1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2021:2325-1

[SUSE-SU-2021:2325-1] Security update for the Linux Kernel

Severity Important
Affected Packages 4
CVEs 9
Info Packages References Vulnerabilities

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-3573: Fixed an UAF vulnerability in function that can allow attackers to corrupt kernel heaps and adopt further exploitations. (bsc#1186666)
  • CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. (bsc#1187601)
  • CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1187595)
  • CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to leak the contents of arbitrary kernel memory (and therefore, of all physical memory) via a side-channel. (bsc#1187554)
  • CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452)
  • CVE-2021-0129: Fixed improper access control in BlueZ that may have allowed an authenticated user to potentially enable information disclosure via adjacent access (bnc#1186463).
  • CVE-2020-36385: Fixed a use-after-free via the ctx_list in some ucma_migrate_id situations where ucma_close is called (bnc#1187050).
  • CVE-2020-26558: Fixed Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 (bnc#1179610, bnc#1186463).
  • CVE-2020-36386: Fixed an out-of-bounds read issue in hci_extended_inquiry_result_evt (bnc#1187038).

The following non-security bugs were fixed:

  • acpica: Clean up context mutex during object deletion (git-fixes).
  • alsa: hda/cirrus: Set Initial DMIC volume to -26 dB (git-fixes).
  • alsa: hda: Fix for mute key LED for HP Pavilion 15-CK0xx (git-fixes).
  • alsa: timer: Fix master timer notification (git-fixes).
  • alx: Fix an error handling path in 'alx_probe()' (git-fixes).
  • arch: Add arch-dependent support markers in supported.conf (bsc#1186672)
  • arch: Add the support for kernel-FLAVOR-optional subpackage (jsc#SLE-11796)
  • ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet (git-fixes).
  • ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet (git-fixes).
  • ASoC: max98088: fix ni clock divider calculation (git-fixes).
  • ASoC: rt5659: Fix the lost powers for the HDA header (git-fixes).
  • ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
  • ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd() (git-fixes).
  • batman-adv: Avoid WARN_ON timing related checks (git-fixes).
  • be2net: Fix an error handling path in 'be_probe()' (git-fixes).
  • blk-settings: align max_sectors on 'logical_block_size' boundary (bsc#1185195).
  • block: Discard page cache of zone reset target range (bsc#1187402).
  • block: return the correct bvec when checking for gaps (bsc#1187143).
  • block: return the correct bvec when checking for gaps (bsc#1187144).
  • bluetooth: fix the erroneous flush_work() order (git-fixes).
  • bluetooth: use correct lock to prevent UAF of hdev object (git-fixes).
  • bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Fix TQM fastpath ring backing store computation (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Rediscover PHY capabilities after firmware reset (jsc#SLE-8371 bsc#1153274).
  • bpfilter: Specify the log level for the kmsg message (bsc#1155518).
  • brcmfmac: properly check for bus register errors (git-fixes).
  • btrfs: open device without device_list_mutex (bsc#1176771).
  • bus: ti-sysc: Fix flakey idling of uarts and stop using swsup_sidle_act (git-fixes).
  • can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
  • ceph: must hold snap_rwsem when filling inode for async create (bsc#1187927).
  • cfg80211: avoid double free of PMSR request (git-fixes).
  • cfg80211: make certificate generation more robust (git-fixes).
  • cgroup1: do not allow '\n' in renaming (bsc#1187972).
  • char: hpet: add checks after calling ioremap (git-fixes).
  • CPU: Startup failed when SNC (sub-numa cluster) is enabled with 3 NIC add-on cards installed (bsc#1187263).
  • cxgb4: avoid accessing registers when clearing filters (git-fixes).
  • cxgb4: avoid link re-train during TC-MQPRIO configuration (jsc#SLE-8389).
  • cxgb4: fix wrong shift (git-fixes).
  • dax: Add a wakeup mode parameter to put_unlocked_entry() (bsc#1187411).
  • dax: Add an enum for specifying dax wakup mode (bsc#1187411).
  • dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
  • dax: Wake up all waiters after invalidating dax entry (bsc#1187411).
  • dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
  • dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (git-fixes).
  • dmaengine: qcom_hidma: comment platform_driver_register call (git-fixes).
  • dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
  • dmaengine: stedma40: add missing iounmap() on error in d40_probe() (git-fixes).
  • drm/amd/amdgpu: fix a potential deadlock in gpu reset (git-fixes).
  • drm/amd/amdgpu: fix refcount leak (git-fixes).
  • drm/amd/display: Allow bandwidth validation for 0 streams (git-fixes).
  • drm/amd/display: Disconnect non-DP with no EDID (git-fixes).
  • drm/amdgpu: Fix a use-after-free (git-fixes).
  • drm/amdgpu: make sure we unpin the UVD BO (git-fixes).
  • drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
  • drm: Fix use-after-free read in drm_getunique() (git-fixes).
  • drm: Lock pointer access in drm_master_release() (git-fixes).
  • dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
  • efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (git-fixes).
  • efi: cper: fix snprintf() use in cper_dimm_err_location() (git-fixes).
  • ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (bsc#1187408).
  • ext4: fix check to prevent false positive report of incorrect used inodes (bsc#1187404).
  • ext4: fix error code in ext4_commit_super (bsc#1187407).
  • ext4: fix memory leak in ext4_fill_super (bsc#1187409).
  • FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
  • fs/nfs: Use fatal_signal_pending instead of signal_pending (git-fixes).
  • fs: fix reporting supported extra file attributes for statx() (bsc#1187410).
  • ftrace: Do not blindly read the ip address in ftrace_bug() (git-fixes).
  • ftrace: Free the trampoline when ftrace_startup() fails (git-fixes).
  • fuse: BUG_ON correction in fuse_dev_splice_write() (bsc#1187356).
  • gpio: cadence: Add missing MODULE_DEVICE_TABLE (git-fixes).
  • gpu: Enable CONFIG_PCI_PF_STUB for Nvidia Ampere vGPU support (jsc#SLE-17882 jsc#ECO-3691)
  • gve: Add NULL pointer checks when freeing irqs (git-fixes).
  • gve: Correct SKB queue index validation (git-fixes).
  • gve: Upgrade memory barrier in poll routine (git-fixes).
  • HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
  • HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
  • HID: hid-input: add mapping for emoji picker key (git-fixes).
  • HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
  • HID: i2c-hid: fix format string mismatch (git-fixes).
  • HID: i2c-hid: Skip ELAN power-on command after reset (git-fixes).
  • HID: magicmouse: fix NULL-deref on disconnect (git-fixes).
  • HID: multitouch: require Finger field to mark Win8 reports as MT (git-fixes).
  • HID: pidff: fix error return code in hid_pidff_init() (git-fixes).
  • HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (git-fixes).
  • HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
  • HID: usbhid: Fix race between usbhid_close() and usbhid_stop() (git-fixes).
  • hwmon: (dell-smm-hwmon) Fix index values (git-fixes).
  • hwmon: (scpi-hwmon) shows the negative temperature properly (git-fixes).
  • i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
  • i2c: qcom-geni: Suspend and resume the bus during SYSTEM_SLEEP_PM ops (git-fixes).
  • ice: add ndo_bpf callback for safe mode netdev ops (jsc#SLE-7926).
  • ice: Allow all LLDP packets from PF to Tx (jsc#SLE-7926).
  • ice: Fix VFR issues for AVF drivers that expect ATQLEN cleared (git-fixes).
  • isdn: mISDN: correctly handle ph_info allocation failure in hfcsusb_ph_info (git-fixes).
  • isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
  • isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (git-fixes).
  • ixgbe: fix large MTU request from VF (git-fixes).
  • kABI workaround for struct lis3lv02d change (git-fixes).
  • kernel-binary.spec.in: Add Supplements: for -extra package on Leap kernel-$flavor-extra should supplement kernel-$flavor on Leap, like it does on SLED, and like the kernel-$flavor-optional package does.
  • kernel-binary.spec.in: build-id check requires elfutils.
  • kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
  • kernel-binary.spec: Only use mkmakefile when it exists Linux 5.13 no longer had a mkmakefile script
  • kernel: kexec_file: fix error return code of kexec_calculate_store_digests() (git-fixes).
  • kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (bsc#1187867).
  • kthread_worker: split code for canceling the delayed work timer (bsc#1187867).
  • kyber: fix out of bounds access when preempted (bsc#1187403).
  • lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
  • libertas: register sysfs groups properly (git-fixes).
  • locking/mutex: clear MUTEX_FLAGS if wait_list is empty due to signal (git-fixes).
  • md: Fix missing unused status line of /proc/mdstat (git-fixes).
  • media: dvb: Add check on sp8870_readreg return (git-fixes).
  • media: dvb: Add check on sp8870_readreg return (git-fixes).
  • media: gspca: mt9m111: Check write_bridge for timeout (git-fixes).
  • media: gspca: mt9m111: Check write_bridge for timeout (git-fixes).
  • media: gspca: properly check for errors in po1030_probe() (git-fixes).
  • media: gspca: properly check for errors in po1030_probe() (git-fixes).
  • media: mtk-mdp: Check return value of of_clk_get (git-fixes).
  • media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
  • media: s5p-g2d: Fix a memory leak in an error handling path in 'g2d_probe()' (git-fixes).
  • mei: request autosuspend after sending rx flow control (git-fixes).
  • mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk (git-fixes).
  • module: limit enabling module.sig_enforce (git-fixes).
  • net/mlx4: Fix EEPROM dump support (git-fixes).
  • net/mlx5: Consider RoCE cap before init RDMA resources (git-fixes).
  • net/mlx5: DR, Create multi-destination flow table with level less than 64 (jsc#SLE-8464).
  • net/mlx5: Fix PBMC register mapping (git-fixes).
  • net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
  • net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa (git-fixes).
  • net/mlx5e: Block offload of outer header csum for UDP tunnels (git-fixes).
  • net/mlx5e: Fix multipath lag activation (git-fixes).
  • net/mlx5e: Fix nullptr in add_vlan_push_action() (git-fixes).
  • net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
  • net/mlx5e: Remove dependency in IPsec initialization flows (git-fixes).
  • net/nfc/rawsock.c: fix a permission check bug (git-fixes).
  • net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
  • net/x25: Return the correct errno code (git-fixes).
  • net: bnx2: Fix error return code in bnx2_init_board() (git-fixes).
  • net: fix iteration for sctp transport seq_files (git-fixes).
  • net: hns3: Limiting the scope of vector_ring_chain variable (git-fixes).
  • net: hns3: put off calling register_netdev() until client initialize complete (bsc#1154353).
  • net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
  • netxen_nic: Fix an error handling path in 'netxen_nic_probe()' (git-fixes).
  • nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (git-fixes).
  • NFC: SUSE specific brutal fix for runtime PM (bsc#1185589).
  • NFS: Deal correctly with attribute generation counter overflow (git-fixes).
  • NFS: Do not corrupt the value of pg_bytes_written in nfs_do_recoalesce() (git-fixes).
  • NFS: Do not discard pNFS layout segments that are marked for return (git-fixes).
  • NFS: Do not gratuitously clear the inode cache when lookup failed (git-fixes).
  • NFS: Do not revalidate the directory permissions on a lookup failure (git-fixes).
  • NFS: Fix a potential NULL dereference in nfs_get_client() (git-fixes).
  • NFS: fix an incorrect limit in filelayout_decode_layout() (git-fixes).
  • NFS: Fix an Oopsable condition in __nfs_pageio_add_request() (git-fixes).
  • NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
  • nfsd: register pernet ops last, unregister first (git-fixes).
  • NFSD: Repair misuse of sv_lock in 5.10.16-rt30 (git-fixes).
  • NFSv4.2 fix handling of sr_eof in SEEK's reply (git-fixes).
  • NFSv4.2: Always flush out writes in nfs42_proc_fallocate() (git-fixes).
  • NFSv4.2: fix return value of _nfs4_get_security_label() (git-fixes).
  • NFSv4: Do not discard segments marked for return in _pnfs_return_layout() (git-fixes).
  • NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (git-fixes).
  • NFSv4: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() (git-fixes).
  • NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (git-fixes).
  • ocfs2: fix data corruption by fallocate (bsc#1187412).
  • PCI/LINK: Remove bandwidth notification (bsc#1183712).
  • PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
  • PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
  • PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
  • PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
  • PCI: Mark TI C667X to avoid bus reset (git-fixes).
  • PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
  • perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (bsc#1184685).
  • pid: take a reference when initializing cad_pid (bsc#1152489).
  • platform/x86: hp-wireless: add AMD's hardware id to the supported list (git-fixes).
  • platform/x86: hp_accel: Avoid invoking _INI to speed up resume (git-fixes).
  • platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (git-fixes).
  • platform/x86: touchscreen_dmi: Add info for the Mediacom Winpad 7.0 W700 tablet (git-fixes).
  • PM: sleep: Add pm_debug_messages kernel command line option (bsc#1186752).
  • pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() (git-fixes).
  • pNFS/NFSv4: Fix a layout segment leak in pnfs_layout_process() (git-fixes).
  • qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470 bsc#1185486).
  • qlcnic: Fix an error handling path in 'qlcnic_probe()' (git-fixes).
  • radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
  • regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting (git-fixes).
  • regulator: core: resolve supply for boot-on/always-on regulators (git-fixes).
  • regulator: max77620: Use device_set_of_node_from_dev() (git-fixes).
  • Revert 'ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()' (git-fixes).
  • Revert 'brcmfmac: add a check for the status of usb_register' (git-fixes).
  • Revert 'char: hpet: fix a missing check of ioremap' (git-fixes).
  • Revert 'char: hpet: fix a missing check of ioremap' (git-fixes).
  • Revert 'dmaengine: qcom_hidma: Check for driver register failure' (git-fixes).
  • Revert 'ecryptfs: replace BUG_ON with error handling code' (bsc#1187413).
  • Revert 'ibmvnic: simplify reset_long_term_buff function' (bsc#1186206 ltc#191041).
  • Revert 'isdn: mISDN: Fix potential NULL pointer dereference of kzalloc' (git-fixes).
  • Revert 'isdn: mISDNinfineon: fix potential NULL pointer dereference' (git-fixes).
  • Revert 'libertas: add checks for the return value of sysfs_create_group' (git-fixes).
  • Revert 'media: dvb: Add check on sp8870_readreg' (git-fixes).
  • Revert 'media: dvb: Add check on sp8870_readreg' (git-fixes).
  • Revert 'media: gspca: Check the return value of write_bridge for timeout' (git-fixes).
  • Revert 'media: gspca: Check the return value of write_bridge for timeout' (git-fixes).
  • Revert 'media: gspca: mt9m111: Check write_bridge for timeout' (git-fixes).
  • Revert 'media: gspca: mt9m111: Check write_bridge for timeout' (git-fixes).
  • Revert 'media: usb: gspca: add a missed check for goto_low_power' (git-fixes).
  • Revert 'net: liquidio: fix a NULL pointer dereference' (git-fixes).
  • Revert 'PCI: PM: Do not read power state in pci_enable_device_flags()' (git-fixes).
  • Revert 'qlcnic: Avoid potential NULL pointer dereference' (git-fixes).
  • Revert 'scsi: core: run queue if SCSI device queue isn't ready and queue is idle' (bsc#1186949).
  • Revert 'serial: max310x: pass return value of spi_register_driver' (git-fixes).
  • Revert 'video: hgafb: fix potential NULL pointer dereference' (git-fixes).
  • Revert 'video: imsttfb: fix potential NULL pointer dereferences' (bsc#1152489)
  • rpm/kernel-binary.spec.in: Correct Supplements in optional subpkg (jsc#SLE-11796)
  • rpm/kernel-binary.spec.in: Fix handling of +arch marker (bsc#1186672)
  • rpm/split-modules: Avoid errors even if Module.* are not present
  • s390/stack: fix possible register corruption with stack switch helper (bsc#1185677).
  • sched/debug: Fix cgroup_path[] serialization (git-fixes)
  • sched/fair: Keep load_avg and load_sum synced (git-fixes)
  • scsi: aacraid: Fix an oops in error handling (bsc#1187072).
  • scsi: aacraid: Remove erroneous fallthrough annotation (bsc#1186950).
  • scsi: aacraid: Use memdup_user() as a cleanup (bsc#1186951).
  • scsi: acornscsi: Fix an error handling path in acornscsi_probe() (bsc#1186952).
  • scsi: be2iscsi: Fix a theoretical leak in beiscsi_create_eqs() (bsc#1186953).
  • scsi: be2iscsi: Revert 'Fix a theoretical leak in beiscsi_create_eqs()' (bsc#1187067).
  • scsi: bfa: Fix error return in bfad_pci_init() (bsc#1186954).
  • scsi: bnx2fc: Fix Kconfig warning and CNIC build errors (bsc#1186955).
  • scsi: bnx2i: Requires MMU (bsc#1186956).
  • scsi: core: Fix race between handling STS_RESOURCE and completion (bsc#1187883).
  • scsi: csiostor: Fix wrong return value in csio_hw_prep_fw() (bsc#1186957).
  • scsi: cumana_2: Fix different dev_id between request_irq() and free_irq() (bsc#1186958).
  • scsi: cxgb3i: Fix some leaks in init_act_open() (bsc#1186959).
  • scsi: cxgb4i: Fix TLS dependency (bsc#1186960).
  • scsi: eesox: Fix different dev_id between request_irq() and free_irq() (bsc#1186961).
  • scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration (bsc#1187886).
  • scsi: fnic: Fix error return code in fnic_probe() (bsc#1186962).
  • scsi: hisi_sas: Fix IRQ checks (bsc#1186963).
  • scsi: hisi_sas: Remove preemptible() (bsc#1186964).
  • scsi: jazz_esp: Add IRQ check (bsc#1186965).
  • scsi: libfc: Fix enum-conversion warning (bsc#1186966).
  • scsi: libsas: Fix error path in sas_notify_lldd_dev_found() (bsc#1186967).
  • scsi: libsas: Reset num_scatter if libata marks qc as NODATA (bsc#1187068).
  • scsi: libsas: Set data_dir as DMA_NONE if libata marks qc as NODATA (bsc#1186968).
  • scsi: lpfc: Fix ancient double free (bsc#1186969).
  • scsi: lpfc: Fix failure to transmit ABTS on FC link (git-fixes).
  • scsi: megaraid_sas: Check user-provided offsets (bsc#1186970).
  • scsi: megaraid_sas: Clear affinity hint (bsc#1186971).
  • scsi: megaraid_sas: Do not call disable_irq from process IRQ poll (bsc#1186972).
  • scsi: megaraid_sas: Fix MEGASAS_IOC_FIRMWARE regression (bsc#1186973).
  • scsi: megaraid_sas: Remove undefined ENABLE_IRQ_POLL macro (bsc#1186974).
  • scsi: mesh: Fix panic after host or bus reset (bsc#1186976).
  • scsi: mpt3sas: Do not use GFP_KERNEL in atomic context (bsc#1186977).
  • scsi: mpt3sas: Fix error return code of mpt3sas_base_attach() (bsc#1186978).
  • scsi: mpt3sas: Fix ioctl timeout (bsc#1186979).
  • scsi: myrs: Fix a double free in myrs_cleanup() (bsc#1186980).
  • scsi: pm80xx: Fix error return in pm8001_pci_probe() (bsc#1186981).
  • scsi: powertec: Fix different dev_id between request_irq() and free_irq() (bsc#1186982).
  • scsi: qedi: Check for buffer overflow in qedi_set_path() (bsc#1186983).
  • scsi: qedi: Fix error return code of qedi_alloc_global_queues() (bsc#1186984).
  • scsi: qedi: Fix missing destroy_workqueue() on error in __qedi_probe (bsc#1186985).
  • scsi: qla2xxx: Prevent PRLI in target mode (git-fixes).
  • scsi: qla4xxx: Fix an error handling path in 'qla4xxx_get_host_stats()' (bsc#1186986).
  • scsi: qla4xxx: Remove in_interrupt() (bsc#1186987).
  • scsi: scsi_debug: Add check for sdebug_max_queue during module init (bsc#1186988).
  • scsi: scsi_dh_alua: Retry RTPG on a different path after failure (bsc#1174978 bsc#1185701).
  • scsi: sd: Fix Opal support (bsc#1186989).
  • scsi: sni_53c710: Add IRQ check (bsc#1186990).
  • scsi: sun3x_esp: Add IRQ check (bsc#1186991).
  • scsi: ufs-qcom: Fix scheduling while atomic issue (bsc#1187002).
  • scsi: ufs: Add quirk to disallow reset of interrupt aggregation (bsc#1186992).
  • scsi: ufs: Add quirk to enable host controller without hce (bsc#1186993).
  • scsi: ufs: Add quirk to fix abnormal ocs fatal error (bsc#1186994).
  • scsi: ufs: Add quirk to fix mishandling utrlclr/utmrlclr (bsc#1186995).
  • scsi: ufs: core: Narrow down fast path in system suspend path (bsc#1186996).
  • scsi: ufs: Do not update urgent bkops level when toggling auto bkops (bsc#1186997).
  • scsi: ufs: Fix imprecise load calculation in devfreq window (bsc#1187795).
  • SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
  • scsi: ufs: Fix race between shutdown and runtime resume flow (bsc#1186998).
  • scsi: ufs: Introduce UFSHCD_QUIRK_PRDT_BYTE_GRAN quirk (bsc#1187000).
  • scsi: ufs: Make ufshcd_print_trs() consider UFSHCD_QUIRK_PRDT_BYTE_GRAN (bsc#1187069).
  • scsi: ufs: Properly release resources if a task is aborted successfully (bsc#1187001).
  • scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
  • scsi: ufs: ufshcd-pltfrm: Fix deferred probing (bsc#1187003).
  • scsi: ufshcd: use an enum for quirks (bsc#1186999).
  • serial: max310x: unregister uart driver in case of failure and abort (git-fixes).
  • serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' (git-fixes).
  • spi: spi-nxp-fspi: move the register operation after the clock enable (git-fixes).
  • spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
  • spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() (git-fixes).
  • staging: rtl8723bs: Fix uninitialized variables (git-fixes).
  • sunrpc: fix refcount leak for rpc auth modules (git-fixes).
  • SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
  • SUNRPC: Move fault injection call sites (git-fixes).
  • SUNRPC: Set memalloc_nofs_save() for sync tasks (git-fixes).
  • svcrdma: disable timeouts on rdma backchannel (git-fixes).
  • thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID (git-fixes).
  • tpm: fix error return code in tpm2_get_cc_attrs_tbl() (git-fixes).
  • tracing: Correct the length check which causes memory corruption (git-fixes).
  • tracing: Do no increment trace_clock_global() by one (git-fixes).
  • tracing: Do not stop recording cmdlines when tracing is off (git-fixes).
  • tracing: Do not stop recording comms if the trace file is being read (git-fixes).
  • tracing: Restructure trace_clock_global() to never block (git-fixes).
  • ttyprintk: Add TTY hangup callback (git-fixes).
  • usb: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
  • usb: core: reduce power-on-good delay time of root hub (git-fixes).
  • usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
  • usb: dwc3: core: fix kernel panic when do reboot (git-fixes).
  • usb: dwc3: debugfs: Add and remove endpoint dirs dynamically (git-fixes).
  • usb: dwc3: ep0: fix NULL pointer exception (git-fixes).
  • USB: f_ncm: ncm_bitrate (speed) is unsigned (git-fixes).
  • usb: f_ncm: only first packet of aggregate needs to start timer (git-fixes).
  • usb: f_ncm: only first packet of aggregate needs to start timer (git-fixes).
  • usb: fix various gadget panics on 10gbps cabling (git-fixes).
  • usb: fix various gadget panics on 10gbps cabling (git-fixes).
  • usb: fix various gadgets null ptr deref on 10gbps cabling (git-fixes).
  • usb: gadget: eem: fix wrong eem header operation (git-fixes).
  • usb: gadget: eem: fix wrong eem header operation (git-fixes).
  • usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (git-fixes).
  • usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (git-fixes).
  • usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
  • usb: pd: Set PD_T_SINK_WAIT_CAP to 310ms (git-fixes).
  • USB: serial: cp210x: fix alternate function for CP2102N QFN20 (git-fixes).
  • USB: serial: ftdi_sio: add IDs for IDS GmbH Products (git-fixes).
  • USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
  • USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
  • USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
  • USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
  • USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (git-fixes).
  • USB: serial: pl2303: add device id for ADLINK ND-6530 GC (git-fixes).
  • USB: serial: quatech2: fix control-request directions (git-fixes).
  • USB: serial: ti_usb_3410_5052: add startech.com device id (git-fixes).
  • usb: typec: mux: Fix copy-paste mistake in typec_mux_match (git-fixes).
  • usb: typec: mux: Fix matching with typec_altmode_desc (git-fixes).
  • usb: typec: tcpm: Use LE to CPU conversion when accessing msg->header (git-fixes).
  • usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (git-fixes).
  • usb: typec: wcove: Use LE to CPU conversion when accessing msg->header (git-fixes).
  • USB: usbfs: Do not WARN about excessively large memory allocations (git-fixes).
  • vfio/pci: Fix error return code in vfio_ecap_init() (git-fixes).
  • vfio/pci: zap_vma_ptes() needs MMU (git-fixes).
  • vfio/platform: fix module_put call in error flow (git-fixes).
  • video: hgafb: correctly handle card detect failure during probe (git-fixes).
  • video: hgafb: fix potential NULL pointer dereference (git-fixes).
  • vmlinux.lds.h: Avoid orphan section with !SMP (git-fixes).
  • vrf: fix maximum MTU (git-fixes).
  • vsock/vmci: log once the failed queue pair allocation (git-fixes).
  • wireguard: allowedips: initialize list head in selftest (git-fixes).
  • wireguard: do not use -O3 (git-fixes).
  • wireguard: peer: allocate in kmem_cache (git-fixes).
  • wireguard: peer: put frequently used members above cache lines (git-fixes).
  • wireguard: queueing: get rid of per-peer ring buffers (git-fixes).
  • wireguard: selftests: make sure rp_filter is disabled on vethc (git-fixes).
  • wireguard: selftests: remove old conntrack kconfig value (git-fixes).
  • wireguard: use synchronize_net rather than synchronize_rcu (git-fixes).
  • x86/apic: Mark all legacy interrupts when IO/APIC is missing (bsc#1152489).
  • x86/fault: Do not send SIGSEGV twice on SEGV_PKUERR (bsc#1152489).
  • x86/pkru: Write hardware init value to PKRU when xstate is init (bsc#1152489).
  • x86/process: Check PF_KTHREAD and not current->mm for kernel threads (bsc#1152489).
  • x86: fix seq_file iteration for pat.c (git-fixes).
  • xen-blkback: fix compatibility bug with single page rings (git-fixes).
  • xen-pciback: reconfigure also from backend watch handler (git-fixes).
  • xen-pciback: redo VF placement in the virtual topology (git-fixes).
  • xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
  • xfrm: policy: Read seqcount outside of rcu-read side in xfrm_policy_lookup_bytype (bsc#1185675).
  • xprtrdma: Avoid Receive Queue wrapping (git-fixes).
  • xprtrdma: rpcrdma_mr_pop() already does list_del_init() (git-fixes).
Package Affected Version
pkg:rpm/suse/kernel-default?arch=x86_64&distro=slem-5 < 5.3.18-24.70.1
pkg:rpm/suse/kernel-default?arch=aarch64&distro=slem-5 < 5.3.18-24.70.1
pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=slem-5 < 5.3.18-24.70.1.9.32.1
pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=slem-5 < 5.3.18-24.70.1.9.32.1
ID
SUSE-SU-2021:2325-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2021/suse-su-20212325-1/
Published
2021-07-14T15:07:41
(3 years ago)
Modified
2021-07-14T15:07:41
(3 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Source # ID Name URL
Suse SUSE ratings https://www.suse.com/support/security/rating/
Suse URL of this CSAF notice https://ftp.suse.com/pub/projects/security/csaf/suse-su-2021_2325-1.json
Suse URL for SUSE-SU-2021:2325-1 https://www.suse.com/support/update/announcement/2021/suse-su-20212325-1/
Suse E-Mail link for SUSE-SU-2021:2325-1 https://lists.suse.com/pipermail/sle-security-updates/2021-July/009131.html
Bugzilla SUSE Bug 1152489 https://bugzilla.suse.com/1152489
Bugzilla SUSE Bug 1153274 https://bugzilla.suse.com/1153274
Bugzilla SUSE Bug 1154353 https://bugzilla.suse.com/1154353
Bugzilla SUSE Bug 1155518 https://bugzilla.suse.com/1155518
Bugzilla SUSE Bug 1164648 https://bugzilla.suse.com/1164648
Bugzilla SUSE Bug 1174978 https://bugzilla.suse.com/1174978
Bugzilla SUSE Bug 1176771 https://bugzilla.suse.com/1176771
Bugzilla SUSE Bug 1179610 https://bugzilla.suse.com/1179610
Bugzilla SUSE Bug 1182470 https://bugzilla.suse.com/1182470
Bugzilla SUSE Bug 1183712 https://bugzilla.suse.com/1183712
Bugzilla SUSE Bug 1184212 https://bugzilla.suse.com/1184212
Bugzilla SUSE Bug 1184685 https://bugzilla.suse.com/1184685
Bugzilla SUSE Bug 1185195 https://bugzilla.suse.com/1185195
Bugzilla SUSE Bug 1185486 https://bugzilla.suse.com/1185486
Bugzilla SUSE Bug 1185589 https://bugzilla.suse.com/1185589
Bugzilla SUSE Bug 1185675 https://bugzilla.suse.com/1185675
Bugzilla SUSE Bug 1185677 https://bugzilla.suse.com/1185677
Bugzilla SUSE Bug 1185701 https://bugzilla.suse.com/1185701
Bugzilla SUSE Bug 1186206 https://bugzilla.suse.com/1186206
Bugzilla SUSE Bug 1186463 https://bugzilla.suse.com/1186463
Bugzilla SUSE Bug 1186666 https://bugzilla.suse.com/1186666
Bugzilla SUSE Bug 1186672 https://bugzilla.suse.com/1186672
Bugzilla SUSE Bug 1186752 https://bugzilla.suse.com/1186752
Bugzilla SUSE Bug 1186949 https://bugzilla.suse.com/1186949
Bugzilla SUSE Bug 1186950 https://bugzilla.suse.com/1186950
Bugzilla SUSE Bug 1186951 https://bugzilla.suse.com/1186951
Bugzilla SUSE Bug 1186952 https://bugzilla.suse.com/1186952
Bugzilla SUSE Bug 1186953 https://bugzilla.suse.com/1186953
Bugzilla SUSE Bug 1186954 https://bugzilla.suse.com/1186954
Bugzilla SUSE Bug 1186955 https://bugzilla.suse.com/1186955
Bugzilla SUSE Bug 1186956 https://bugzilla.suse.com/1186956
Bugzilla SUSE Bug 1186957 https://bugzilla.suse.com/1186957
Bugzilla SUSE Bug 1186958 https://bugzilla.suse.com/1186958
Bugzilla SUSE Bug 1186959 https://bugzilla.suse.com/1186959
Bugzilla SUSE Bug 1186960 https://bugzilla.suse.com/1186960
Bugzilla SUSE Bug 1186961 https://bugzilla.suse.com/1186961
Bugzilla SUSE Bug 1186962 https://bugzilla.suse.com/1186962
Bugzilla SUSE Bug 1186963 https://bugzilla.suse.com/1186963
Bugzilla SUSE Bug 1186964 https://bugzilla.suse.com/1186964
Bugzilla SUSE Bug 1186965 https://bugzilla.suse.com/1186965
Bugzilla SUSE Bug 1186966 https://bugzilla.suse.com/1186966
Bugzilla SUSE Bug 1186967 https://bugzilla.suse.com/1186967
Bugzilla SUSE Bug 1186968 https://bugzilla.suse.com/1186968
Bugzilla SUSE Bug 1186969 https://bugzilla.suse.com/1186969
Bugzilla SUSE Bug 1186970 https://bugzilla.suse.com/1186970
Bugzilla SUSE Bug 1186971 https://bugzilla.suse.com/1186971
Bugzilla SUSE Bug 1186972 https://bugzilla.suse.com/1186972
Bugzilla SUSE Bug 1186973 https://bugzilla.suse.com/1186973
Bugzilla SUSE Bug 1186974 https://bugzilla.suse.com/1186974
Bugzilla SUSE Bug 1186976 https://bugzilla.suse.com/1186976
Bugzilla SUSE Bug 1186977 https://bugzilla.suse.com/1186977
Bugzilla SUSE Bug 1186978 https://bugzilla.suse.com/1186978
Bugzilla SUSE Bug 1186979 https://bugzilla.suse.com/1186979
Bugzilla SUSE Bug 1186980 https://bugzilla.suse.com/1186980
Bugzilla SUSE Bug 1186981 https://bugzilla.suse.com/1186981
Bugzilla SUSE Bug 1186982 https://bugzilla.suse.com/1186982
Bugzilla SUSE Bug 1186983 https://bugzilla.suse.com/1186983
Bugzilla SUSE Bug 1186984 https://bugzilla.suse.com/1186984
Bugzilla SUSE Bug 1186985 https://bugzilla.suse.com/1186985
Bugzilla SUSE Bug 1186986 https://bugzilla.suse.com/1186986
Bugzilla SUSE Bug 1186987 https://bugzilla.suse.com/1186987
Bugzilla SUSE Bug 1186988 https://bugzilla.suse.com/1186988
Bugzilla SUSE Bug 1186989 https://bugzilla.suse.com/1186989
Bugzilla SUSE Bug 1186990 https://bugzilla.suse.com/1186990
Bugzilla SUSE Bug 1186991 https://bugzilla.suse.com/1186991
Bugzilla SUSE Bug 1186992 https://bugzilla.suse.com/1186992
Bugzilla SUSE Bug 1186993 https://bugzilla.suse.com/1186993
Bugzilla SUSE Bug 1186994 https://bugzilla.suse.com/1186994
Bugzilla SUSE Bug 1186995 https://bugzilla.suse.com/1186995
Bugzilla SUSE Bug 1186996 https://bugzilla.suse.com/1186996
Bugzilla SUSE Bug 1186997 https://bugzilla.suse.com/1186997
Bugzilla SUSE Bug 1186998 https://bugzilla.suse.com/1186998
Bugzilla SUSE Bug 1186999 https://bugzilla.suse.com/1186999
Bugzilla SUSE Bug 1187000 https://bugzilla.suse.com/1187000
Bugzilla SUSE Bug 1187001 https://bugzilla.suse.com/1187001
Bugzilla SUSE Bug 1187002 https://bugzilla.suse.com/1187002
Bugzilla SUSE Bug 1187003 https://bugzilla.suse.com/1187003
Bugzilla SUSE Bug 1187038 https://bugzilla.suse.com/1187038
Bugzilla SUSE Bug 1187050 https://bugzilla.suse.com/1187050
Bugzilla SUSE Bug 1187067 https://bugzilla.suse.com/1187067
Bugzilla SUSE Bug 1187068 https://bugzilla.suse.com/1187068
Bugzilla SUSE Bug 1187069 https://bugzilla.suse.com/1187069
Bugzilla SUSE Bug 1187072 https://bugzilla.suse.com/1187072
Bugzilla SUSE Bug 1187143 https://bugzilla.suse.com/1187143
Bugzilla SUSE Bug 1187144 https://bugzilla.suse.com/1187144
Bugzilla SUSE Bug 1187171 https://bugzilla.suse.com/1187171
Bugzilla SUSE Bug 1187263 https://bugzilla.suse.com/1187263
Bugzilla SUSE Bug 1187356 https://bugzilla.suse.com/1187356
Bugzilla SUSE Bug 1187402 https://bugzilla.suse.com/1187402
Bugzilla SUSE Bug 1187403 https://bugzilla.suse.com/1187403
Bugzilla SUSE Bug 1187404 https://bugzilla.suse.com/1187404
Bugzilla SUSE Bug 1187407 https://bugzilla.suse.com/1187407
Bugzilla SUSE Bug 1187408 https://bugzilla.suse.com/1187408
Bugzilla SUSE Bug 1187409 https://bugzilla.suse.com/1187409
Bugzilla SUSE Bug 1187410 https://bugzilla.suse.com/1187410
Bugzilla SUSE Bug 1187411 https://bugzilla.suse.com/1187411
Bugzilla SUSE Bug 1187412 https://bugzilla.suse.com/1187412
Bugzilla SUSE Bug 1187413 https://bugzilla.suse.com/1187413
Bugzilla SUSE Bug 1187452 https://bugzilla.suse.com/1187452
Bugzilla SUSE Bug 1187554 https://bugzilla.suse.com/1187554
Bugzilla SUSE Bug 1187595 https://bugzilla.suse.com/1187595
Bugzilla SUSE Bug 1187601 https://bugzilla.suse.com/1187601
Bugzilla SUSE Bug 1187795 https://bugzilla.suse.com/1187795
Bugzilla SUSE Bug 1187867 https://bugzilla.suse.com/1187867
Bugzilla SUSE Bug 1187883 https://bugzilla.suse.com/1187883
Bugzilla SUSE Bug 1187886 https://bugzilla.suse.com/1187886
Bugzilla SUSE Bug 1187927 https://bugzilla.suse.com/1187927
Bugzilla SUSE Bug 1187972 https://bugzilla.suse.com/1187972
Bugzilla SUSE Bug 1187980 https://bugzilla.suse.com/1187980
CVE SUSE CVE CVE-2020-26558 page https://www.suse.com/security/cve/CVE-2020-26558/
CVE SUSE CVE CVE-2020-36385 page https://www.suse.com/security/cve/CVE-2020-36385/
CVE SUSE CVE CVE-2020-36386 page https://www.suse.com/security/cve/CVE-2020-36386/
CVE SUSE CVE CVE-2021-0129 page https://www.suse.com/security/cve/CVE-2021-0129/
CVE SUSE CVE CVE-2021-0512 page https://www.suse.com/security/cve/CVE-2021-0512/
CVE SUSE CVE CVE-2021-0605 page https://www.suse.com/security/cve/CVE-2021-0605/
CVE SUSE CVE CVE-2021-33624 page https://www.suse.com/security/cve/CVE-2021-33624/
CVE SUSE CVE CVE-2021-34693 page https://www.suse.com/security/cve/CVE-2021-34693/
CVE SUSE CVE CVE-2021-3573 page https://www.suse.com/security/cve/CVE-2021-3573/
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/kernel-default?arch=x86_64&distro=slem-5 suse kernel-default < 5.3.18-24.70.1 slem-5 x86_64
Affected pkg:rpm/suse/kernel-default?arch=aarch64&distro=slem-5 suse kernel-default < 5.3.18-24.70.1 slem-5 aarch64
Affected pkg:rpm/suse/kernel-default-base?arch=x86_64&distro=slem-5 suse kernel-default-base < 5.3.18-24.70.1.9.32.1 slem-5 x86_64
Affected pkg:rpm/suse/kernel-default-base?arch=aarch64&distro=slem-5 suse kernel-default-base < 5.3.18-24.70.1.9.32.1 slem-5 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date