SUSE-SU-2021:0094-1
Vulnerability from csaf_suse - Published: 2021-01-12 18:14 - Updated: 2021-01-12 18:14Summary
Security update for the Linux Kernel
Severity
Moderate
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).
- CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).
- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
- CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027).
- CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
- CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).
- CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).
The following non-security bugs were fixed:
- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).
- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).
- ALSA: hda: Fix regressions on clear and reconfig sysfs (git-fixes).
- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).
- ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (git-fixes).
- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).
- ASoC: pcm: DRAIN support reactivation (git-fixes).
- ASoC: wm8998: Fix PM disable depth imbalance on error (git-fixes).
- ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (git-fixes).
- ath10k: Fix an error handling path (git-fixes).
- ath10k: Release some resources in an error handling path (git-fixes).
- ath10k: Remove msdu from idr when management pkt send fails (git-fixes).
- ath6kl: fix enum-conversion warning (git-fixes).
- Bluetooth: btusb: Fix detection of some fake CSR controllers with a bcdDevice val of 0x0134 (git-fixes).
- Bluetooth: Fix null pointer dereference in hci_event_packet() (git-fixes).
- Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (git-fixes).
- btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).
- btrfs: fix use-after-free on readahead extent after failure to create it (bsc#1179963).
- btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1174784).
- bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (git-fixes).
- can: mcp251x: add error check when wq alloc failed (git-fixes).
- can: softing: softing_netdev_open(): fix error handling (git-fixes).
- cirrus: cs89x0: remove set but not used variable 'lp' (git-fixes).
- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify code (git-fixes).
- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).
- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: af_alg - avoid undefined behavior accessing salg_name (git-fixes).
- crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (git-fixes).
- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (git-fixes).
- crypto: talitos - Fix return type of current_desc_hdr() (git-fixes).
- cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (git-fixes).
- drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (git-fixes).
- drm/amd/display: remove useless if/else (git-fixes).
- drm/amdgpu: fix build_coefficients() argument (git-fixes).
- drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (git-fixes).
- drm/gma500: fix double free of gma_connector (git-fixes).
- drm/meson: dw-hdmi: Register a callback to disable the regulator (git-fixes).
- drm/msm/dpu: Add newline to printks (git-fixes).
- drm/msm/dsi_phy_10nm: implement PHY disabling (git-fixes).
- drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (git-fixes).
- drm/rockchip: Avoid uninitialized use of endpoint id in LVDS (git-fixes).
- EDAC/i10nm: Use readl() to access MMIO registers (12sp5).
- epoll: Keep a reference on files added to the check list (bsc#1180031).
- ext4: correctly report 'not supported' for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672).
- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- ext4: fix invalid inode checksum (bsc#1179723).
- ext4: fix leaking sysfs kobject after failed mount (bsc#1179670).
- ext4: limit entries returned when counting fsmap records (bsc#1179671).
- ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673).
- extcon: max77693: Fix modalias string (git-fixes).
- fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes).
- forcedeth: use per cpu to collect xmit/recv statistics (git-fixes).
- fs: Do not invalidate page buffers in block_write_full_page() (bsc#1179711).
- genirq/irqdomain: Add an irq_create_mapping_affinity() function (bsc#1065729).
- HID: Add another Primax PIXART OEM mouse quirk (git-fixes).
- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).
- HSI: omap_ssi: Do not jump to free ID in ssi_add_controller() (git-fixes).
- ibmvnic: add some debugs (bsc#1179896 ltc#190255).
- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231 git-fixes).
- ibmvnic: continue fatal error reset after passive init (bsc#1171078 ltc#184239 git-fixes).
- ibmvnic: delay next reset if hard reset fails (bsc#1094840 ltc#167098 git-fixes).
- ibmvnic: enhance resetting status check during module exit (bsc#1065729).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431 ltc#171853 git-fixes).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (bsc#1040855 ltc#155067 git-fixes).
- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231 git-fixes).
- ibmvnic: notify peers when failover and migration happen (bsc#1044120 ltc#155423 git-fixes).
- ibmvnic: restore adapter state on failed reset (bsc#1152457 ltc#174432 git-fixes).
- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (git-fixes).
- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).
- inet_ecn: Fix endianness of checksum update when setting ECT(1) (git-fixes).
- Input: ads7846 - fix integer overflow on Rt calculation (git-fixes).
- Input: ads7846 - fix race that causes missing releases (git-fixes).
- Input: ads7846 - fix unaligned access on 7845 (git-fixes).
- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).
- Input: i8042 - add ByteSpeed touchpad to noloop table (git-fixes).
- Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists (git-fixes).
- Input: omap4-keypad - fix runtime PM error handling (git-fixes).
- Input: trackpoint - add new trackpoint variant IDs (git-fixes).
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- Input: xpad - support Ardwiino Controllers (git-fixes).
- kABI fix for g2d (git-fixes).
- kABI workaround for dsa/b53 changes (git-fixes).
- kABI workaround for net/ipvlan changes (git-fixes).
- kABI: ath10k: move a new structure member to the end (git-fixes).
- kABI: genirq: add back irq_create_mapping (bsc#1065729).
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install
- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- kgdb: Fix spurious true from in_dbg_master() (git-fixes).
- KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (bsc#1112178).
- mac80211: do not set set TDLS STA bandwidth wider than possible (git-fixes).
- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).
- matroxfb: avoid -Warray-bounds warning (git-fixes).
- md/raid5: fix oops during stripe resizing (git-fixes).
- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (git-fixes).
- media: s5p-g2d: Fix a memory leak in an error handling path in 'g2d_probe()' (git-fixes).
- media: saa7146: fix array overflow in vidioc_s_audio() (git-fixes).
- media: siano: fix memory leak of debugfs members in smsdvb_hotplug (git-fixes).
- media: solo6x10: fix missing snd_card_free in error handling case (git-fixes).
- media: uvcvideo: Set media controller entity functions (git-fixes).
- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- memstick: fix a double-free bug in memstick_check (git-fixes).
- memstick: r592: Fix error return in r592_probe() (git-fixes).
- mfd: rt5033: Fix errorneous defines (git-fixes).
- mm,memory_failure: always pin the page in madvise_inject_error (bsc#1180258).
- Move upstreamed bt fixes into sorted section
- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (git-fixes).
- net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes).
- net: aquantia: fix LRO with FCS error (git-fixes).
- net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (git-fixes).
- net: dsa: b53: Ensure the default VID is untagged (git-fixes).
- net: dsa: b53: Fix default VLAN ID (git-fixes).
- net: dsa: b53: Properly account for VLAN filtering (git-fixes).
- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).
- net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() (git-fixes).
- net: dsa: qca8k: remove leftover phy accessors (git-fixes).
- net: ethernet: ti: cpsw: fix runtime_pm while add/kill vlan (git-fixes).
- net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() (git-fixes).
- net: macb: add missing barriers when reading descriptors (git-fixes).
- net: macb: fix dropped RX frames due to a race (git-fixes).
- net: macb: fix error format in dev_err() (git-fixes).
- net: macb: fix random memory corruption on RX with 64-bit DMA (git-fixes).
- net: pasemi: fix an use-after-free in pasemi_mac_phy_init() (git-fixes).
- net: seeq: Fix the function used to release some memory in an error handling path (git-fixes).
- net: sh_eth: fix a missing check of of_get_phy_mode (git-fixes).
- net: sonic: replace dev_kfree_skb in sonic_send_packet (git-fixes).
- net: sonic: return NETDEV_TX_OK if failed to map buffer (git-fixes).
- net: stmmac: fix csr_clk can't be zero issue (git-fixes).
- net: stmmac: Fix reception of Broadcom switches tags (git-fixes).
- net:ethernet:aquantia: Extra spinlocks removed (git-fixes).
- nfc: s3fwrn5: Release the nfc firmware (git-fixes).
- NFS: fix nfs_path in case of a rename retry (git-fixes).
- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
- NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes).
- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes).
- ocfs2: fix unbalanced locking (bsc#1180506).
- ocfs2: initialize ip_next_orphan (bsc#1179724).
- orinoco: Move context allocation after processing the skb (git-fixes).
- PCI: Fix pci_slot_release() NULL pointer dereference (git-fixes).
- phy: Revert toggling reset changes (git-fixes).
- pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (git-fixes).
- platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (git-fixes).
- platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (git-fixes).
- platform/x86: mlx-platform: remove an unused variable (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (git-fixes).
- pNFS/flexfiles: Fix list corruption if the mirror count changes (git-fixes).
- power: supply: bq24190_charger: fix reference leak (git-fixes).
- powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (bsc#1065729).
- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest kernels (bsc#1179888 ltc#190253).
- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- powerpc/64s: Trim offlined CPUs from mm_cpumasks (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- powerpc/pseries/hibernation: remove redundant cacheinfo update (bsc#1138374 ltc#178199 git-fixes).
- powerpc/pseries: Pass MSI affinity to irq_create_mapping() (bsc#1065729).
- powerpc/smp: Add __init to init_big_cores() (bsc#1109695 ltc#171067 git-fixes).
- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).
- powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (bsc#1065729).
- ppp: remove the PPPIOCDETACH ioctl (git-fixes).
- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).
- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).
- ravb: Fix use-after-free ravb_tstamp_skb (git-fixes).
- regmap: Remove duplicate `type` field from regmap `regcache_sync` trace event (git-fixes).
- reiserfs: Fix oops during mount (bsc#1179715).
- reiserfs: Initialize inode keys properly (bsc#1179713).
- rtc: hym8563: enable wakeup when applicable (git-fixes).
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1164780).
- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4 handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI path to use common I/O submission path (bsc#1164780).
- scsi: lpfc: Correct null ndlp reference on routine exit (bsc#1164780).
- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req() (bsc#1164780).
- scsi: lpfc: Enable common send_io interface for SCSI and NVMe (bsc#1164780).
- scsi: lpfc: Enable common wqe_template support for both SCSI and NVMe (bsc#1164780).
- scsi: lpfc: Enlarge max_sectors in scsi host templates (bsc#1164780).
- scsi: lpfc: Extend the RDF FPIN Registration descriptor for additional events (bsc#1164780).
- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1164780).
- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1164780).
- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery (bsc#1164780).
- scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() (bsc#1164780).
- scsi: lpfc: Fix memory leak on lcb_context (bsc#1164780).
- scsi: lpfc: Fix missing prototype for lpfc_nvmet_prep_abort_wqe() (bsc#1164780).
- scsi: lpfc: Fix missing prototype warning for lpfc_fdmi_vendor_attr_mi() (bsc#1164780).
- scsi: lpfc: Fix NPIV discovery and Fabric Node detection (bsc#1164780).
- scsi: lpfc: Fix NPIV Fabric Node reference counting (bsc#1164780).
- scsi: lpfc: Fix pointer defereference before it is null checked issue (bsc#1164780).
- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs (bsc#1164780).
- scsi: lpfc: Fix removal of SCSI transport device get and put on dev structure (bsc#1164780).
- scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi (bsc#1164780).
- scsi: lpfc: Fix set but not used warnings from Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Fix set but unused variables in lpfc_dev_loss_tmo_handler() (bsc#1164780).
- scsi: lpfc: Fix spelling mistake 'Cant' -> 'Can't' (bsc#1164780).
- scsi: lpfc: Fix variable 'vport' set but not used in lpfc_sli4_abts_err_handler() (bsc#1164780).
- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined functions (bsc#1164780).
- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc misdemeanours (bsc#1164780).
- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation issues (bsc#1164780).
- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues (bsc#1164780).
- scsi: lpfc: Refactor WQE structure definitions for common use (bsc#1164780).
- scsi: lpfc: Reject CT request for MIB commands (bsc#1164780).
- scsi: lpfc: Remove dead code on second !ndlp check (bsc#1164780).
- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI ultimately fails (bsc#1164780).
- scsi: lpfc: Remove set but not used 'qp' (bsc#1164780).
- scsi: lpfc: Remove unneeded variable 'status' in lpfc_fcp_cpu_map_store() (bsc#1164780).
- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1164780).
- scsi: lpfc: Rework locations of ndlp reference taking (bsc#1164780).
- scsi: lpfc: Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Rework remote port ref counting and node freeing (bsc#1164780).
- scsi: lpfc: Unsolicited ELS leaves node in incorrect state while dropping it (bsc#1164780).
- scsi: lpfc: Update changed file copyrights for 2020 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1164780).
- scsi: lpfc: Use generic power management (bsc#1164780).
- scsi: qla2xxx: Change post del message from debug level to log level (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not check for fw_started while posting NVMe command (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not consume srb greedily (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove trailing semicolon in macro definition (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Tear down session if FW say it is down (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Use constant when it is known (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: Remove unneeded break statements (bsc#1164780).
- scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).
- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1172538 bsc#1179142 bsc#1179810).
- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (git-fixes).
- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).
- soc: mediatek: Check if power domains can be powered on at boot time (git-fixes).
- soc: qcom: smp2p: Safely acquire spinlock without IRQs (git-fixes).
- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).
- soc: ti: knav_qmss: fix reference leak in knav_queue_probe (git-fixes).
- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (git-fixes).
- spi: davinci: Fix use-after-free on unbind (git-fixes).
- spi: img-spfi: fix reference leak in img_spfi_resume (git-fixes).
- spi: pic32: Do not leak DMA channels in probe error path (git-fixes).
- spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes).
- spi: spi-mem: fix reference leak in spi_mem_access_start (git-fixes).
- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (git-fixes).
- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).
- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (git-fixes).
- spi: tegra20-slink: fix reference leak in slink ops of tegra20 (git-fixes).
- staging: comedi: mf6x4: Fix AI end-of-conversion detection (git-fixes).
- staging: olpc_dcon: add a missing dependency (git-fixes).
- staging: olpc_dcon: Do not call platform_device_unregister() in dcon_probe() (git-fixes).
- sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).
- SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() (git-fixes).
- SUNRPC: The RDMA back channel mustn't disappear while requests are outstanding (git-fixes).
- timer: Fix wheel index calculation on last level (git fixes)
- timer: Prevent base->clk from moving backward (git-fixes)
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (git-fixes).
- uapi/if_ether.h: prevent redefinition of struct ethhdr (git-fixes).
- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (git-fixes).
- usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (git-fixes).
- usb: gadget: f_fs: Use local copy of descriptors for userspace copy (git-fixes).
- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).
- usb: serial: ch341: add new Product ID for CH341A (git-fixes).
- usb: serial: ch341: sort device-id entries (git-fixes).
- usb: serial: digi_acceleport: clean up modem-control handling (git-fixes).
- usb: serial: digi_acceleport: clean up set_termios (git-fixes).
- usb: serial: digi_acceleport: fix write-wakeup deadlocks (git-fixes).
- usb: serial: digi_acceleport: remove in_interrupt() usage.
- usb: serial: digi_acceleport: remove redundant assignment to pointer priv (git-fixes).
- usb: serial: digi_acceleport: rename tty flag variable (git-fixes).
- usb: serial: digi_acceleport: use irqsave() in USB's complete callback (git-fixes).
- usb: serial: keyspan_pda: fix dropped unthrottle interrupts (git-fixes).
- usb: serial: keyspan_pda: fix stalled writes (git-fixes).
- usb: serial: keyspan_pda: fix tx-unthrottle use-after-free (git-fixes).
- usb: serial: keyspan_pda: fix write deadlock (git-fixes).
- usb: serial: keyspan_pda: fix write unthrottling (git-fixes).
- usb: serial: keyspan_pda: fix write-wakeup use-after-free (git-fixes).
- usb: serial: mos7720: fix parallel-port state restore (git-fixes).
- usb: serial: option: add Fibocom NL668 variants (git-fixes).
- usb: serial: option: add interface-number sanity check to flag handling (git-fixes).
- usb: serial: option: add support for Thales Cinterion EXS82 (git-fixes).
- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).
- wimax: fix duplicate initializer warning (git-fixes).
- x86/apic: Fix integer overflow on 10 bit left shift of cpu_khz (bsc#1112178).
- x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (bsc#1112178).
- x86/mm/ident_map: Check for errors from ident_pud_init() (bsc#1112178).
- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (bsc#1112178).
- x86/resctrl: Fix AMD L3 QOS CDP enable/disable (bsc#1114648).
- x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1112178).
- x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1112178).
- x86/tracing: Introduce a static key for exception tracing (bsc#1179895).
- x86/traps: Simplify pagefault tracing logic (bsc#1179895).
- x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (bsc#1112178).
- xprtrdma: fix incorrect header size calculations (git-fixes).
Patchnames: SUSE-2021-94,SUSE-SLE-RT-12-SP5-2021-94
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).\n- CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).\n- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).\n- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).\n- CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027).\n- CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).\n- CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).\n- CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).\n\nThe following non-security bugs were fixed:\n\n- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).\n- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).\n- ALSA: hda: Fix regressions on clear and reconfig sysfs (git-fixes).\n- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).\n- ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (git-fixes).\n- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).\n- ASoC: pcm: DRAIN support reactivation (git-fixes).\n- ASoC: wm8998: Fix PM disable depth imbalance on error (git-fixes).\n- ASoC: wm_adsp: remove \u0027ctl\u0027 from list on error in wm_adsp_create_control() (git-fixes).\n- ath10k: Fix an error handling path (git-fixes).\n- ath10k: Release some resources in an error handling path (git-fixes).\n- ath10k: Remove msdu from idr when management pkt send fails (git-fixes).\n- ath6kl: fix enum-conversion warning (git-fixes).\n- Bluetooth: btusb: Fix detection of some fake CSR controllers with a bcdDevice val of 0x0134 (git-fixes).\n- Bluetooth: Fix null pointer dereference in hci_event_packet() (git-fixes).\n- Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (git-fixes).\n- btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).\n- btrfs: fix use-after-free on readahead extent after failure to create it (bsc#1179963).\n- btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1174784).\n- bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (git-fixes).\n- can: mcp251x: add error check when wq alloc failed (git-fixes).\n- can: softing: softing_netdev_open(): fix error handling (git-fixes).\n- cirrus: cs89x0: remove set but not used variable \u0027lp\u0027 (git-fixes).\n- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify code (git-fixes).\n- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).\n- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).\n- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).\n- crypto: af_alg - avoid undefined behavior accessing salg_name (git-fixes).\n- crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (git-fixes).\n- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (git-fixes).\n- crypto: talitos - Fix return type of current_desc_hdr() (git-fixes).\n- cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (git-fixes).\n- drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (git-fixes).\n- drm/amd/display: remove useless if/else (git-fixes).\n- drm/amdgpu: fix build_coefficients() argument (git-fixes).\n- drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (git-fixes).\n- drm/gma500: fix double free of gma_connector (git-fixes).\n- drm/meson: dw-hdmi: Register a callback to disable the regulator (git-fixes).\n- drm/msm/dpu: Add newline to printks (git-fixes).\n- drm/msm/dsi_phy_10nm: implement PHY disabling (git-fixes).\n- drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (git-fixes).\n- drm/rockchip: Avoid uninitialized use of endpoint id in LVDS (git-fixes).\n- EDAC/i10nm: Use readl() to access MMIO registers (12sp5).\n- epoll: Keep a reference on files added to the check list (bsc#1180031).\n- ext4: correctly report \u0027not supported\u0027 for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672).\n- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).\n- ext4: fix error handling code in add_new_gdb (bsc#1179722).\n- ext4: fix invalid inode checksum (bsc#1179723).\n- ext4: fix leaking sysfs kobject after failed mount (bsc#1179670).\n- ext4: limit entries returned when counting fsmap records (bsc#1179671).\n- ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673).\n- extcon: max77693: Fix modalias string (git-fixes).\n- fix regression in \u0027epoll: Keep a reference on files added to the check list\u0027 (bsc#1180031, git-fixes).\n- forcedeth: use per cpu to collect xmit/recv statistics (git-fixes).\n- fs: Do not invalidate page buffers in block_write_full_page() (bsc#1179711).\n- genirq/irqdomain: Add an irq_create_mapping_affinity() function (bsc#1065729).\n- HID: Add another Primax PIXART OEM mouse quirk (git-fixes).\n- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).\n- HSI: omap_ssi: Do not jump to free ID in ssi_add_controller() (git-fixes).\n- ibmvnic: add some debugs (bsc#1179896 ltc#190255).\n- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231 git-fixes).\n- ibmvnic: continue fatal error reset after passive init (bsc#1171078 ltc#184239 git-fixes).\n- ibmvnic: delay next reset if hard reset fails (bsc#1094840 ltc#167098 git-fixes).\n- ibmvnic: enhance resetting status check during module exit (bsc#1065729).\n- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431 ltc#171853 git-fixes).\n- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (bsc#1040855 ltc#155067 git-fixes).\n- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231 git-fixes).\n- ibmvnic: notify peers when failover and migration happen (bsc#1044120 ltc#155423 git-fixes).\n- ibmvnic: restore adapter state on failed reset (bsc#1152457 ltc#174432 git-fixes).\n- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (git-fixes).\n- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).\n- inet_ecn: Fix endianness of checksum update when setting ECT(1) (git-fixes).\n- Input: ads7846 - fix integer overflow on Rt calculation (git-fixes).\n- Input: ads7846 - fix race that causes missing releases (git-fixes).\n- Input: ads7846 - fix unaligned access on 7845 (git-fixes).\n- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).\n- Input: i8042 - add ByteSpeed touchpad to noloop table (git-fixes).\n- Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists (git-fixes).\n- Input: omap4-keypad - fix runtime PM error handling (git-fixes).\n- Input: trackpoint - add new trackpoint variant IDs (git-fixes).\n- Input: trackpoint - enable Synaptics trackpoints (git-fixes).\n- Input: xpad - support Ardwiino Controllers (git-fixes).\n- kABI fix for g2d (git-fixes).\n- kABI workaround for dsa/b53 changes (git-fixes).\n- kABI workaround for net/ipvlan changes (git-fixes).\n- kABI: ath10k: move a new structure member to the end (git-fixes).\n- kABI: genirq: add back irq_create_mapping (bsc#1065729).\n- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install\n- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)\n- kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- kgdb: Fix spurious true from in_dbg_master() (git-fixes).\n- KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (bsc#1112178).\n- mac80211: do not set set TDLS STA bandwidth wider than possible (git-fixes).\n- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).\n- matroxfb: avoid -Warray-bounds warning (git-fixes).\n- md/raid5: fix oops during stripe resizing (git-fixes).\n- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).\n- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (git-fixes).\n- media: s5p-g2d: Fix a memory leak in an error handling path in \u0027g2d_probe()\u0027 (git-fixes).\n- media: saa7146: fix array overflow in vidioc_s_audio() (git-fixes).\n- media: siano: fix memory leak of debugfs members in smsdvb_hotplug (git-fixes).\n- media: solo6x10: fix missing snd_card_free in error handling case (git-fixes).\n- media: uvcvideo: Set media controller entity functions (git-fixes).\n- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).\n- media: v4l2-async: Fix trivial documentation typo (git-fixes).\n- memstick: fix a double-free bug in memstick_check (git-fixes).\n- memstick: r592: Fix error return in r592_probe() (git-fixes).\n- mfd: rt5033: Fix errorneous defines (git-fixes).\n- mm,memory_failure: always pin the page in madvise_inject_error (bsc#1180258).\n- Move upstreamed bt fixes into sorted section\n- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (git-fixes).\n- net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes).\n- net: aquantia: fix LRO with FCS error (git-fixes).\n- net: dsa: b53: Always use dev-\u003evlan_enabled in b53_configure_vlan() (git-fixes).\n- net: dsa: b53: Ensure the default VID is untagged (git-fixes).\n- net: dsa: b53: Fix default VLAN ID (git-fixes).\n- net: dsa: b53: Properly account for VLAN filtering (git-fixes).\n- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).\n- net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() (git-fixes).\n- net: dsa: qca8k: remove leftover phy accessors (git-fixes).\n- net: ethernet: ti: cpsw: fix runtime_pm while add/kill vlan (git-fixes).\n- net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() (git-fixes).\n- net: macb: add missing barriers when reading descriptors (git-fixes).\n- net: macb: fix dropped RX frames due to a race (git-fixes).\n- net: macb: fix error format in dev_err() (git-fixes).\n- net: macb: fix random memory corruption on RX with 64-bit DMA (git-fixes).\n- net: pasemi: fix an use-after-free in pasemi_mac_phy_init() (git-fixes).\n- net: seeq: Fix the function used to release some memory in an error handling path (git-fixes).\n- net: sh_eth: fix a missing check of of_get_phy_mode (git-fixes).\n- net: sonic: replace dev_kfree_skb in sonic_send_packet (git-fixes).\n- net: sonic: return NETDEV_TX_OK if failed to map buffer (git-fixes).\n- net: stmmac: fix csr_clk can\u0027t be zero issue (git-fixes).\n- net: stmmac: Fix reception of Broadcom switches tags (git-fixes).\n- net:ethernet:aquantia: Extra spinlocks removed (git-fixes).\n- nfc: s3fwrn5: Release the nfc firmware (git-fixes).\n- NFS: fix nfs_path in case of a rename retry (git-fixes).\n- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).\n- NFSv4.2: fix client\u0027s attribute cache management for copy_file_range (git-fixes).\n- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes).\n- ocfs2: fix unbalanced locking (bsc#1180506).\n- ocfs2: initialize ip_next_orphan (bsc#1179724).\n- orinoco: Move context allocation after processing the skb (git-fixes).\n- PCI: Fix pci_slot_release() NULL pointer dereference (git-fixes).\n- phy: Revert toggling reset changes (git-fixes).\n- pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (git-fixes).\n- platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (git-fixes).\n- platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (git-fixes).\n- platform/x86: mlx-platform: remove an unused variable (git-fixes).\n- platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (git-fixes).\n- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (git-fixes).\n- pNFS/flexfiles: Fix list corruption if the mirror count changes (git-fixes).\n- power: supply: bq24190_charger: fix reference leak (git-fixes).\n- powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (bsc#1065729).\n- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest kernels (bsc#1179888 ltc#190253).\n- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- powerpc/64s: Trim offlined CPUs from mm_cpumasks (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).\n- powerpc/pseries/hibernation: remove redundant cacheinfo update (bsc#1138374 ltc#178199 git-fixes).\n- powerpc/pseries: Pass MSI affinity to irq_create_mapping() (bsc#1065729).\n- powerpc/smp: Add __init to init_big_cores() (bsc#1109695 ltc#171067 git-fixes).\n- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).\n- powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (bsc#1065729).\n- ppp: remove the PPPIOCDETACH ioctl (git-fixes).\n- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).\n- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).\n- ravb: Fix use-after-free ravb_tstamp_skb (git-fixes).\n- regmap: Remove duplicate `type` field from regmap `regcache_sync` trace event (git-fixes).\n- reiserfs: Fix oops during mount (bsc#1179715).\n- reiserfs: Initialize inode keys properly (bsc#1179713).\n- rtc: hym8563: enable wakeup when applicable (git-fixes).\n- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section\n- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1164780).\n- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers (bsc#1164780).\n- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4 handlers (bsc#1164780).\n- scsi: lpfc: Convert SCSI path to use common I/O submission path (bsc#1164780).\n- scsi: lpfc: Correct null ndlp reference on routine exit (bsc#1164780).\n- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req() (bsc#1164780).\n- scsi: lpfc: Enable common send_io interface for SCSI and NVMe (bsc#1164780).\n- scsi: lpfc: Enable common wqe_template support for both SCSI and NVMe (bsc#1164780).\n- scsi: lpfc: Enlarge max_sectors in scsi host templates (bsc#1164780).\n- scsi: lpfc: Extend the RDF FPIN Registration descriptor for additional events (bsc#1164780).\n- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1164780).\n- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1164780).\n- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery (bsc#1164780).\n- scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() (bsc#1164780).\n- scsi: lpfc: Fix memory leak on lcb_context (bsc#1164780).\n- scsi: lpfc: Fix missing prototype for lpfc_nvmet_prep_abort_wqe() (bsc#1164780).\n- scsi: lpfc: Fix missing prototype warning for lpfc_fdmi_vendor_attr_mi() (bsc#1164780).\n- scsi: lpfc: Fix NPIV discovery and Fabric Node detection (bsc#1164780).\n- scsi: lpfc: Fix NPIV Fabric Node reference counting (bsc#1164780).\n- scsi: lpfc: Fix pointer defereference before it is null checked issue (bsc#1164780).\n- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs (bsc#1164780).\n- scsi: lpfc: Fix removal of SCSI transport device get and put on dev structure (bsc#1164780).\n- scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi (bsc#1164780).\n- scsi: lpfc: Fix set but not used warnings from Rework remote port lock handling (bsc#1164780).\n- scsi: lpfc: Fix set but unused variables in lpfc_dev_loss_tmo_handler() (bsc#1164780).\n- scsi: lpfc: Fix spelling mistake \u0027Cant\u0027 -\u003e \u0027Can\u0027t\u0027 (bsc#1164780).\n- scsi: lpfc: Fix variable \u0027vport\u0027 set but not used in lpfc_sli4_abts_err_handler() (bsc#1164780).\n- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined functions (bsc#1164780).\n- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc misdemeanours (bsc#1164780).\n- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation issues (bsc#1164780).\n- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues (bsc#1164780).\n- scsi: lpfc: Refactor WQE structure definitions for common use (bsc#1164780).\n- scsi: lpfc: Reject CT request for MIB commands (bsc#1164780).\n- scsi: lpfc: Remove dead code on second !ndlp check (bsc#1164780).\n- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI ultimately fails (bsc#1164780).\n- scsi: lpfc: Remove set but not used \u0027qp\u0027 (bsc#1164780).\n- scsi: lpfc: Remove unneeded variable \u0027status\u0027 in lpfc_fcp_cpu_map_store() (bsc#1164780).\n- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1164780).\n- scsi: lpfc: Rework locations of ndlp reference taking (bsc#1164780).\n- scsi: lpfc: Rework remote port lock handling (bsc#1164780).\n- scsi: lpfc: Rework remote port ref counting and node freeing (bsc#1164780).\n- scsi: lpfc: Unsolicited ELS leaves node in incorrect state while dropping it (bsc#1164780).\n- scsi: lpfc: Update changed file copyrights for 2020 (bsc#1164780).\n- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1164780).\n- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1164780).\n- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1164780).\n- scsi: lpfc: Use generic power management (bsc#1164780).\n- scsi: qla2xxx: Change post del message from debug level to log level (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Do not check for fw_started while posting NVMe command (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Do not consume srb greedily (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Remove trailing semicolon in macro definition (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Tear down session if FW say it is down (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: qla2xxx: Use constant when it is known (bsc#1172538 bsc#1179142 bsc#1179810).\n- scsi: Remove unneeded break statements (bsc#1164780).\n- scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).\n- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1172538 bsc#1179142 bsc#1179810).\n- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (git-fixes).\n- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).\n- soc: mediatek: Check if power domains can be powered on at boot time (git-fixes).\n- soc: qcom: smp2p: Safely acquire spinlock without IRQs (git-fixes).\n- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).\n- soc: ti: knav_qmss: fix reference leak in knav_queue_probe (git-fixes).\n- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (git-fixes).\n- spi: davinci: Fix use-after-free on unbind (git-fixes).\n- spi: img-spfi: fix reference leak in img_spfi_resume (git-fixes).\n- spi: pic32: Do not leak DMA channels in probe error path (git-fixes).\n- spi: spi-mem: Fix passing zero to \u0027PTR_ERR\u0027 warning (git-fixes).\n- spi: spi-mem: fix reference leak in spi_mem_access_start (git-fixes).\n- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (git-fixes).\n- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).\n- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (git-fixes).\n- spi: tegra20-slink: fix reference leak in slink ops of tegra20 (git-fixes).\n- staging: comedi: mf6x4: Fix AI end-of-conversion detection (git-fixes).\n- staging: olpc_dcon: add a missing dependency (git-fixes).\n- staging: olpc_dcon: Do not call platform_device_unregister() in dcon_probe() (git-fixes).\n- sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).\n- SUNRPC: Properly set the @subbuf parameter of xdr_buf_subsegment() (git-fixes).\n- SUNRPC: The RDMA back channel mustn\u0027t disappear while requests are outstanding (git-fixes).\n- timer: Fix wheel index calculation on last level (git fixes)\n- timer: Prevent base-\u003eclk from moving backward (git-fixes)\n- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (git-fixes).\n- uapi/if_ether.h: prevent redefinition of struct ethhdr (git-fixes).\n- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (git-fixes).\n- usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (git-fixes).\n- usb: gadget: f_fs: Use local copy of descriptors for userspace copy (git-fixes).\n- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).\n- usb: serial: ch341: add new Product ID for CH341A (git-fixes).\n- usb: serial: ch341: sort device-id entries (git-fixes).\n- usb: serial: digi_acceleport: clean up modem-control handling (git-fixes).\n- usb: serial: digi_acceleport: clean up set_termios (git-fixes).\n- usb: serial: digi_acceleport: fix write-wakeup deadlocks (git-fixes).\n- usb: serial: digi_acceleport: remove in_interrupt() usage.\n- usb: serial: digi_acceleport: remove redundant assignment to pointer priv (git-fixes).\n- usb: serial: digi_acceleport: rename tty flag variable (git-fixes).\n- usb: serial: digi_acceleport: use irqsave() in USB\u0027s complete callback (git-fixes).\n- usb: serial: keyspan_pda: fix dropped unthrottle interrupts (git-fixes).\n- usb: serial: keyspan_pda: fix stalled writes (git-fixes).\n- usb: serial: keyspan_pda: fix tx-unthrottle use-after-free (git-fixes).\n- usb: serial: keyspan_pda: fix write deadlock (git-fixes).\n- usb: serial: keyspan_pda: fix write unthrottling (git-fixes).\n- usb: serial: keyspan_pda: fix write-wakeup use-after-free (git-fixes).\n- usb: serial: mos7720: fix parallel-port state restore (git-fixes).\n- usb: serial: option: add Fibocom NL668 variants (git-fixes).\n- usb: serial: option: add interface-number sanity check to flag handling (git-fixes).\n- usb: serial: option: add support for Thales Cinterion EXS82 (git-fixes).\n- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).\n- wimax: fix duplicate initializer warning (git-fixes).\n- x86/apic: Fix integer overflow on 10 bit left shift of cpu_khz (bsc#1112178).\n- x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (bsc#1112178).\n- x86/mm/ident_map: Check for errors from ident_pud_init() (bsc#1112178).\n- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (bsc#1112178).\n- x86/resctrl: Fix AMD L3 QOS CDP enable/disable (bsc#1114648).\n- x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1112178).\n- x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1112178).\n- x86/tracing: Introduce a static key for exception tracing (bsc#1179895).\n- x86/traps: Simplify pagefault tracing logic (bsc#1179895).\n- x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (bsc#1112178).\n- xprtrdma: fix incorrect header size calculations (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2021-94,SUSE-SLE-RT-12-SP5-2021-94",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_0094-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2021:0094-1",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210094-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2021:0094-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-January/008188.html"
},
{
"category": "self",
"summary": "SUSE Bug 1040855",
"url": "https://bugzilla.suse.com/1040855"
},
{
"category": "self",
"summary": "SUSE Bug 1044120",
"url": "https://bugzilla.suse.com/1044120"
},
{
"category": "self",
"summary": "SUSE Bug 1044767",
"url": "https://bugzilla.suse.com/1044767"
},
{
"category": "self",
"summary": "SUSE Bug 1055117",
"url": "https://bugzilla.suse.com/1055117"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1094840",
"url": "https://bugzilla.suse.com/1094840"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1112178",
"url": "https://bugzilla.suse.com/1112178"
},
{
"category": "self",
"summary": "SUSE Bug 1114648",
"url": "https://bugzilla.suse.com/1114648"
},
{
"category": "self",
"summary": "SUSE Bug 1115431",
"url": "https://bugzilla.suse.com/1115431"
},
{
"category": "self",
"summary": "SUSE Bug 1138374",
"url": "https://bugzilla.suse.com/1138374"
},
{
"category": "self",
"summary": "SUSE Bug 1152457",
"url": "https://bugzilla.suse.com/1152457"
},
{
"category": "self",
"summary": "SUSE Bug 1164780",
"url": "https://bugzilla.suse.com/1164780"
},
{
"category": "self",
"summary": "SUSE Bug 1171078",
"url": "https://bugzilla.suse.com/1171078"
},
{
"category": "self",
"summary": "SUSE Bug 1172538",
"url": "https://bugzilla.suse.com/1172538"
},
{
"category": "self",
"summary": "SUSE Bug 1172694",
"url": "https://bugzilla.suse.com/1172694"
},
{
"category": "self",
"summary": "SUSE Bug 1174784",
"url": "https://bugzilla.suse.com/1174784"
},
{
"category": "self",
"summary": "SUSE Bug 1178401",
"url": "https://bugzilla.suse.com/1178401"
},
{
"category": "self",
"summary": "SUSE Bug 1178762",
"url": "https://bugzilla.suse.com/1178762"
},
{
"category": "self",
"summary": "SUSE Bug 1179014",
"url": "https://bugzilla.suse.com/1179014"
},
{
"category": "self",
"summary": "SUSE Bug 1179015",
"url": "https://bugzilla.suse.com/1179015"
},
{
"category": "self",
"summary": "SUSE Bug 1179045",
"url": "https://bugzilla.suse.com/1179045"
},
{
"category": "self",
"summary": "SUSE Bug 1179082",
"url": "https://bugzilla.suse.com/1179082"
},
{
"category": "self",
"summary": "SUSE Bug 1179107",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "self",
"summary": "SUSE Bug 1179142",
"url": "https://bugzilla.suse.com/1179142"
},
{
"category": "self",
"summary": "SUSE Bug 1179419",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "self",
"summary": "SUSE Bug 1179444",
"url": "https://bugzilla.suse.com/1179444"
},
{
"category": "self",
"summary": "SUSE Bug 1179670",
"url": "https://bugzilla.suse.com/1179670"
},
{
"category": "self",
"summary": "SUSE Bug 1179671",
"url": "https://bugzilla.suse.com/1179671"
},
{
"category": "self",
"summary": "SUSE Bug 1179672",
"url": "https://bugzilla.suse.com/1179672"
},
{
"category": "self",
"summary": "SUSE Bug 1179673",
"url": "https://bugzilla.suse.com/1179673"
},
{
"category": "self",
"summary": "SUSE Bug 1179711",
"url": "https://bugzilla.suse.com/1179711"
},
{
"category": "self",
"summary": "SUSE Bug 1179713",
"url": "https://bugzilla.suse.com/1179713"
},
{
"category": "self",
"summary": "SUSE Bug 1179714",
"url": "https://bugzilla.suse.com/1179714"
},
{
"category": "self",
"summary": "SUSE Bug 1179715",
"url": "https://bugzilla.suse.com/1179715"
},
{
"category": "self",
"summary": "SUSE Bug 1179716",
"url": "https://bugzilla.suse.com/1179716"
},
{
"category": "self",
"summary": "SUSE Bug 1179722",
"url": "https://bugzilla.suse.com/1179722"
},
{
"category": "self",
"summary": "SUSE Bug 1179723",
"url": "https://bugzilla.suse.com/1179723"
},
{
"category": "self",
"summary": "SUSE Bug 1179724",
"url": "https://bugzilla.suse.com/1179724"
},
{
"category": "self",
"summary": "SUSE Bug 1179745",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "self",
"summary": "SUSE Bug 1179810",
"url": "https://bugzilla.suse.com/1179810"
},
{
"category": "self",
"summary": "SUSE Bug 1179888",
"url": "https://bugzilla.suse.com/1179888"
},
{
"category": "self",
"summary": "SUSE Bug 1179895",
"url": "https://bugzilla.suse.com/1179895"
},
{
"category": "self",
"summary": "SUSE Bug 1179896",
"url": "https://bugzilla.suse.com/1179896"
},
{
"category": "self",
"summary": "SUSE Bug 1179960",
"url": "https://bugzilla.suse.com/1179960"
},
{
"category": "self",
"summary": "SUSE Bug 1179963",
"url": "https://bugzilla.suse.com/1179963"
},
{
"category": "self",
"summary": "SUSE Bug 1180027",
"url": "https://bugzilla.suse.com/1180027"
},
{
"category": "self",
"summary": "SUSE Bug 1180029",
"url": "https://bugzilla.suse.com/1180029"
},
{
"category": "self",
"summary": "SUSE Bug 1180031",
"url": "https://bugzilla.suse.com/1180031"
},
{
"category": "self",
"summary": "SUSE Bug 1180052",
"url": "https://bugzilla.suse.com/1180052"
},
{
"category": "self",
"summary": "SUSE Bug 1180086",
"url": "https://bugzilla.suse.com/1180086"
},
{
"category": "self",
"summary": "SUSE Bug 1180117",
"url": "https://bugzilla.suse.com/1180117"
},
{
"category": "self",
"summary": "SUSE Bug 1180258",
"url": "https://bugzilla.suse.com/1180258"
},
{
"category": "self",
"summary": "SUSE Bug 1180506",
"url": "https://bugzilla.suse.com/1180506"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0444 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0465 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-0466 page",
"url": "https://www.suse.com/security/cve/CVE-2020-0466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27068 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27777 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27825 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29660 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29661 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29661/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2021-01-12T18:14:19Z",
"generator": {
"date": "2021-01-12T18:14:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2021:0094-1",
"initial_release_date": "2021-01-12T18:14:19Z",
"revision_history": [
{
"date": "2021-01-12T18:14:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-4.12.14-10.28.3.noarch",
"product": {
"name": "kernel-devel-rt-4.12.14-10.28.3.noarch",
"product_id": "kernel-devel-rt-4.12.14-10.28.3.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-4.12.14-10.28.3.noarch",
"product": {
"name": "kernel-source-rt-4.12.14-10.28.3.noarch",
"product_id": "kernel-source-rt-4.12.14-10.28.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"product_id": "cluster-md-kmp-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "cluster-md-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "cluster-md-kmp-rt_debug-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"product_id": "dlm-kmp-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "dlm-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "dlm-kmp-rt_debug-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"product_id": "gfs2-kmp-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "gfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "gfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt-base-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt-base-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt-devel-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt-devel-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt-extra-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt-extra-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-kgraft-devel-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt-kgraft-devel-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt-kgraft-devel-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt_debug-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-base-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt_debug-base-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt_debug-base-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt_debug-devel-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-extra-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt_debug-extra-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt_debug-extra-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-rt_debug-kgraft-devel-4.12.14-10.28.3.x86_64",
"product_id": "kernel-rt_debug-kgraft-devel-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "kernel-syms-rt-4.12.14-10.28.3.x86_64",
"product_id": "kernel-syms-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "kselftests-kmp-rt-4.12.14-10.28.3.x86_64",
"product_id": "kselftests-kmp-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "kselftests-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "kselftests-kmp-rt_debug-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"product_id": "ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product": {
"name": "ocfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64",
"product_id": "ocfs2-kmp-rt_debug-4.12.14-10.28.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-4.12.14-10.28.3.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch"
},
"product_reference": "kernel-devel-rt-4.12.14-10.28.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-rt-base-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-rt-devel-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-rt_debug-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-4.12.14-10.28.3.noarch as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch"
},
"product_reference": "kernel-source-rt-4.12.14-10.28.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "kernel-syms-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-4.12.14-10.28.3.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP5",
"product_id": "SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
},
"product_reference": "ocfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-0444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0444"
}
],
"notes": [
{
"category": "general",
"text": "In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0444",
"url": "https://www.suse.com/security/cve/CVE-2020-0444"
},
{
"category": "external",
"summary": "SUSE Bug 1180027 for CVE-2020-0444",
"url": "https://bugzilla.suse.com/1180027"
},
{
"category": "external",
"summary": "SUSE Bug 1180028 for CVE-2020-0444",
"url": "https://bugzilla.suse.com/1180028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "moderate"
}
],
"title": "CVE-2020-0444"
},
{
"cve": "CVE-2020-0465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0465"
}
],
"notes": [
{
"category": "general",
"text": "In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0465",
"url": "https://www.suse.com/security/cve/CVE-2020-0465"
},
{
"category": "external",
"summary": "SUSE Bug 1180029 for CVE-2020-0465",
"url": "https://bugzilla.suse.com/1180029"
},
{
"category": "external",
"summary": "SUSE Bug 1180030 for CVE-2020-0465",
"url": "https://bugzilla.suse.com/1180030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "important"
}
],
"title": "CVE-2020-0465"
},
{
"cve": "CVE-2020-0466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-0466"
}
],
"notes": [
{
"category": "general",
"text": "In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-0466",
"url": "https://www.suse.com/security/cve/CVE-2020-0466"
},
{
"category": "external",
"summary": "SUSE Bug 1180031 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1180031"
},
{
"category": "external",
"summary": "SUSE Bug 1180032 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1180032"
},
{
"category": "external",
"summary": "SUSE Bug 1199255 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1199255"
},
{
"category": "external",
"summary": "SUSE Bug 1200084 for CVE-2020-0466",
"url": "https://bugzilla.suse.com/1200084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "important"
}
],
"title": "CVE-2020-0466"
},
{
"cve": "CVE-2020-27068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27068"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27068",
"url": "https://www.suse.com/security/cve/CVE-2020-27068"
},
{
"category": "external",
"summary": "SUSE Bug 1180086 for CVE-2020-27068",
"url": "https://bugzilla.suse.com/1180086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "moderate"
}
],
"title": "CVE-2020-27068"
},
{
"cve": "CVE-2020-27777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27777"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27777",
"url": "https://www.suse.com/security/cve/CVE-2020-27777"
},
{
"category": "external",
"summary": "SUSE Bug 1179107 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "external",
"summary": "SUSE Bug 1179419 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "external",
"summary": "SUSE Bug 1200343 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1200343"
},
{
"category": "external",
"summary": "SUSE Bug 1220060 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1220060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "moderate"
}
],
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-27825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27825"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27825",
"url": "https://www.suse.com/security/cve/CVE-2020-27825"
},
{
"category": "external",
"summary": "SUSE Bug 1179960 for CVE-2020-27825",
"url": "https://bugzilla.suse.com/1179960"
},
{
"category": "external",
"summary": "SUSE Bug 1179961 for CVE-2020-27825",
"url": "https://bugzilla.suse.com/1179961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "important"
}
],
"title": "CVE-2020-27825"
},
{
"cve": "CVE-2020-29660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29660"
}
],
"notes": [
{
"category": "general",
"text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29660",
"url": "https://www.suse.com/security/cve/CVE-2020-29660"
},
{
"category": "external",
"summary": "SUSE Bug 1179745 for CVE-2020-29660",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "external",
"summary": "SUSE Bug 1179877 for CVE-2020-29660",
"url": "https://bugzilla.suse.com/1179877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "important"
}
],
"title": "CVE-2020-29660"
},
{
"cve": "CVE-2020-29661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29661"
}
],
"notes": [
{
"category": "general",
"text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29661",
"url": "https://www.suse.com/security/cve/CVE-2020-29661"
},
{
"category": "external",
"summary": "SUSE Bug 1179745 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1179745"
},
{
"category": "external",
"summary": "SUSE Bug 1179877 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1179877"
},
{
"category": "external",
"summary": "SUSE Bug 1214268 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1214268"
},
{
"category": "external",
"summary": "SUSE Bug 1218966 for CVE-2020-29661",
"url": "https://bugzilla.suse.com/1218966"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP5:cluster-md-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:dlm-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:gfs2-kmp-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-devel-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-base-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-rt_debug-devel-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-source-rt-4.12.14-10.28.3.noarch",
"SUSE Linux Enterprise Real Time 12 SP5:kernel-syms-rt-4.12.14-10.28.3.x86_64",
"SUSE Linux Enterprise Real Time 12 SP5:ocfs2-kmp-rt-4.12.14-10.28.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-12T18:14:19Z",
"details": "important"
}
],
"title": "CVE-2020-29661"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…