Security update for the Linux Kernel
Announcement ID: | SUSE-SU-2020:1142-1 |
---|---|
Rating: | important |
References: |
|
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 13 vulnerabilities and has 157 security fixes can now be installed.
Description:
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-8834: KVM on Power8 processors had a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. Because of this, an attacker with the ability to run code in kernel space of a guest VM can cause the host kernel to panic (bnc#1168276).
- CVE-2020-11494: An issue was discovered in slc_bump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL (bnc#1168424).
- CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls (bnc#1167629).
- CVE-2019-9458: In the video driver there was a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed (bnc#1168295).
- CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a system crash (bnc#1120386).
- CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).
- CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S did not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).
- CVE-2020-2732: Fixed an issue where under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest (bnc#1163971).
- CVE-2020-8647: There was a use-after-free vulnerability in the vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929 1164078).
- CVE-2020-8649: There was a use-after-free vulnerability in the vgacon_invert_region function in drivers/video/console/vgacon.c (bnc#1162929 1162931).
- CVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it (bnc#1165111).
- CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function in kernel/trace/blktrace.c (bnc#1159285).
- CVE-2018-20836: Fixed an issue where a race condition in smp_task_timedout() and smp_task_done() cloud lead to a use-after-free (bnc#1134395).
The following non-security bugs were fixed:
- ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro (bsc#1051510).
- ACPI: watchdog: Fix gas->access_width usage (bsc#1051510).
- ahci: Add support for Amazon's Annapurna Labs SATA controller (bsc#1169013).
- ALSA: ali5451: remove redundant variable capture_flag (bsc#1051510).
- ALSA: core: Add snd_device_get_state() helper (bsc#1051510).
- ALSA: core: Replace zero-length array with flexible-array member (bsc#1051510).
- ALSA: emu10k1: Fix endianness annotations (bsc#1051510).
- ALSA: hda/ca0132 - Add Recon3Di quirk to handle integrated sound on EVGA X99 Classified motherboard (bsc#1051510).
- ALSA: hda/ca0132 - Replace zero-length array with flexible-array member (bsc#1051510).
- ALSA: hda_codec: Replace zero-length array with flexible-array member (bsc#1051510).
- ALSA: hda: default enable CA0132 DSP support (bsc#1051510).
- ALSA: hda: Fix potential access overflow in beep helper (bsc#1051510).
- ALSA: hda/realtek - Add Headset Button supported for ThinkPad X1 (bsc#1111666).
- ALSA: hda/realtek - Add Headset Mic supported (bsc#1111666).
- ALSA: hda/realtek - Add more codec supported Headset Button (bsc#1111666).
- ALSA: hda/realtek - a fake key event is triggered by running shutup (bsc#1051510).
- ALSA: hda/realtek - Apply quirk for MSI GP63, too (bsc#1111666).
- ALSA: hda/realtek - Apply quirk for yet another MSI laptop (bsc#1111666).
- ALSA: hda/realtek - Enable headset mic of Acer X2660G with ALC662 (git-fixes).
- ALSA: hda/realtek: Enable mute LED on an HP system (bsc#1051510).
- ALSA: hda/realtek - Enable the headset of Acer N50-600 with ALC662 (git-fixes).
- ALSA: hda/realtek - Enable the headset of ASUS B9450FA with ALC294 (bsc#1111666).
- ALSA: hda/realtek - Fix a regression for mute led on Lenovo Carbon X1 (bsc#1111666).
- ALSA: hda/realtek: Fix pop noise on ALC225 (git-fixes).
- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master (bsc#1111666).
- ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).
- ALSA: hda/realtek - Remove now-unnecessary XPS 13 headphone noise fixups (bsc#1051510).
- ALSA: hda/realtek - Set principled PC Beep configuration for ALC256 (bsc#1051510).
- ALSA: hda: remove redundant assignment to variable timeout (bsc#1051510).
- ALSA: hda: Use scnprintf() for string truncation (bsc#1051510).
- ALSA: hdsp: remove redundant assignment to variable err (bsc#1051510).
- ALSA: ice1724: Fix invalid access for enumerated ctl items (bsc#1051510).
- ALSA: info: remove redundant assignment to variable c (bsc#1051510).
- ALSA: korg1212: fix if-statement empty body warnings (bsc#1051510).
- ALSA: line6: Fix endless MIDI read loop (git-fixes).
- ALSA: pcm: Fix superfluous snprintf() usage (bsc#1051510).
- ALSA: pcm.h: add for_each_pcm_streams() (bsc#1051510).
- ALSA: pcm: oss: Avoid plugin buffer overflow (git-fixes).
- ALSA: pcm: oss: Fix regression by buffer overflow fix (bsc#1051510).
- ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks (git-fixes).
- ALSA: pcm: oss: Unlock mutex temporarily for sleeping at read/write (bsc#1051510).
- ALSA: pcm: Use a macro for parameter masks to reduce the needed cast (bsc#1051510).
- ALSA: seq: oss: Fix running status after receiving sysex (git-fixes).
- ALSA: seq: virmidi: Fix running status after receiving sysex (git-fixes).
- ALSA: usb-audio: Add boot quirk for MOTU M Series (bsc#1111666).
- ALSA: usb-audio: Add clock validity quirk for Denon MC7000/MCX8000 (bsc#1111666).
- ALSA: usb-audio: Add delayed_register option (bsc#1051510).
- ALSA: usb-audio: add implicit fb quirk for MOTU M Series (bsc#1111666).
- ALSA: usb-audio: add quirks for Line6 Helix devices fw>=2.82 (bsc#1111666).
- ALSA: usb-audio: Add support for MOTU MicroBook IIc (bsc#1051510).
- ALSA: usb-audio: Apply 48kHz fixed rate playback for Jabra Evolve 65 headset (bsc#1111666).
- ALSA: usb-audio: App