
  • Basesystem Module 15-SP1 (aarch64 ppc64le s390x x86_64)
    • kernel-default-base-4.12.14-197.64.1
    • kernel-default-devel-4.12.14-197.64.1
    • kernel-default-devel-debuginfo-4.12.14-197.64.1
    • kernel-default-debuginfo-4.12.14-197.64.1
    • kernel-default-base-debuginfo-4.12.14-197.64.1
    • kernel-default-debugsource-4.12.14-197.64.1
  • Basesystem Module 15-SP1 (noarch)
    • kernel-devel-4.12.14-197.64.1
    • kernel-macros-4.12.14-197.64.1
  • Basesystem Module 15-SP1 (s390x)
    • kernel-default-man-4.12.14-197.64.1
    • kernel-zfcpdump-debuginfo-4.12.14-197.64.1
    • kernel-zfcpdump-debugsource-4.12.14-197.64.1
  • Basesystem Module 15-SP1 (nosrc)
    • kernel-zfcpdump-4.12.14-197.64.1
  • Development Tools Module 15-SP1 (noarch nosrc)
    • kernel-docs-4.12.14-197.64.1
  • Development Tools Module 15-SP1 (aarch64 ppc64le s390x x86_64)
    • kernel-obs-build-4.12.14-197.64.1
    • kernel-syms-4.12.14-197.64.1
    • kernel-obs-build-debugsource-4.12.14-197.64.1
  • Development Tools Module 15-SP1 (noarch)
    • kernel-source-4.12.14-197.64.1
  • Legacy Module 15-SP1 (nosrc)
    • kernel-default-4.12.14-197.64.1
  • Legacy Module 15-SP1 (aarch64 ppc64le s390x x86_64)
    • kernel-default-debuginfo-4.12.14-197.64.1
    • kernel-default-debugsource-4.12.14-197.64.1
    • reiserfs-kmp-default-debuginfo-4.12.14-197.64.1
    • reiserfs-kmp-default-4.12.14-197.64.1
  • SUSE Linux Enterprise Live Patching 15-SP1 (nosrc)
    • kernel-default-4.12.14-197.64.1
  • SUSE Linux Enterprise Live Patching 15-SP1 (ppc64le x86_64)
    • kernel-default-livepatch-devel-4.12.14-197.64.1
    • kernel-default-livepatch-4.12.14-197.64.1
    • kernel-default-debuginfo-4.12.14-197.64.1
    • kernel-default-debugsource-4.12.14-197.64.1
    • kernel-livepatch-4_12_14-197_64-default-1-3.3.1
  • SUSE Linux Enterprise High Availability Extension 15 SP1 (aarch64 ppc64le s390x x86_64)
    • cluster-md-kmp-default-4.12.14-197.64.1
    • cluster-md-kmp-default-debuginfo-4.12.14-197.64.1
    • dlm-kmp-default-debuginfo-4.12.14-197.64.1
    • ocfs2-kmp-default-debuginfo-4.12.14-197.64.1
    • dlm-kmp-default-4.12.14-197.64.1
    • gfs2-kmp-default-debuginfo-4.12.14-197.64.1
    • kernel-default-debuginfo-4.12.14-197.64.1
    • gfs2-kmp-default-4.12.14-197.64.1
    • ocfs2-kmp-default-4.12.14-197.64.1
    • kernel-default-debugsource-4.12.14-197.64.1
  • SUSE Linux Enterprise High Availability Extension 15 SP1 (nosrc)
    • kernel-default-4.12.14-197.64.1
  • SUSE Linux Enterprise Workstation Extension 15 SP1 (nosrc)
    • kernel-default-4.12.14-197.64.1
  • SUSE Linux Enterprise Workstation Extension 15 SP1 (x86_64)
    • kernel-default-debuginfo-4.12.14-197.64.1
    • kernel-default-debugsource-4.12.14-197.64.1
    • kernel-default-extra-4.12.14-197.64.1
    • kernel-default-extra-debuginfo-4.12.14-197.64.1

References: