Security update for the Linux Kernel
Announcement ID: | SUSE-SU-2019:3294-1 |
---|---|
Rating: | important |
References: |
|
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 16 vulnerabilities and has 124 security fixes can now be installed.
Description:
The SUSE Linux Enterprise 12 SP4 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which might have led denial of service (bsc#1149448).
- CVE-2019-0154: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable denial of service via local access (bsc#1135966).
- CVE-2019-0155: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135967).
- CVE-2019-16231: Fixed a NULL pointer dereference due to lack of checking the alloc_workqueue return value (bsc#1150466).
- CVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt() leading to a denial of service or possibly unspecified other impact (bsc#1156187).
- CVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to restrict unprivileged users to create a raw socket (bsc#1152782).
- CVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may have caused denial of service (bsc#1152685).
- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described "Microarchitectural Data Sampling" attack.(bsc#1139073). The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW). The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251
- CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457).
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.
- CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903)
- CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).
- CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465).
- CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).
- CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).
- CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).
The following non-security bugs were fixed:
- 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
- ACPI / CPPC: do not require the _PSD method (bsc#1051510).
- ACPI: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).
- ACPI / processor: do not print errors for processorIDs == 0xff (bsc#1051510).
- act_mirred: Fix mirred_init_module error handling (bsc#1051510).
- Add kernel module compression support (bsc#1135854) For enabling the kernel module compress, add the item COMPRESS_MODULES="xz" in config.sh, then mkspec will pass it to the spec file.
- alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (bsc#1151680).
- ALSA: bebob: Fix prototype of helper function to return negative value (bsc#1051510).
- ALSA: bebob: fix to detect configured source of sampling clock for Focusrite Saffire Pro i/o series (git-fixes).
- ALSA: hda: Add Cometlake-S PCI ID (git-fixes).
- ALSA: hda: Add Elkhart Lake PCI ID (bsc#1051510).
- ALSA: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
- ALSA: hda: Add support of Zhaoxin controller (bsc#1051510).
- ALSA: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
- ALSA: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).
- ALSA: hda/ca0132 - Fix possible workqueue stall (bsc#1155836).
- ALSA: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).
- ALSA: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
- ALSA: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).
- ALSA: hda: Flush interrupts on disabling (bsc#1051510).
- ALSA: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).
- ALSA: hda - Inform too slow responses (bsc#1051510).
- ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).
- ALSA: hda/realtek - Add support for ALC623 (bsc#1051510).
- ALSA: hda/realtek - Add support for ALC711 (bsc#1051510).
- ALSA: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).
- ALSA: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).
- ALSA: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
- ALSA: hda/realtek - Fix alienware headset mic (bsc#1051510).
- ALSA: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).
- ALSA: hda: Set fifo_size for both playback and capture streams (bsc#1051510).
- ALSA: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
- ALSA: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510).
- ALSA: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510).
- ALSA: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
- ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).
- ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).
- ALSA: timer: Fix mutex deadlock at releasing card (bsc#1051510).
- ALSA: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
- ALSA: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
- ALSA: usb-audio: Fix missing error check at mixer resolution test (git-fixes).
- ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).
- ALSA: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).
- appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).
- arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver and mark driver omap-rng as supported.
- ASoC: Define a set of DAPM pre/post-up events (bsc#1051510).
- ASoC: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510).
- ASoC: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
- ASoC: Intel: NHLT: Fix debug print format (bsc#1051510).
- ASoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
- ASoC: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).
- ASoC: sgtl5000: Fix charge pump source assignment (bsc#1051510).
- auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).
- ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
- Blacklist "signal: Correct namespace fixups of si_pid and si_uid" (bsc#1142667)
- blk-wbt: abstract out end IO completion handler (bsc#1135873).
- blk-wbt: fix has-sleeper queueing check (bsc#1135873).
- blk-wbt: improve waking of tasks (bsc#1135873).
- blk-wbt: move disable check into get_limit() (bsc#1135873).
- blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
- block: add io timeout to sysfs (bsc#1148410).
- block: do not show io_timeout if driver has no timeout handler (bsc#1148410).
- Bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).
- bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
- bpf: fix use after free in prog symbol exposure (bsc#1083647).
- bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
- Btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
- Btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).
- Btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).
- Btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).
- Btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).
- Btrfs: fix log context list corruption after rename exchange operation (bsc#1156494).
- Btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).
- Btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).
- Btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
- Btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).
- can: dev: call netif_carrier_off() in