File _patchinfo of Package patchinfo.17048
<patchinfo incident="17048"> <issue id="1051510" tracker="bnc"></issue> <issue id="1058115" tracker="bnc">ORC tracker</issue> <issue id="1065600" tracker="bnc">Backports of upstream Xen-related kernel patches</issue> <issue id="1163524" tracker="bnc">Signature file for secure boot for the file /lib/s390-tools/stage3.bin is missing.</issue> <issue id="1166965" tracker="bnc">kernel-docs fail to build occasionally with python-Sphinx 2.4</issue> <issue id="1168468" tracker="bnc">UCS-path drop after firmware update, kernel bug in ../block/blk-core.c:3024!</issue> <issue id="1170232" tracker="bnc">Kernel spec self obsoletes</issue> <issue id="1170415" tracker="bnc">VUL-0: EMBARGOED: CVE-2020-8694: kernel-source: Intel RAPL sidechannel</issue> <issue id="1171675" tracker="bnc">fnic crashes upon boot in fnic_terminate_rport_io()</issue> <issue id="1172073" tracker="bnc">kernel-devel and kernel-source need Obsolete for previous package rebuilds of the same version</issue> <issue id="1173115" tracker="bnc">kernel updates lead to showing mok screen on reboot</issue> <issue id="1175228" tracker="bnc">Backport of 5500ab4ed3b8 "ocfs2: fix the application IO timeout when fstrim is running" patch [SLES 12 SP5]</issue> <issue id="1175882" tracker="bnc">pesign-obs-integration doesn't respect _binary_payload from the original .spec</issue> <issue id="1176011" tracker="bnc">VUL-0: CVE-2020-14381: kernel-source, kernel: referencing inode of removed superblock in get_futex_key() causes UAF</issue> <issue id="1176235" tracker="bnc">VUL-0: CVE-2020-14390: kernel-source: slab-out-of-bounds in fbcon_redraw_softback for latest linux</issue> <issue id="1176278" tracker="bnc">VUL-0: kernel-source: out-of-bounds BUG in function "vgacon_scrolldelta"</issue> <issue id="1176381" tracker="bnc">VUL-0: CVE-2020-25212: kernel-source: TOCTOU mismatch in the NFS client code</issue> <issue id="1176423" tracker="bnc">VUL-1: CVE-2020-0404: kernel-source: media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors</issue> <issue id="1176482" tracker="bnc">VUL-1: CVE-2020-25284: kernel-source: The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or</issue> <issue id="1176485" tracker="bnc">VUL-0: CVE-2020-25285: kernel-source: A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have u</issue> <issue id="1176698" tracker="bnc">%kernel_module_package didn't process -c option</issue> <issue id="1176721" tracker="bnc">VUL-1: CVE-2020-0432: kernel-source: possible out of bounds write in skb_to_mamac of networking.c</issue> <issue id="1176722" tracker="bnc">VUL-1: CVE-2020-0431: kernel-source: possible out of bounds write in kbd_keycode of keyboard.c</issue> <issue id="1176723" tracker="bnc">VUL-1: CVE-2020-0430: kernel-source: possible out of bounds read in skb_headlen of /include/linux/skbuff.h</issue> <issue id="1176725" tracker="bnc">VUL-1: CVE-2020-0427: kernel-source: possible out of bounds read in create_pinctrl of core.c</issue> <issue id="1176732" tracker="bnc">kernel-source-azure failed to build for x86_64 (No space left on device)</issue> <issue id="1176869" tracker="bnc">SLES 12 SP4 - Tainted Kernel - rpadlpar_io lacking DESCRIPTION</issue> <issue id="1176907" tracker="bnc">klp tests fail: btrfs related problems</issue> <issue id="1176935" tracker="bnc">su - pwpadm user hangs until Ctrl-C is pressed</issue> <issue id="1176950" tracker="bnc">System hung with thousands of processes in UN state waiting on NFS process</issue> <issue id="1176990" tracker="bnc">VUL-0: CVE-2020-26088: kernel-source: missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c allows local attackers to create raw sockets</issue> <issue id="1177027" tracker="bnc">[HUAWEI - NOT FOR THE USA]When will the CVE of nfs CVE-2020-25212 be release in SLES12 SP2 ref:_00D1igLOd._5001iStttG:ref</issue> <issue id="1177086" tracker="bnc">VUL-1: CVE-2020-14351: kernel-source: race in perf_mmap_close function</issue> <issue id="1177121" tracker="bnc">VUL-0: CVE-2020-25641: kernel-source: kernel: zero length bvec causing softlockups</issue> <issue id="1177206" tracker="bnc">VUL-0: CVE-2020-25643: kernel-source: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow</issue> <issue id="1177340" tracker="bnc">HPC cluster node hangs since update from SLES12 SP3 to SLES12 SP5</issue> <issue id="1177410" tracker="bnc">VUL-0: CVE-2020-27675: kernel-source: Race condition in Linux event handler may crash dom0 (XSA-331 v2)</issue> <issue id="1177411" tracker="bnc">VUL-0: CVE-2020-27673: kernel-source: Rogue guests can cause DoS of Dom0 via high frequency events (XSA-332 v2)</issue> <issue id="1177470" tracker="bnc">VUL-0: CVE-2020-16120: kernel-source: incorrect unprivileged overlayfs permission checking</issue> <issue id="1177511" tracker="bnc">VUL-0: CVE-2020-25645: kernel-source: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints</issue> <issue id="1177724" tracker="bnc">VUL-0: CVE-2020-12351: kernel-source: net: bluetooth: type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma"</issue> <issue id="1177725" tracker="bnc">VUL-0: CVE-2020-12352: kernel-source: net: bluetooth: information leak when processing certain AMP packets aka "BleedingTooth" aka "BadChoice"</issue> <issue id="1177766" tracker="bnc">VUL-1: CVE-2020-25656: kernel-source: concurrency use-after-free in vt_do_kdgkb_ioctl</issue> <issue id="1177816" tracker="bnc">Request to included a commit that adds a timeout to vmbus_wait_for_unload</issue> <issue id="1178330" tracker="bnc">Customer kernel module build leaves null.000i.ipa-clones after "make clean"</issue> <issue id="1131277" tracker="bnc">L3: System panic in btrfs_async_reclaim_metadata_space()->can_overcommit()</issue> <issue id="1160947" tracker="bnc">btrfs balance cancel takes eternity</issue> <issue id="1170139" tracker="bnc">umount of /proc after several application core dumps ref:_00D1igLOd._5001iN42Am:ref</issue> <issue id="1171417" tracker="bnc">Dead loop of balance which can't be canceled</issue> <issue id="1172366" tracker="bnc">btrfs balance in endless loop and couldn't be canceled</issue> <issue id="1173233" tracker="bnc">L3: Unable to handle kernel paging request for data at address 0x08850100</issue> <issue id="1175306" tracker="bnc">Partner-L3: Soft lockup call trace</issue> <issue id="1175721" tracker="bnc">VUL-0: CVE-2020-25705: kernel-source: New vulnerabilities in ICMP rate limiting (paper: DNS Cache Poisoning Attack Reloaded: Revolutions with SideChannels)</issue> <issue id="1176922" tracker="bnc">L3: System hang due to a massive amount of soft lockups in btrfs_drop_and_free_fs_root()</issue> <issue id="1178123" tracker="bnc">VUL-1: CVE-2020-25668: kernel-source: concurrency use-after-free in con_font_op</issue> <issue id="1178393" tracker="bnc">VUL-1: CVE-2020-25704: kernel-source: perf/core: Fix a leak in perf_event_parse_addr_filter()</issue> <issue id="1178669" tracker="bnc">L3: L3-Question: NFS client filesystems get unmounted on fail-over (stacked mount-points)</issue> <issue id="1178765" tracker="bnc">SLES 12 SP4 - increased cpu time consumption observed on shared LPAR compared to same workload on dedicated LPAR (performance) (found in SAP HANA on POWER testing)</issue> <issue id="1178782" tracker="bnc">VUL-0: CVE-2020-25705: SADDNS attack</issue> <issue id="1178838" tracker="bnc">Defaults for kernel.shmmax and kernel.shmall changed</issue> <issue id="2020-25705" tracker="cve" /> <issue id="2020-25704" tracker="cve" /> <issue id="2020-25668" tracker="cve" /> <issue id="2020-25656" tracker="cve" /> <issue id="2020-25285" tracker="cve" /> <issue id="2020-0430" tracker="cve" /> <issue id="2020-14351" tracker="cve" /> <issue id="2020-16120" tracker="cve" /> <issue id="2020-8694" tracker="cve" /> <issue id="2020-12351" tracker="cve" /> <issue id="2020-12352" tracker="cve" /> <issue id="2020-25212" tracker="cve" /> <issue id="2020-25645" tracker="cve" /> <issue id="2020-2521" tracker="cve" /> <issue id="2020-14381" tracker="cve" /> <issue id="2020-25643" tracker="cve" /> <issue id="2020-25641" tracker="cve" /> <issue id="2020-26088" tracker="cve" /> <issue id="2020-14390" tracker="cve" /> <issue id="2020-0432" tracker="cve" /> <issue id="2020-0427" tracker="cve" /> <issue id="2020-0431" tracker="cve" /> <issue id="2020-0404" tracker="cve" /> <issue id="2020-25284" tracker="cve" /> <issue id="2020-27673" tracker="cve" /> <issue id="2020-27675" tracker="cve" /> <category>security</category> <rating>important</rating> <packager>ematsumiya</packager> <reboot_needed/> <description> The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782). - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bnc#1178123). - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766). - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485). - CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723). - CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086). - CVE-2020-16120: Fixed a permissions issue in ovl_path_open() (bsc#1177470). - CVE-2020-8694: Restricted energy meter to root access (bsc#1170415). - CVE-2020-12351: Implemented a kABI workaround for bluetooth l2cap_ops filter addition (bsc#1177724). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka "BleedingTooth" (bsc#1177725). - CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code (bnc#1176381). - CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted (bnc#1177511). - CVE-2020-14381: Fixed a UAF in the fast user mutex (futex) wait operation (bsc#1176011). - CVE-2020-25643: Fixed an improper input validation in the ppp_cp_parse_cr function of the HDLC_PPP module (bnc#1177206). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). - CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990). - CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235). - CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721). - CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725). - CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722). - CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423). - CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482). - CVE-2020-27673: Fixed an issue where rogue guests could have caused denial of service of Dom0 via high frequency events (XSA-332 bsc#1177411) - CVE-2020-27675: Fixed a race condition in event handler which may crash dom0 (XSA-331 bsc#1177410). The following non-security bugs were fixed: - btrfs: remove root usage from can_overcommit (bsc#1131277). - hv: vmbus: Add timeout to vmbus_wait_for_unload (bsc#1177816). - hyperv_fb: disable superfluous VERSION_WIN10_V5 case (bsc#1175306). - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - livepatch: Add -fdump-ipa-clones to build (). Add support for -fdump-ipa-clones GCC option. Update config files accordingly. - livepatch: Test if -fdump-ipa-clones is really available As of now we add -fdump-ipa-clones unconditionally. It does not cause a trouble if the kernel is build with the supported toolchain. Otherwise it could fail easily. Do the correct thing and test for the availability. - NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340). - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139). - NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340). - NFSv4: do not mark all open state for recovery when handling recallable state revoked flag (bsc#1176935). - obsolete_kmp: provide newer version than the obsoleted one (boo#1170232). - ocfs2: give applications more IO opportunities during fstrim (bsc#1175228). - powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968). - rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243). - scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675). - scsi: qla2xxx: Do not consume srb greedily (bsc#1173233). - scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1173233). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411). - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411). - xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410). - xen/events: block rogue events for some time (XSA-332 bsc#1177411). - xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411). - xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600). - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411). - xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411). - xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411). - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600). </description> <summary>Security update for the Linux Kernel</summary> </patchinfo>
