Overview

File _patchinfo of Package patchinfo.24593

<patchinfo incident="24593">
  <issue id="1028340" tracker="bnc">BUG at ../drivers/scsi/device_handler/scsi_dh_alua.c:659 in SAS fail/unfail test</issue>
  <issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue>
  <issue id="1071995" tracker="bnc">[TRACKERBUG] SLE15 livepatch backports</issue>
  <issue id="1158266" tracker="bnc">VUL-0: CVE-2019-19377: kernel-source: mounting a crafted btrfs filesystem image can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c</issue>
  <issue id="1177282" tracker="bnc">VUL-1: CVE-2020-26541: kernel-source: Forbidden Signature Database (aka dbx) protection mechanism is not properly enforced</issue>
  <issue id="1191647" tracker="bnc">VUL-0: CVE-2021-20321: kernel-source,kernel-source-rt,kernel-source-azure: kernel: In Overlayfs missing a check for a negative dentry before calling vfs_rename()</issue>
  <issue id="1195651" tracker="bnc">net: mana: Add handling of CQE_RX_TRUNCATED</issue>
  <issue id="1195926" tracker="bnc">kernel-obs-build without systemd fails to start</issue>
  <issue id="1196114" tracker="bnc">Migration to 15 SP1 can't remove old kernel and modules</issue>
  <issue id="1196367" tracker="bnc">swapon process occasionally blocks - Need core analyzed</issue>
  <issue id="1196426" tracker="bnc">VUL-0: CVE-2021-33061: kernel-source-azure,kernel-source-rt,kernel-source: Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters results in denial of service</issue>
  <issue id="1196433" tracker="bnc">SLES 15 SP1 LPAR - sluggish I/O and device unit timeouts with vPMEM assigned</issue>
  <issue id="1196514" tracker="bnc">Unable to update from SLES-12-SP5 to SLES-15-SP1</issue>
  <issue id="1196570" tracker="bnc">L3: NFS -- old ACCESS reply info is not being flushed (NFS attribute cache)</issue>
  <issue id="1196942" tracker="bnc">[Build 101.1] openQA test fails in await_install - kernel-default-4.12.14-122.113.1.s390x: erase failed</issue>
  <issue id="1197157" tracker="bnc">After patching server CIFS mount to a Windows Share unable to copy files.</issue>
  <issue id="1197343" tracker="bnc">VUL-0: CVE-2022-1011: kernel-source-azure,kernel-source-rt,kernel-source: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes</issue>
  <issue id="1197472" tracker="bnc">VUL-1: CVE-2022-0168: kernel-source,kernel-source-rt,kernel-source-azure: smb2_ioctl_query_info NULL Pointer Dereference</issue>
  <issue id="1197656" tracker="bnc">Longhorn and its Backing image feature doesn't work if /var/lib/longhorn is stored on DASD with EXT4</issue>
  <issue id="1197660" tracker="bnc">VUL-0: CVE-2022-1158: kernel-source: cmpxchg_gpte mishandles VM_IO|VM_PFNMAP page</issue>
  <issue id="1197895" tracker="bnc">Corosync is taking all of the two CPU allocated to the Guest</issue>
  <issue id="1198330" tracker="bnc">VUL-0: CVE-2022-28893: kernel-source: Linux kernel: Use after free in SUNRPC subsystem</issue>
  <issue id="1198400" tracker="bnc">VUL-0: kernel: save/restore speculative MSRs during S3 suspend/resume</issue>
  <issue id="1198484" tracker="bnc">Regression in kernel-obs-build update 5.3.18-150300.59.60.4</issue>
  <issue id="1198516" tracker="bnc">VUL-0: CVE-2022-1353: kernel-source: information leak issue in pfkey_register in net/key/af_key.c</issue>
  <issue id="1198577" tracker="bnc">VUL-0: CVE-2022-1184: kernel: use-after-free and memory errors in ext4 when mounting and operating on a corrupted image</issue>
  <issue id="1198660" tracker="bnc">Request SUSE to pick up this kernel upstream patch in SLES 15 3, SLES 15 SP 2 and SLES 12 SP 5 releases to fix a potential drmgr add/remove crash issue</issue>
  <issue id="1198687" tracker="bnc">[EAR - NOT FOR USA Citizens] PTF requests fo kernel fixing CVE-2022-1011 in SLES11 SP3 LTSS– Core</issue>
  <issue id="1198778" tracker="bnc">Backport ENA driver for 15 SP2 kernel</issue>
  <issue id="1198825" tracker="bnc">L3: kernel BUG at ../drivers/scsi/device_handler/scsi_dh_alua.c:668 - ref:_00D1igLOd._5005q4TbAL:ref</issue>
  <issue id="1199012" tracker="bnc">VUL-0: CVE-2022-1516: kernel-source-rt,kernel-source,kernel-source-azure: null-ptr-deref caused by x25_disconnect</issue>
  <issue id="1199063" tracker="bnc">VUL-0: CVE-2022-1652: kernel-source,kernel-source-rt,kernel-source-azure: We found a concurrency use-after-free in bad_flp_intr for latest kernel version</issue>
  <issue id="1199314" tracker="bnc">[Azure] PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time</issue>
  <issue id="1199505" tracker="bnc">VUL-0: CVE-2022-30594: kernel-source,kernel-source-azure,kernel-source-rt: mishandled seccomp permissions</issue>
  <issue id="1199507" tracker="bnc">VUL-0: CVE-2022-1729: kernel-source: kernel/core: race condition in perf_event_open leads to privilege escalation</issue>
  <issue id="1199605" tracker="bnc">VUL-0: CVE-2022-1734: kernel-source,kernel-source-azure,kernel-source-rt: Use-After-Free in NFC driver in nfcmrvl_nci_unregister_dev when simulating NFC device from user-space</issue>
  <issue id="1199650" tracker="bnc">VUL-0: EMBARGOED: CVE-2022-21166, CVE-2022-21127, CVE-2022-21123, CVE-2022-21125, CVE-2022-21180: kernel: stale MMIO data transient information leaks (INTEL-TA-00615)</issue>
  <issue id="1199918" tracker="bnc">SLE15-SP2: ping -I on link local address is failing with ping: sendmsg: Invalid argument</issue>
  <issue id="1200015" tracker="bnc">VUL-0: CVE-2022-1966: kernel: use-after-free in the netfilter subsystem</issue>
  <issue id="1200143" tracker="bnc">VUL-0: CVE-2022-1975: kernel-source,kernel-source-azure,kernel-source-rt: sleep in atomic bug when firmware download timeout</issue>
  <issue id="1200144" tracker="bnc">VUL-0: CVE-2022-1974: kernel-source-rt,kernel-source,kernel-source-azure: use-after-free in /net/nfc/core.c causes kernel crash by simulating nfc device from user-space</issue>
  <issue id="1200249" tracker="bnc">SLE15-SP3/armv7l/lpae: NEW WARNINGS (4c788136)</issue>
  <issue id="2022-1966" tracker="cve" />
  <issue id="2022-1975" tracker="cve" />
  <issue id="2022-1974" tracker="cve" />
  <issue id="2020-26541" tracker="cve" />
  <issue id="2019-19377" tracker="cve" />
  <issue id="2022-21166" tracker="cve" />
  <issue id="2022-21127" tracker="cve" />
  <issue id="2022-21123" tracker="cve" />
  <issue id="2022-21125" tracker="cve" />
  <issue id="2022-21180" tracker="cve" />
  <issue id="2022-1729" tracker="cve" />
  <issue id="2022-1184" tracker="cve" />
  <issue id="2022-1652" tracker="cve" />
  <issue id="2022-1734" tracker="cve" />
  <issue id="2022-30594" tracker="cve" />
  <issue id="2022-0168" tracker="cve" />
  <issue id="2021-33061" tracker="cve" />
  <issue id="2022-1516" tracker="cve" />
  <issue id="2021-20321" tracker="cve" />
  <issue id="2022-1158" tracker="cve" />
  <issue id="2022-1353" tracker="cve" />
  <issue id="2022-28893" tracker="cve" />
  <issue id="2022-1011" tracker="cve" />
  <issue id="SLE-18234" tracker="jsc" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <reboot_needed/>
  <description>
The SUSE Linux Enterprise 15 SP2 kernel was updated.

The following security bugs were fixed:

- CVE-2022-0168: Fixed a NULL pointer dereference in smb2_ioctl_query_info. (bsc#1197472)
- CVE-2022-1966: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015)
- CVE-2022-28893: Ensuring that sockets are in the intended state inside the SUNRPC subsystem (bnc#1198330).
- CVE-2022-1158: Fixed KVM x86/mmu compare-and-exchange of gPTE via the user address (bsc#1197660).
- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. (bsc#1199650)
- CVE-2022-1975: Fixed a bug that allows an attacker to crash the linux kernel by simulating nfc device from user-space. (bsc#1200143)
- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by simulating an nfc device from user-space. (bsc#1200144)
- CVE-2020-26541: Enforce the secure boot forbidden signature database (aka dbx) protection mechanism. (bnc#1177282)
- CVE-2019-19377: Fixed an user-after-free that could be triggered when an attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self (bsc#1199507).
- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when mounting and operating on a corrupted image. (bsc#1198577)
- CVE-2022-1652: Fixed a statically allocated error counter inside the floppy kernel module (bsc#1199063).
- CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605)
- CVE-2022-30594: Fixed restriction bypass on setting the PT_SUSPEND_SECCOMP flag (bnc#1199505).
- CVE-2021-33061: Fixed insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1196426).
- CVE-2022-1516: Fixed null-ptr-deref caused by x25_disconnect (bsc#1199012).
- CVE-2021-20321: Fixed a race condition accessing file object in the OverlayFS subsystem in the way users do rename in specific way with OverlayFS. A local user could have used this flaw to crash the system (bnc#1191647).
- CVE-2022-1353: Fixed access controll to kernel memory in the pfkey_register function in net/key/af_key.c. (bnc#1198516)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)

The following non-security bugs were fixed:

- btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
- cifs: fix bad fids sent over wire (bsc#1197157).
- direct-io: clean up error paths of do_blockdev_direct_IO (bsc#1197656).
- direct-io: defer alignment check until after the EOF check (bsc#1197656).
- direct-io: do not force writeback for reads beyond EOF (bsc#1197656).
- net: ena: A typo fix in the file ena_com.h (bsc#1198778).
- net: ena: Add capabilities field with support for ENI stats capability (bsc#1198778).
- net: ena: Add debug prints for invalid req_id resets (bsc#1198778).
- net: ena: add device distinct log prefix to files (bsc#1198778).
- net: ena: add jiffies of last napi call to stats (bsc#1198778).
- net: ena: aggregate doorbell common operations into a function (bsc#1198778).
- net: ena: aggregate stats increase into a function (bsc#1198778).
- net: ena: Change ENI stats support check to use capabilities field (bsc#1198778).
- net: ena: Change return value of ena_calc_io_queue_size() to void (bsc#1198778).
- net: ena: Change the name of bad_csum variable (bsc#1198778).
- net: ena: Extract recurring driver reset code into a function (bsc#1198778).
- net: ena: fix coding style nits (bsc#1198778).
- net: ena: fix DMA mapping function issues in XDP (bsc#1198778).
- net: ena: Fix error handling when calculating max IO queues number (bsc#1198778).
- net: ena: fix inaccurate print type (bsc#1198778).
- net: ena: Fix undefined state when tx request id is out of bounds (bsc#1198778).
- net: ena: Fix wrong rx request id by resetting device (bsc#1198778).
- net: ena: Improve error logging in driver (bsc#1198778).
- net: ena: introduce ndo_xdp_xmit() function for XDP_REDIRECT (bsc#1198778).
- net: ena: introduce XDP redirect implementation (bsc#1198778).
- net: ena: make symbol 'ena_alloc_map_page' static (bsc#1198778).
- net: ena: Move reset completion print to the reset function (bsc#1198778).
- net: ena: optimize data access in fast-path code (bsc#1198778).
- net: ena: re-organize code to improve readability (bsc#1198778).
- net: ena: Remove ena_calc_queue_size_ctx struct (bsc#1198778).
- net: ena: remove extra words from comments (bsc#1198778).
- net: ena: Remove module param and change message severity (bsc#1198778).
- net: ena: Remove rcu_read_lock() around XDP program invocation (bsc#1198778).
- net: ena: Remove redundant return code check (bsc#1198778).
- net: ena: Remove unused code (bsc#1198778).
- net: ena: store values in their appropriate variables types (bsc#1198778).
- net: ena: Update XDP verdict upon failure (bsc#1198778).
- net: ena: use build_skb() in RX path (bsc#1198778).
- net: ena: use constant value for net_device allocation (bsc#1198778).
- net: ena: Use dev_alloc() in RX buffer allocation (bsc#1198778).
- net: ena: use xdp_frame in XDP TX flow (bsc#1198778).
- net: ena: use xdp_return_frame() to free xdp frames (bsc#1198778).
- net: mana: Add counter for packet dropped by XDP (bsc#1195651).
- net: mana: Add counter for XDP_TX (bsc#1195651).
- net: mana: Add handling of CQE_RX_TRUNCATED (bsc#1195651).
- net: mana: Remove unnecessary check of cqe_type in mana_process_rx_cqe() (bsc#1195651).
- net: mana: Reuse XDP dropped page (bsc#1195651).
- net: mana: Use struct_size() helper in mana_gd_create_dma_region() (bsc#1195651).
- NFS: limit use of ACCESS cache for negative responses (bsc#1196570).
- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (bsc#1199314).
- ping: fix the sk_bound_dev_if match in ping_lookup (bsc#1199918).
- ping: remove pr_err from ping_lookup (bsc#1199918).
- powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449).
- powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729 bsc#1198660 ltc#197803).
- sched/rt: Disable RT_RUNTIME_SHARE by default (bnc#1197895).
- scsi: scsi_dh_alua: Avoid crash during alua_bus_detach() (bsc#1028340 bsc#1198825).
- SUNRPC: change locking for xs_swap_enable/disable (bsc#1196367).
- video: hyperv_fb: Fix validation of screen resolution (git-fixes).
- x86/pm: Save the MSR validity status at context setup (bsc#1198400).
- x86/speculation: Restore speculation related MSRs during S3 resume (bsc#1198400).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places