Security update for the Linux Kernel
Announcement ID: | SUSE-SU-2022:2116-1 |
---|---|
Rating: | important |
References: |
|
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves 17 vulnerabilities and has 26 security fixes can now be installed.
Description:
The SUSE Linux Enterprise 12 SP5 kernel was updated.
The following security bugs were fixed:
- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-1975: Fixed a bug that allows an attacker to crash the linux kernel by simulating nfc device from user-space. (bsc#1200143)
- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)
- CVE-2022-1966: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)
- CVE-2019-19377: Fixed an user-after-free that could be triggered when an attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)
- CVE-2022-21499: Reinforce the kernel lockdown feature, until now it's been trivial to break out of it with kgdb or kdb. (bsc#1199426)
- CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
- CVE-2021-39711: In bpf_prog_test_run_skb of test_run.c, there is a possible out of bounds read due to Incorrect Size Value. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1197219).
- CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).
- CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).
The following non-security bugs were fixed:
- ACPI: property: Release subnode properties with data nodes (git-fixes).
- ARM: 9110/1: oabi-compat: fix oabi epoll sparse warning (bsc#1129770)
- arm64: set plt* section addresses to 0x0 (git-fixes)
- arm64: Add missing ISB after invalidating TLB in __primary_switch (git-fixes)
- arm64: armv8_deprecated: Fix undef_hook mask for thumb setend (git-fixes)
- arm64: avoid -Woverride-init warning (git-fixes)
- arm64: berlin: Select DW_APB_TIMER_OF (git-fixes) Update arm64 default config too.
- arm64: Clear OSDLR_EL1 on CPU boot (git-fixes)
- arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == 1 (git-fixes).
- arm64: compat: Allow single-byte watchpoints on all addresses (git-fixes)
- arm64: compat: Reduce address limit (git-fixes)
- arm64: cpufeature: Fix feature comparison for CTR_EL0.{CWG,ERG} (git-fixes)
- arm64: cpufeature: Fix the type of no FP/SIMD capability (git-fixes)
- arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly (git-fixes)
- arm64: csum: Fix handling of bad packets (git-fixes)
- arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug (git-fixes)
- arm64: debug: Ensure debug handlers check triggering exception level (git-fixes)
- arm64: dts: marvell: Fix A37xx UART0 register size (git-fixes)
- arm64: entry: SP Alignment Fault does not write to FAR_EL1 (git-fixes)
- arm64: Extend workaround for erratum 1024718 to all versions of (git-fixes)
- arm64: Fix HCR.TGE status for NMI contexts (git-fixes)
- arm64: fix inline asm in load_unaligned_zeropad() (git-fixes)
- arm64: Fix size of __early_cpu_boot_status (git-fixes)
- arm64: fix the flush_icache_range arguments in machine_kexec (git-fixes)
- arm64: futex: Avoid copying out uninitialised stack in failed (git-fixes)
- arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP (git-fixes)
- arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (git-fixes)
- arm64: futex: Restore oldval initialization to work around buggy (git-fixes)
- arm64: hibernate: check pgd table allocation (git-fixes)
- arm64: hugetlb: avoid potential NULL dereference (git-fixes)
- arm64: hw_breakpoint: Do not invoke overflow handler on uaccess (git-fixes)
- arm64: kbuild: remove compressed images on 'make ARCH=arm64 (git-fixes)
- arm64: kdump: update ppos when reading elfcorehdr (git-fixes)
- arm64: kgdb: Fix single-step exception handling oops (git-fixes)
- arm64: kprobes: Recover pstate.D in single-step exception handler (git-fixes)
- arm64: module: remove (NOLOAD) from linker script (git-fixes)
- arm64: perf: Report the PC value in REGS_ABI_32 mode (git-fixes)
- arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations (git-fixes)
- arm64: ptrace: Override SPSR.SS when single-stepping is enabled (git-fixes)
- arm64: Relax GIC version check during early boot (git-fixes)
- arm64: Save and restore OSDLR_EL1 across suspend/resume (git-fixes)
- arm64: smp: fix crash_smp_send_stop() behaviour (git-fixes)
- arm64: smp: fix smp_send_stop() behaviour (git-fixes)
- arm64: uaccess: Ensure PAN is re-enabled after unhandled uaccess (git-fixes)
- arm64: uprobe: Return EOPNOTSUPP for AARCH32 instruction probing (git-fixes)
- arm64/iommu: handle non-remapped addresses in ->mmap and (git-fixes)
- arm64/mm: avoid fixmap race condition when create pud mapping (git-fixes)
- bonding: pair enable_port with slave_arr_updates (git-fixes).
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bsc#1199399).
- btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (bsc#1199839).
- cputime, cpuacct: Include guest time in user time in (git-fixes)
- crypto: arm64/aes-neonbs - do not access already-freed walk.iv (git-fixes)
- crypto: ixp4xx - dma_unmap the correct address (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (bsc#1197601).
- crypto: virtio - deal with unsupported input sizes (git-fixes).
- crypto: virtio: Fix dest length calculation in __virtio_crypto_skcipher_do_req() (git-fixes).
- drbd: fix an invalid memory access caused by incorrect use of list iterator (git-fixes).
- drbd: Fix five use after free bugs in get_initial_state (git-fixes).
- drivers: net: xgene: Fix regression in CRC stripping (git-fixes).
- drm/fb-helper: Mark screen buffers in system memory with (bsc#1129770)
- i40e: always propagate error value in i40e_set_vsi_promisc() (git-fixes).
- i40e: Fix MAC address setting for a VF via Host/VM (git-fixes).
- i40e: fix return of uninitialized aq_ret in i40e_set_vsi_promisc (git-fixes).
- i40e: Fix the conditional for i40e_vc_validate_vqs_bitmaps (git-fixes).
- i40e: Fix virtchnl_queue_select bitmap validation (git-fixes).
- i40e: Refactoring VF MAC filters counting to make more reliable (git-fixes).
- i40e: Remove scheduling while atomic possibility (git-fixes).
- iavf: Fix incorrect adapter get in iavf_resume (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- Input: appletouch - initialize work before device registration (git-fixes).
- Input: elantench - fix misreporting trackpoint coordinates (git-fixes).
- Input: spaceball - fix parsing of movement data packets (git-fixes).
- Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes).
- Input: ti_am335x_tsc - set ADCREFM for X configuration (git-fixes).
- Input: xpad - add support for another USB ID of Nacon GC-100 (git-fixes).
- KVM: arm64: Fix definition of PAGE_HYP_DEVICE (git-fixes)
- KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).
- KVM: PPC: Propagate errors to the guest when failed instead of ignoring (bsc#1061840 git-fixes).
- lpfc: Set default protocol support to FCP only (bsc#1194124 bsc#1198899).
- media: cpia2: fix control-message timeouts (git-fixes).
- media: cx23885: Fix snd_card_free call on null card pointer (git-fixes).
- media: dib0700: fix undefined behavior in tuner shutdown (git-fixes).
- media: dmxdev: fix UAF when dvb_register_device() fails (git-fixes).
- media: em28xx: fix control-message timeouts.
- media: flexcop-usb: fix control-message timeouts (git-fixes).
- media: mceusb: fix control-message timeouts (git-fixes).
- media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()' (git-fixes).
- media: netup_unidvb: Do not leak SPI master in probe error path (git-fixes).
- media: pvrusb2: fix control-message timeouts (git-fixes).
- media: redrat3: fix control-message timeouts (git-fixes).
- media: s2255: fix control-message timeouts (git-fixes).
- media: stk1160: fix control-message timeouts (git-fixes).
- media: vim2m: Remove surplus name initialization (git-fixes).
- mm, page_alloc: fix build_zonerefs_node() (git-fixes).
- net: bcmgenet: Do not claim WOL when its not available (git-fixes).
- net: mana: Add counter for packet dropped by XDP (bsc#1195651).
- net: mana: Add counter for XDP_TX (bsc#1195651).
- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).
- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651).
- net: mana: Reuse XDP dropped page (bsc#1195651).
- net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651).
- net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (git-fixes).
- net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (git-fixes).
- netfilter: conntrack: connection timeout after re-register (bsc#1199035).
- netfilter: conntrack: move synack init code to helper (bsc#1199035).
- netfilter: conntrack: re-init state for retransmitted syn-ack (bsc#1199035).
- netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options (bsc#1199035).
- netfilter: nf_conntrack_tcp: re-init for syn packets only (bsc#1199035).
- netfilter: nf_tables: disallow non-stateful expression in sets earlier (bsc#1200015).
- NFS: Do not invalidate inode attributes on delegation return (git-fixes).
- NFS: limit use of ACCESS cache for negative responses (bsc#1196570).
- PCI / ACPI: Mark expected switch fall-through (git-fixes).
- PCI: Do not enable AtomicOps on VFs (bsc#1129770)
- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).
- powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117 ltc#159753).
- powerpc: Remove Power8 DD1 from cputable (bsc#1055117 ltc#159753).
- powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask (bsc#1061840 git-fixes).
- powerpc/numa: Prefer node id queried from vphn (bsc#1199237 bsc#1200173 ltc#198329).
- powerpc/powernv: Get L1D flush requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Get STF barrier requirements from device-tree (bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess flushes (bsc#1188885 ltc#193722 git-fixes).
- powerpc/xive: Add some error handling code to 'xive_spapr_init()' (git-fixes).
- powerpc/xive: Fix refcount leak in xive_spapr_init (git-fixes).
- qed: display VF trust config (git-fixes).
- qed: return status of qed_iov_get_link (git-fixes).
- qed: validate and restrict untrusted VFs vlan promisc mode (git-fixes).
- revert scsi: qla2xxx: Changes to support FCP2 Target (bsc#1198438).
- sched/core: Add __sched tag for io_schedule() (git-fixes)
- sched/core: Fix comment regarding nr_iowait_cpu() and (git-fixes)
- sched/debug: Remove mpol_get/put and task_lock/unlock from (git-fixes)
- scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes).
- scsi: fnic: Fix a tracing statement (git-fixes).
- scsi: fnic: Replace DMA mask of 64 bits with 47 bits (bsc#1199631).
- scsi: hisi_sas: Change permission of parameter prot_mask (git-fixes).
- scsi: pm8001: Fix abort all task initialization (git-fixes).
- scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() (git-fixes).
- scsi: pm8001: Fix command initialization in pm80XX_send_read_log() (git-fixes).
- scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() (git-fixes).
- scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() (git-fixes).
- scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() (git-fixes).
- scsi: pm8001: Fix NCQ NON DATA command completion handling (git-fixes).
- scsi: pm8001: Fix NCQ NON DATA command task initialization (git-fixes).
- scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() (git-fixes).
- scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() (git-fixes).
- scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200045).
- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (bsc#1200045).
- scsi: qla2xxx: Remove free_sg command flag (bsc#1200045).
- scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200045).
- scsi: sr: Do not leak information in ioctl (git-fixes).
- scsi: virtio-scsi: Eliminate anonymous module_init and module_exit (git-fixes).
- scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() (git-fixes).
- smp: Fix offline cpu check in flush_smp_call_function_queue() (git-fixes).
- SUNRPC: Ensure gss-proxy connects on setup (git-fixes).
- SUNRPC: Ensure that the gssproxy client can start in a connected state (git-fixes).
- timekeeping: Really make sure wall_to_monotonic isn't (git-fixes)
- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (bsc#1065729).
- USB: cdc-wdm: fix reading stuck on device close (git-fixes).
- USB: dwc3: core: Only handle soft-reset in DCTL (git-fixes).
- USB: dwc3: gadget: Do not send unintended link state change (git-fixes).
- USB: hub: Fix locking issues with address0_mutex (git-fixes).
- USB: mtu3: fix USB 3.0 dual-role-switch from device to host (git-fixes).
- USB: quirks: add a Realtek card reader (git-fixes).
- USB: quirks: add STRING quirk for VCOM device (git-fixes).
- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (git-fixes).
- USB: serial: option: add Fibocom L610 modem (git-fixes).
- USB: serial: option: add Fibocom MA510 modem (git-fixes).
- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB (git-fixes).
- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (git-fixes).
- USB: serial: pl2303: add device id for HP LM930 Display (git-fixes).
- USB: serial: qcserial: add support for Sierra Wireless EM7590 (git-fixes).
- USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (git-fixes).
- veth: Ensure eth header is in skb's linear part (git-fixes).
- video: backlight: Drop maximum brightness override for brightness (bsc#1129770)
- video: hyperv_fb: Fix validation of screen resolution (bsc#1129770)
- vxlan: fix memleak of fdb (git-fixes).
- xhci: stop polling roothubs after shutdown (git-fixes).
Special Instructions and Notes:
- Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Server for SAP Applications 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2116=1 SUSE-SLE-HA-12-SP5-2022-2116=1
-
SUSE Linux Enterprise High Availability Extension 12 SP5
zypper in -t patch SUSE-SLE-HA-12-SP5-2022-2116=1
-
SUSE Linux Enterprise Live Patching 12-SP5
zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2022-2116=1
-
SUSE Linux Enterprise Software Development Kit 12 SP5
zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2116=1
-
SUSE Linux Enterprise High Performance Computing 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2116=1
-
SUSE Linux Enterprise Server 12 SP5
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2116=1
-
SUSE Linux Enterprise Workstation Extension 12 12-SP5
zypper in -t patch SUSE-SLE-WE-12-SP5-2022-2116=1
Package List:
-
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64)
- cluster-md-kmp-default-4.12.14-122.124.3
- kernel-default-base-debuginfo-4.12.14-122.124.3
- ocfs2-kmp-default-debuginfo-4.12.14-122.124.3
- kernel-default-debuginfo-4.12.14-122.124.3
- ocfs2-kmp-default-4.12.14-122.124.3
- kernel-default-debugsource-4.12.14-122.124.3
- kernel-default-base-4.12.14-122.124.3
- kernel-default-devel-4.12.14-122.124.3
- cluster-md-kmp-default-debuginfo-4.12.14-122.124.3
- gfs2-kmp-default-debuginfo-4.12.14-122.124.3
- kernel-syms-4.12.14-122.124.2
- dlm-kmp-default-debuginfo-4.12.14-122.124.3
- gfs2-kmp-default-4.12.14-122.124.3
- dlm-kmp-default-4.12.14-122.124.3
-
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64)
- kernel-default-4.12.14-122.124.3
-
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch)
- kernel-source-4.12.14-122.124.2
- kernel-macros-4.12.14-122.124.2
- kernel-devel-4.12.14-122.124.2
-
SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64)
- kernel-default-devel-debuginfo-4.12.14-122.124.3
-
SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64)
- cluster-md-kmp-default-4.12.14-122.124.3
- ocfs2-kmp-default-debuginfo-4.12.14-122.124.3
- kernel-default-debuginfo-4.12.14-122.124.3
- ocfs2-kmp-default-4.12.14-122.124.3
- kernel-default-debugsource-4.12.14-122.124.3
- cluster-md-kmp-default-debuginfo-4.12.14-122.124.3
- gfs2-kmp-default-debuginfo-4.12.14-122.124.3
- dlm-kmp-default-debuginfo-4.12.14-122.124.3
- gfs2-kmp-default-4.12.14-122.124.3
- dlm-kmp-default-4.12.14-122.124.3
-
SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc)
- kernel-default-4.12.14-122.124.3
-
SUSE Linux Enterprise Live Patching 12-SP5 (nosrc)
- kernel-default-4.12.14-122.124.3
-
SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64)
- kernel-default-debuginfo-4.12.14-122.124.3
- kernel-default-debugsource-4.12.14-122.124.3
- kgraft-patch-4_12_14-122_124-default-1-8.3.3
- kernel-default-kgraft-devel-4.12.14-122.124.3
- kernel-default-kgraft-4.12.14-122.124.3
-
SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc)
- kernel-docs-4.12.14-122.124.2
-
SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64)
- kernel-obs-build-debugsource-4.12.14-122.124.3
- kernel-obs-build-4.12.14-122.124.3
-
SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64)
- kernel-default-4.12.14-122.124.3
-
SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64)
- kernel-default-base-debuginfo-4.12.14-122.124.3
- kernel-default-devel-4.12.14-122.124.3
- kernel-default-debuginfo-4.12.14-122.124.3
- kernel-default-debugsource-4.12.14-122.124.3
- kernel-default-base-4.12.14-122.124.3
- kernel-syms-4.12.14-122.124.2
-
SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch)
- kernel-source-4.12.14-122.124.2
- kernel-macros-4.12.1