AusCERT - Security Bulletins

Subscribe to AusCERT - Security Bulletins hírcsatorna
Latest published security bulletins. See https://www.auscert.org.au/rss/ for feed information.
Frissítve: 8 perc 49 másodperc
1 óra 26 perc

ESB-2021.3232 - [Win][UNIX/Linux] IBM Java: Access confidential data - Remote with user interaction

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3232 Security Bulletin: CVE-2021-2341 may affect IBM SDK, Java Technology Edition 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Java Publisher: IBM Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Confidential Data -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-2341 Reference: ASB-2021.0144 ESB-2021.3058 ESB-2021.3040 ESB-2021.2943.2 Original Bulletin: https://www.ibm.com/support/pages/node/6488425 - --------------------------BEGIN INCLUDED TEXT-------------------- CVE-2021-2341 may affect IBM SDK, Java Technology Edition Document Information Document number : 6488425 Modified date : 24 September 2021 Product : IBM Java Software version : All versions Operating system(s): Platform Independent Summary CVE-2021-2341 was disclosed as part of the Oracle July 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An unspecified vulnerability in Java SE related to the Networking component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. CVSS Base score: 3.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 205768 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N) Affected Products and Versions 7.0.0.0 - 7.0.10.90 7.1.0.0 - 7.1.4.90 8.0.0.0 - 8.0.6.30 11.0.9.0 - 11.0.11.0 Remediation/Fixes 8.0.6.35 IBM Semeru 11.0.12.0 Note: IBM SDK, Java Technology Edition version 11 is now IBM Semeru 11 Certified Edition. Future vulnerability fixes for IBM Semeru Certified Edition will be described in security bulletins for IBM Semeru. IBM SDK, Java Technology Edition releases can be downloaded, subject to the terms of the developerWorks license, from the Java Developer Center . IBM Semeru releases can be downloaded from the IBM Semeru Developer Center . IBM customers requiring an update for an SDK shipped with an IBM product should contact IBM support , and/or refer to the appropriate product security bulletin. Workarounds and Mitigations None Oracle July 2021 Java SE Critical Patch Update Advisory IBM SDK, Java Technology Edition Security Vulnerabilities Acknowledgement Change History 13 Sep 2021: Initial Publication 24 Sep 2021: Corrected fixed release information for Java 8 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJ2X+NLKJtyKPYoAQh/Lg/+MsQXQwNoB9srK/29OwueUWcUnW5NEhfH 4gyr/pfh4aK2TNHtVsJ3NH3BO9bj6i5XD/2UYq9aekOGFWpJQL5xvmdAF8tHVvkw i/asG8wS1uLLS++cI63p6Q0RrYmmzG5coJv0cvnuiiFvQN1MSq5aq/IbU+oVpcpw AukMUJK0zvRTeXEMZYwBQx4kTW4nvrReBqjjlCzUrLcpOfad7gNGWhdBZ1duCEbE pVVIxyap8+90F0soKV8e8qQ1+KisWKVX082XJ+MwkLOkU1BsyY8dUCZSa3knWrGp mMdKzlkIlpH9XgOaV5YdIsSoXVL2HkiGV1K8AGIlSEgQ+6cZQn+ZvZGTWSJSt8YT sEZQeycyCnJkjNVS9I7r1+Rwe0/igJdadXpa9n0KumCqZO8ZoAkhwh/iV/uKvTNQ LqnyCNRQLv71YoO8m00dQU3puCe0ZzNVn5kMLDb8Zocgwvt1P4uX+DR24ER55JWR 09L9Ra7OGWVpey/Lq5KLkIovyUFs5VA7rrOioxNZ+HSYScXb7XhAU1LVA4R8XxC8 CBfJ3GknbF8weD+jWalRl6Fz6gx0fcZ93ELmDnqBCiAKghABEcx3tQ1VOI1Py2Y1 41OtY6BDkeZwPVzb458tRHQH8m6ZmQjt6ydtK2QErS3EYvb9+JdIIqv9vtdbHI+y Z/4SVRyPce0= =VcGG -----END PGP SIGNATURE-----
1 óra 26 perc

ESB-2021.3231 - [RedHat] nodejs:14: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3231 nodejs:14 security and bug fix update 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nodejs:14 Publisher: Red Hat Operating System: Red Hat Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Overwrite Arbitrary Files -- Remote with User Interaction Create Arbitrary Files -- Remote with User Interaction Denial of Service -- Remote/Unauthenticated Cross-site Scripting -- Remote with User Interaction Provide Misleading Information -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-32804 CVE-2021-32803 CVE-2021-23343 CVE-2021-22940 CVE-2021-22939 CVE-2021-22931 CVE-2021-22930 CVE-2021-3672 Reference: ESB-2021.3219 ESB-2021.3196 ESB-2021.3190 ESB-2021.3169 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:3666 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: nodejs:14 security and bug fix update Advisory ID: RHSA-2021:3666-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:3666 Issue date: 2021-09-27 CVE Names: CVE-2021-3672 CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-23343 CVE-2021-32803 CVE-2021-32804 ===================================================================== 1. Summary: An update for the nodejs:14 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fix(es): * nodejs: Use-after-free on close http2 on stream canceling (CVE-2021-22930) * nodejs: Use-after-free on close http2 on stream canceling (CVE-2021-22940) * c-ares: Missing input validation of host names may lead to domain hijacking (CVE-2021-3672) * nodejs: Improper handling of untypical characters in domain names (CVE-2021-22931) * nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite (CVE-2021-32803) * nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite (CVE-2021-32804) * nodejs: Incomplete validation of tls rejectUnauthorized parameter (CVE-2021-22939) * nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * nodejs:14/nodejs: Make FIPS options always available (BZ#1993924) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1956818 - CVE-2021-23343 nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe 1988342 - CVE-2021-3672 c-ares: Missing input validation of host names may lead to domain hijacking 1988394 - CVE-2021-22930 nodejs: Use-after-free on close http2 on stream canceling 1990409 - CVE-2021-32804 nodejs-tar: Insufficient absolute path sanitization allowing arbitrary file creation and overwrite 1990415 - CVE-2021-32803 nodejs-tar: Insufficient symlink protection allowing arbitrary file creation and overwrite 1993019 - CVE-2021-22931 nodejs: Improper handling of untypical characters in domain names 1993029 - CVE-2021-22940 nodejs: Use-after-free on close http2 on stream canceling 1993039 - CVE-2021-22939 nodejs: Incomplete validation of tls rejectUnauthorized parameter 1993924 - nodejs:14/nodejs: Make FIPS options always available [rhel-8.4.0.z] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: nodejs-14.17.5-1.module+el8.4.0+12247+e2879e58.src.rpm nodejs-nodemon-2.0.3-1.module+el8.3.0+6519+9f98ed83.src.rpm nodejs-packaging-23-3.module+el8.3.0+6519+9f98ed83.src.rpm aarch64: nodejs-14.17.5-1.module+el8.4.0+12247+e2879e58.aarch64.rpm nodejs-debuginfo-14.17.5-1.module+el8.4.0+12247+e2879e58.aarch64.rpm nodejs-debugsource-14.17.5-1.module+el8.4.0+12247+e2879e58.aarch64.rpm nodejs-devel-14.17.5-1.module+el8.4.0+12247+e2879e58.aarch64.rpm nodejs-full-i18n-14.17.5-1.module+el8.4.0+12247+e2879e58.aarch64.rpm npm-6.14.14-1.14.17.5.1.module+el8.4.0+12247+e2879e58.aarch64.rpm noarch: nodejs-docs-14.17.5-1.module+el8.4.0+12247+e2879e58.noarch.rpm nodejs-nodemon-2.0.3-1.module+el8.3.0+6519+9f98ed83.noarch.rpm nodejs-packaging-23-3.module+el8.3.0+6519+9f98ed83.noarch.rpm ppc64le: nodejs-14.17.5-1.module+el8.4.0+12247+e2879e58.ppc64le.rpm nodejs-debuginfo-14.17.5-1.module+el8.4.0+12247+e2879e58.ppc64le.rpm nodejs-debugsource-14.17.5-1.module+el8.4.0+12247+e2879e58.ppc64le.rpm nodejs-devel-14.17.5-1.module+el8.4.0+12247+e2879e58.ppc64le.rpm nodejs-full-i18n-14.17.5-1.module+el8.4.0+12247+e2879e58.ppc64le.rpm npm-6.14.14-1.14.17.5.1.module+el8.4.0+12247+e2879e58.ppc64le.rpm s390x: nodejs-14.17.5-1.module+el8.4.0+12247+e2879e58.s390x.rpm nodejs-debuginfo-14.17.5-1.module+el8.4.0+12247+e2879e58.s390x.rpm nodejs-debugsource-14.17.5-1.module+el8.4.0+12247+e2879e58.s390x.rpm nodejs-devel-14.17.5-1.module+el8.4.0+12247+e2879e58.s390x.rpm nodejs-full-i18n-14.17.5-1.module+el8.4.0+12247+e2879e58.s390x.rpm npm-6.14.14-1.14.17.5.1.module+el8.4.0+12247+e2879e58.s390x.rpm x86_64: nodejs-14.17.5-1.module+el8.4.0+12247+e2879e58.x86_64.rpm nodejs-debuginfo-14.17.5-1.module+el8.4.0+12247+e2879e58.x86_64.rpm nodejs-debugsource-14.17.5-1.module+el8.4.0+12247+e2879e58.x86_64.rpm nodejs-devel-14.17.5-1.module+el8.4.0+12247+e2879e58.x86_64.rpm nodejs-full-i18n-14.17.5-1.module+el8.4.0+12247+e2879e58.x86_64.rpm npm-6.14.14-1.14.17.5.1.module+el8.4.0+12247+e2879e58.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-3672 https://access.redhat.com/security/cve/CVE-2021-22930 https://access.redhat.com/security/cve/CVE-2021-22931 https://access.redhat.com/security/cve/CVE-2021-22939 https://access.redhat.com/security/cve/CVE-2021-22940 https://access.redhat.com/security/cve/CVE-2021-23343 https://access.redhat.com/security/cve/CVE-2021-32803 https://access.redhat.com/security/cve/CVE-2021-32804 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYVFy+9zjgjWX9erEAQgFkQ/9HCFyU5cUE2BB2qx20q68T+4mRWeiscnQ E4dVeq3OMsslSFUGE6leMJImEGHTsMhjItkVGA/uGHhifvcEae7BXcYiW8E1krOu xD4vidGyoLC9lYLxgwv3a5sOFKAwCLmuGdlSqCXGENeADck9bKqEx89VnsQsnHk2 1emhlNK/KCDjbInEqdHl5acv3iES4fhoRMaO7vPvg3K8IHX1H+0bLwF+3PMmEJ0+ hnTCdjQrBARu8TEApyLgtv3p9ziUIwlQuxwhcuyXPFZ3R3w8M8d5toJByAIYZZnC Cm65cYV3l3PzH7X6KmhnwsxDvC4Rof6cQKf6otXB7D3xSmkmvM6RoQvG1MqtMNeQ T4XpnZt1s1i5KSvIWap+6k7IsWRp7VNt4K2KjD9Aya4ETmThc3EqbWKOWMrCgt93 jjB9ArAVacxpRZGQ3ByxZqrCV7kCwa9lVOAYy7wgClvUE049we2pGUfcC4rSyXlx 6WS+hFFVGOzHigOK2Cw2dUNzn+iMuKZZrcUdoP7BbaT8gQP1nbZV9TIKbXCj2339 6QK7RDNAwPgTquFjRiGJyRCQ3VzJb/UQ+ekoQylXLZYKjuCLKGhkTSwNV2LBRdZ+ oReIoAN8VYv74PgXnYmIFSN8cXqdREWDO97/I2x0tiZRh8W1jeH7KiacL1OwdtyI /ftA0gwVgWs= =1Kqk - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJ05ONLKJtyKPYoAQg1Kw/+OUokp6xKaWiqr4ZRXQNMGm9pfw4pEp8p gl1Uvyg9F97YflZMAfleHnSnCuLqjuWC8k5AQXmegZGgAmb7YPMf+HplH6mZkB3U +oiQUt1BigX7q4E2zffqRecU70dWS0ewIbciHPBiPwqne01/6qFiaRlXHi9ur6NG sAI6e3BG1ipEbB8fVZaBxzS/+vpleDvydto1//Q6/kRSLENbnPrjzwfh9DSe8PSa xHVviPPw4bQk64FATkq+kTVVebDte8UXu/siRQiOxMvFONxwXTlfTdd0rpC/QpnM PmumhdTo82h5mnSWGXLfyM0o6gmcK75y102TMlLcRc62wj2qhb1r2Fc93eGPIczK c3olq67KfSFQ7pxRgIddt5K2AKn3z3Fcluo9FMMFKznKMiP/QP8pAmwJtdEZ58yK Zoa6KUaUf2lbA4btvclrTPQImVdMoy1X2rJpcmTe5aUt4NsyfMBJCFdBHLYMXpG9 II1wUjB2uK2kSnfL57bOligls+52tUIpNDIBofB9IB+avPtMI4yukj9fex2YFAki Hr/BsP2IKTO8JNQxm4MiZsrhcpTjyHdGmaZUUd0oU16G2bbTLD3QUC17Ffbb5kZV mFM4rLraIHQPqVgLGIJA4ioKafZNZg56Na2E4yWfHUgq4GXsdQUHYO+lE+PbQpZO F8N5vILGKu8= =4lsb -----END PGP SIGNATURE-----
1 óra 26 perc

ESB-2021.3230 - [Win][UNIX/Linux][Debian] libxml-security-java: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3230 libxml-security-java security update 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libxml-security-java Publisher: Debian Operating System: Debian GNU/Linux UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Confidential Data -- Unknown/Unspecified Resolution: Patch/Upgrade CVE Names: CVE-2021-40690 Original Bulletin: https://www.debian.org/lts/security/2021/dla-2767 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running libxml-security-java check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2767-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Markus Koschany September 27, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libxml-security-java Version : 1.5.8-2+deb9u1 CVE ID : CVE-2021-40690 Debian Bug : 994569 Apache Santuario, XML Security for Java, is vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacker to abuse an XPath Transform to extract any local .xml files in a RetrievalMethod element. For Debian 9 stretch, this problem has been fixed in version 1.5.8-2+deb9u1. We recommend that you upgrade your libxml-security-java packages. For the detailed security status of libxml-security-java please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libxml-security-java Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQKTBAABCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmFRutpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeTCag/+JM651OzmsUJSw6O15T8JatQI/WNY3jQzcSxj7oam9Vd3ZU11KaalGuL8 Pb57nFar4c3ZEUU4KRCHETRuKztWHORcRwO0Dd24zEhqHHyIIQNPJV3J62ZOosMf ru0OB8bozifqbfJQiGFw0apKEJXXuf8jxCzMQkeI7TO/SPrtX3k50iIu2HyR8blF 5a99rseINNC/uvJs4nX++uqeX0RmZvqHcmqQAmpx/DYNUGHPB0DEyIe20ICDxTU0 tRt00NsjwkqfzK7Kto3+fF32Bxj+ZruzSoXC8FWFwB6iYReV965c+JVUph1RMcLX 1ilLwTY28wvXlPAzRBG0Cw2LPrbBDprksJwmCbNbi4VCEhH2pcdoD4EB3+PcQB8G EniQyZZfJz18Pq+pM196CkwsNI91JaOoq1+3GrtRNHf4HjVreF6QiX7IhYeIqzG1 imed6OgkmLLxJcDbsul3i2RPvY7SUNxu0f+C+gsnmHAchXZA4zcZVNpW+HJNr/x/ 1MkP05P38vvF6lmubK6aD66XWtmUy7AonCVxakVV6ZTLbieTiqJzMJPNzMc19oEN 4ytU5jbX5Gg/E5TfxPKLoEdKjvoBan0k9ltcAFkCJ8S29QDfTLIzv+oqikKWH4OO GmZLMNW3XpviTJNnEtvkb0rotdkwwhXfDE8Kq9KMlBciOXOYaiI= =usml - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJ0ueNLKJtyKPYoAQgBQQ//aISktBvDX0ebsutcSZhOnNSVxd1Q2deO HoDT3bAmy911BS8JD1z4JLTaxHWg4wM0ZAk9fVRRXvZk1oMvkh35WqZQ3kUXnYL/ WuZLIuaz4qzh2Uv0CcQ+HCBa1qBtVVeWqVPvJ1RN+lctvWvyWhcS8rNe8owBxKQo I3mhFUw6JQj+E0hbRXfUynqw5pw2gUqUyW7v+8h96/j/WziSR3rSfJO5l0Yrfr+F 7FIA01U3cB9v8xdP53XjbQV2YttV134zKp5QvdOyBp/SJVVFXQscFdqiXOgpGVmO DFykoL1JxYAqX50EAsldQWteWSbgVk47GsBW6AqWAPbkz1wOhhGpBSHzIAbT+Ntm YgJyrKRDPr1zg6QgQL4mGODqb465kK4BPLjcyRXRbsFRca3C8r9zNX/VxlBULTJ5 m31fn8IdRZpiFIMV1PSK0dq339Vy5nkgW3q4IyDcGAd99cU0bv81qsVvde5ZgF93 zzAzS+h+dfwQPeT0CYYzLaEOqxIZZGG5wZxs8mYgC1K3oYatw94NNulWP/d8aFf6 FWvIofJ0xlnWY7vGV3S3QsQc+MVSYx/rg2J2s+DRzFlTEqsAVJvSEEY9Aj/vbBWh EyR67Z3lGn0+eviKFQjhd4hC1W4hLIJBu0fItkQT1s+idWT2N53UNhB4IuZXaGDs ltkvxiAW5qU= =zN+U -----END PGP SIGNATURE-----
1 óra 26 perc

ESB-2021.3229 - [Ubuntu] Apache HTTP Server: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3229 USN-5090-1 and USN-5090-2: Apache HTTP Server vulnerabilities 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apache HTTP Server Publisher: Ubuntu Operating System: Ubuntu Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-40438 CVE-2021-39275 CVE-2021-36160 CVE-2021-34798 CVE-2021-33193 Reference: ESB-2021.3148 ESB-2021.2985 ESB-2021.2978 Original Bulletin: https://ubuntu.com/security/notices/USN-5090-1 https://ubuntu.com/security/notices/USN-5090-2 Comment: This bulletin contains two (2) Ubuntu security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- USN-5090-1: Apache HTTP Server vulnerabilities 27 September 2021 Several security issues were fixed in Apache HTTP Server. Releases o Ubuntu 21.04 o Ubuntu 20.04 LTS o Ubuntu 18.04 LTS Packages o apache2 - Apache HTTP server Details James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. ( CVE-2021-33193 ) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. ( CVE-2021-34798 ) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. ( CVE-2021-36160 ) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. ( CVE-2021-39275 ) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. ( CVE-2021-40438 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04 o apache2 - 2.4.46-4ubuntu1.2 o apache2-bin - 2.4.46-4ubuntu1.2 Ubuntu 20.04 o apache2 - 2.4.41-4ubuntu3.5 o apache2-bin - 2.4.41-4ubuntu3.5 Ubuntu 18.04 o apache2 - 2.4.29-1ubuntu4.17 o apache2-bin - 2.4.29-1ubuntu4.17 In general, a standard system update will make all the necessary changes. References o CVE-2021-34798 o CVE-2021-33193 o CVE-2021-40438 o CVE-2021-39275 o CVE-2021-36160 Related notices o USN-5090-2 : apache2-suexec-pristine, apache2-mpm-itk, apache2-utils, apache2-mpm-prefork, libapache2-mod-proxy-html, apache2-bin, apache2-doc, apache2, apache2-data, apache2-mpm-event, apache2-suexec-custom, apache2-mpm-worker, apache2.2-bin, apache2-dev, apache2-suexec, libapache2-mod-macro - -------------------------------------------------------------------------------- USN-5090-2: Apache HTTP Server vulnerabilities 27 September 2021 Several security issues were fixed in Apache HTTP Server. Releases o Ubuntu 16.04 ESM o Ubuntu 14.04 ESM Packages o apache2 - Apache HTTP server Details USN-5090-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. ( CVE-2021-34798 ) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. ( CVE-2021-39275 ) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. ( CVE-2021-40438 ) Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 o apache2 - 2.4.18-2ubuntu3.17+esm2 Available with UA Infra or UA Desktop o apache2-bin - 2.4.18-2ubuntu3.17+esm2 Available with UA Infra or UA Desktop Ubuntu 14.04 o apache2 - 2.4.7-1ubuntu4.22+esm2 Available with UA Infra or UA Desktop o apache2-bin - 2.4.7-1ubuntu4.22+esm2 Available with UA Infra or UA Desktop In general, a standard system update will make all the necessary changes. References o CVE-2021-39275 o CVE-2021-40438 o CVE-2021-34798 Related notices o USN-5090-1 : apache2-dev, apache2-suexec-custom, apache2-doc, apache2, apache2-data, apache2-utils, apache2-ssl-dev, apache2-bin, libapache2-mod-md, libapache2-mod-proxy-uwsgi, apache2-suexec-pristine - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJ0ouNLKJtyKPYoAQhQpA/9GURcNVJt6NiSpslR6MPWHFBue36VCK+k /NLJdkBTNHGAbwukBO+YpWUHcxl2n4TqscgXTm+CFstidihodyzUlACTc5igkP+4 WLUGqIER5BH6qucuPjgZ5/vUhpRtgdt4C/dwVaXZXa8Ium/iDREtv+9ZfK0PnprJ YbVc/YcYPB145N7QgKEGvvzftJBk2/O3+gDvUR7+0MzkhZPnIFlmjkxpJ7Rt8/3m vcP3JnO7++8HNRD3ci3TExr/bz4KUZpvUbe7jN/EJC8HXqA/E2ZbNSyVdPAQzKWo rLXwSCL1D8gsJAdZzyIFm+GqE9qko+h+ya/kCFXXeHE2s/fy10yuGb9I+3wA+Yzh jl48FSXMi5UCC5aKJH25gWul6DOEI3/XOwCqfpRyfDxObzbLw3Aw4K/w2m355Lac HB9b0aELL1qJ4l+V0TWHtsL/EldjVEYAWnaLPweprlVAt7efDVVSe4DYE0z/Tjbq rmaFn1wt+uvHNQ09F918LcM/Is5uDokLFAL1w3MAwhLpZ9srhx8tIqS8NwEFUvAV c/+HmJO5mC8Qh9gkJ83jonuMfzZSeO3V8DgWa67fPZ41eqlmA2nbaln2XMErPCdk n8eerpbUseQ2FOrYv4J9xeeB30eOid5ZOjdjWS1vkzjqNHfGHLWu3oKiWym2qkHO nCl6LtF40N4= =gu/F -----END PGP SIGNATURE-----
1 óra 26 perc

ESB-2021.3228 - [Win][UNIX/Linux][RedHat] OpenShift Container Platform 4.8.13: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3228 OpenShift Container Platform 4.8.13 security update 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: OpenShift Container Platform 4.8.13 Publisher: Red Hat Operating System: Red Hat UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Confidential Data -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-25741 Original Bulletin: https://access.redhat.com/errata/RHSA-2021:3631 Comment: This advisory references vulnerabilities in products which run on platforms other than Red Hat. It is recommended that administrators running kubernetes check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: OpenShift Container Platform 4.8.13 security update Advisory ID: RHSA-2021:3631-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2021:3631 Issue date: 2021-09-27 CVE Names: CVE-2021-25741 ===================================================================== 1. Summary: Red Hat OpenShift Container Platform release 4.8.13 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 4.8 - noarch, ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.13. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHSA-2021:3632 Security Fix(es): * kubernetes: Symlink exchange can allow host filesystem access (CVE-2021-25741) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. All OpenShift Container Platform 4.8 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster - - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - - -minor 4. Solution: For OpenShift Container Platform 4.8 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.8/release_notes/ocp-4-8-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.8/updating/updating-cluster - - -cli.html 5. Bugs fixed (https://bugzilla.redhat.com/): 1993749 - CVE-2021-25741 kubernetes: Symlink exchange can allow host filesystem access 6. Package List: Red Hat OpenShift Container Platform 4.8: Source: openshift-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el7.src.rpm openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el7.src.rpm x86_64: openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el7.x86_64.rpm openshift-clients-redistributable-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el7.x86_64.rpm openshift-hyperkube-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el7.x86_64.rpm Red Hat OpenShift Container Platform 4.8: Source: openshift-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el8.src.rpm openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el8.src.rpm python-sushy-3.7.3-0.20210804111215.b76050c.el8.src.rpm noarch: python3-sushy-3.7.3-0.20210804111215.b76050c.el8.noarch.rpm python3-sushy-tests-3.7.3-0.20210804111215.b76050c.el8.noarch.rpm ppc64le: openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el8.ppc64le.rpm openshift-hyperkube-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el8.ppc64le.rpm s390x: openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el8.s390x.rpm openshift-hyperkube-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el8.s390x.rpm x86_64: openshift-clients-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el8.x86_64.rpm openshift-clients-redistributable-4.8.0-202109201328.p0.git.88e7eba.assembly.stream.el8.x86_64.rpm openshift-hyperkube-4.8.0-202109180335.p0.git.a620f50.assembly.stream.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-25741 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYVIWktzjgjWX9erEAQg1ChAAoUUjaiXGcOK4y5g4FVVBHTDTqnS3bMSB T+pWvdwsWnyJ6A/W081EoUa2PdDWMNOK769YS/eZKhBjYUdU2JYX/I/N22MJjQ6C 55AHF4J8KL3YV5L49RDqvGb8EXZVMcyKo5tDB7YnG2D3xdLDfOt6zoKPBK2MSr4w esQ58npmZR7bkqWz5PaHzTwuOTkJGy0Vebl3Yf7BjyRiPoAYYflYIXozhA+BkFIX Cw4yyuJa/5LTLORWFdEz3AnmtaOPjmxIoBGAvKIebywNuB4a9BN7cE/Pcu+8DeAF zhiu+tCrDWwIY/BaPO+5bnuihTvwXwyTRCQcmp6XHlw4qo233EEopQJpn2BnsuHb XGUkL4YGBrLJ/XDnwE5hoK5NaaA4JUZ9fvpwIOLtd4iTGpqdu/6X9Ky5myL5IVt7 dGaaYRfNFtBoR342BUGMHYIYRJsNTw+XtvBlWwHhS5RpAUtYfHn530++JamFUenC IFYwk1zcPawA1rqNdBjIw6RtnvHwbcMNeGHr//DvixTRj9dK126eQEljse+pbsZO nXSWj7E6afgllRGDM1pwPCeRBoZGwHhTG4jefY495NirCf83yxvwO30p5/w1gih1 5MLTvmEvv40XtVGogMaABG1Ba2OasH8HUp1+pWd/UsCblZiI7XA5+Y6cl3KF4peG hGBWTr9U3hs= =diD+ - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJ0YuNLKJtyKPYoAQio7Q/9F7QNbGLPTARBFrlq+cxmpWoM6MwueZzp wuybKQg8yoIlX+JQM4BNUTiCZBZrmivWLOTlFgVvdwpLI7VfVHXIj50Dc96FQozP hNIUOQTWIm59ThOGgDSFcGhMdFJyLFX4f12TBwApKW2BlJHK6bc+5OvnHn4lAys1 8tMambGfpkUJpe67GNb9anuFZkeWncMwCknmzcLJ6fuYOsDO0xKd5CM8Fv2a2IEI EUR1FgXUuAlhZFh6Z0Wlm0hLRPxv5AABIohCJRnE0h/uZ9rlEaKupKeHbngqZX1r 07BsKbUfQs6I8GCLOfhyVugsUUWxg7A3ITqsULWMTQE1tx1yp33u2PpszxBueFeR hCqk0kFAfDOVRO8HvwisUs61QQzidMZoXa/noSoSBvgyX81awf8MLTTZVHN5NuRs e4ZpphBD3u7lQxHiNuJNRL20I+zve3ugZbq2kWjE+PQKOr23FvzL1/5T/LF5efqB gOl5LyRkPDxuV9hCuB6HJVOfrh4qlVlPF2d5E6xmgYVa1WHghR8DhgEKDRoGyRjQ 5HSLKnrbe67EFaM097zmHgfGrzaY3HSFL0rQl317NcvXAdBYqYkExJVoFuGkSzTh iVAco7OzvVYEJA7ezmwhVVPjFaNPjsh2rFRG6jNXGxp0Zj20MeKKBshziUkQj46P K9AHszckkC8= =eZl5 -----END PGP SIGNATURE-----
1 óra 26 perc

ESB-2021.2810.2 - UPDATE Cisco Products: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2810.2 Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability 28 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: 3000 Series Industrial Security Appliances (ISAs) FTD Software WSA Software Publisher: Cisco Systems Impact/Access: Unauthorised Access -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-34749 Original Bulletin: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN Revision History: September 28 2021: Vendor updated affected products and mitagation advice August 19 2021: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability Priority: Medium Advisory ID: cisco-sa-sni-data-exfil-mFgzXqLN First Published: 2021 August 18 16:00 GMT Last Updated: 2021 September 27 16:31 GMT Version 1.1: Interim Workarounds: No workarounds available Cisco Bug IDs: CSCvy50873 CSCvy64824 CSCvy76771 CSCvz34379 CVE Names: CVE-2021-34749 CWEs: CWE-200 Summary o A vulnerability in the web filtering features of multiple Cisco products could allow an unauthenticated, remote attacker to bypass web reputation filters and threat detection mechanisms on an affected device and exfiltrate data from a compromised host to a blocked external server. This vulnerability is due to inadequate inspection of the Server Name Identification (SNI) header in the SSL/TLS handshake. An attacker could exploit this vulnerability by using data from the TLS client hello packet to communicate with a blocked external server. A successful exploit could be used to exfiltrate data from a protected network. The attacker must compromise a host on the network to exfiltrate the sensitive data. The following Snort rule can be used to detect possible exploitation of this vulnerability: Snort SID 58062. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN Affected Products o Vulnerable Products At the time of publication, this vulnerability affected all open source Snort project releases earlier than Release 2.9.18. For more information about open source Snort, see the Snort website . At the time of publication, this vulnerability affected the following Cisco products if they were configured with the SSL/TLS decryption option and were also using web reputation or URL filtering features: 3000 Series Industrial Security Appliances (ISAs) 4000 Series Integrated Services Routers (ISRs) (except 4321 ISRs) Catalyst 8000V Edge Software Catalyst 8200 Series Edge Platforms Catalyst 8300 Series Edge Platforms Cloud Services Router 1000V Series (CSR 1000V) Firepower Threat Defense (FTD) Software, if the SSL/TLS decryption option is enabled Integrated Services Virtual Router (ISRv) Web Security Appliance (WSA), both physical and virtual devices, deployed in transparent mode For information about which Cisco software releases were vulnerable at the time of publication, see the Fixed Software section of this advisory. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information. Additional Considerations for FTD For an FTD device to be vulnerable, at least one SSL decryption policy must be enabled. As a prerequisite, an SSL decryption policy must be associated with a running access control policy. Determine Whether an SSL Decryption Policy Is Enabled on Cisco FTD Software There are two methods for determining whether an SSL decryption policy is enabled: Option 1: Use the CLI Use the show ssl-policy-config CLI command to verify whether an SSL decryption policy is enabled on a device. The following example shows the output of the show ssl-policy-config command on a device that does not have an SSL policy configured and is not vulnerable: > show ssl-policy-config SSL policy not yet applied. Any other output returned by the show ssl-policy-config command indicates that an SSL policy is configured and the device is vulnerable. For more information about the show ssl-policy-config command, see the Cisco Firepower Threat Defense Command Reference . Option 2: Use the GUI To determine whether an SSL decryption policy is enabled on a device, check the appropriate policy: For devices managed by Firepower Management Center (FMC) : Policies > Access Control > SSL For devices managed by Firepower Device Manager (FDM) : Policies > SSL Decryption Additional Considerations for WSA For a WSA device to be vulnerable, the HTTPS Proxy feature must be enabled and at least one decryption policy must be configured. The HTTPS Proxy feature is disabled by default. To determine whether the HTTPS Proxy feature is enabled for a WSA, administrators can log in to the web interface of the WSA and navigate to Security Services > HTTPS Proxy . The value in the HTTPS Proxy field indicates whether the feature is enabled or disabled. Products Confirmed Not Vulnerable Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability. The following products either already inspect the SNI header, do not perform SSL/TLS inspection, or do not use any web reputation or URL filtering feature to detect malicious web domains that could be used as recipients for data exfiltration. Therefore, Cisco has confirmed that these products are not affected by this vulnerability: 1000 Series ISRs 4321 ISRs Adaptive Security Appliance (ASA) Software Catalyst 8500 Series Edge Platforms Firepower Management Center (FMC) Software Meraki security appliances, all models Open source Snort 3 Umbrella Details o Using SNIcat or a similar tool, a remote attacker could exploit this vulnerability by sending sensitive data to an arbitrary server, hiding it in the SNI header of the TLS client hello packet. This vulnerability does not provide a means for an attacker to obtain the data in the first place; the attacker must have already compromised a host in a protected network to use for collecting and exfiltrating the confidential information. This advisory describes a filter bypass technique that could be used to circumvent protections that are based on web reputation filters, URL filtering, and threat detection. There is not a simple and deterministic way to identify every instance of data exfiltration because attackers may obfuscate the leaked data and use arbitrary, nonmalicious domains as recipients. However, Cisco is currently working to develop a solution that would extend the web reputation, URL filtering, or threat inspection features to the SNI header. This fix will mitigate this attack in cases where destination servers have a poor reputation or are already explicitly blocked by the administrators. This advisory will be updated once this solution becomes available. In the meantime, to detect and mitigate any attack performed with the SNIcat tool, Cisco has released a Snort rule with the SID 58062. To ensure full protection, the action for the rule should be set to Block . Workarounds o For potential workarounds on a specific Cisco product, refer to the Description section in the bug ID(s) at the top of this advisory. Fixed Software o When considering software upgrades , customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page , to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Fixed Releases For information about fixed software releases , see the Details section in the bug ID(s) at the top of this advisory. Exploitation and Public Announcements o The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory. Source o Cisco would like to thank Morten Marstrander and Alvaro Gutierrez from mnemonic, along with Matteo Malvica, for discovering and reporting this vulnerability. Cisco Security Vulnerability Policy o To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy . This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco. URL o https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sni-data-exfil-mFgzXqLN Revision History o +---------+----------------------------+----------+---------+-------------+ | Version | Description | Section | Status | Date | +---------+----------------------------+----------+---------+-------------+ | | Provided additional | | | | | | information about the | Multiple | | | | 1.1 | vulnerability, affected | sections | Interim | 2021-SEP-27 | | | products, and possible | | | | | | mitigations. | | | | +---------+----------------------------+----------+---------+-------------+ | 1.0 | Initial public release. | - | Interim | 2021-AUG-18 | +---------+----------------------------+----------+---------+-------------+ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVJnIuNLKJtyKPYoAQjOCxAAltp/yHzqEkfccDYY0fC729jWcRs+cWcP JpfrbOn7kronI3jcwydIbf/vH0Y5CbIJw3FEUAgXOtDphDurTWMgX/zerOjmdCnC C+vI9+g4JDN5smwCfAR6kx28zWWRwX80MboEeqzpkI7+bzkP/AolgaDzKXbcvMj+ VXDhZZrZ+nd4xrorjx0rtLrasH4O+8EASv0UUixCgyGu7prNSfHTmyb22mPHMRsP iAExhJI5nxFR227TaerJzdArhzQu+UZTU+5T5jDXbcuKKu6IT7EhDCBKRoedTzj7 5CGqZ4kspS+2kQ9TLHbs3RX/UyVC9PaIy8KQ34kt/nvidaXCWmWXtLLhs0qV7Fc4 ZPOS3/Pzwkhd7IO0Pd2uNchIDbjVWDG59+QxaMCyeokRz4hSQOv6iDETMvTxAI7U 4ipj1/SF8PsrspU1mqJRY4Qg6BV9Vehdj3pxbalGqGhAKT05EvRhGogjNEb7glqD hguT0qfxJMGOUuPXu3jqIGoGqjNlHFW3ZP6duBEGWAKFCd8zhbd0ykcHlCdMu7c4 +JgOewe6npOHE67rQXJvc66VjwAZHMq6IAsVB2W15HvK2AGMJcczWGDfqDc3IN7P qatyW6koBUUnbi9FE6JySHbu/1PzubF4mbLAMzc5sq6wwXMWaek0Fq4jow+Ahnqj VOUYFkrEU3E= =hWv8 -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3227 - [Win][Linux] IBM products: Execute arbitrary code/commands - Remote/unauthenticated

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3227 Security Bulletin: Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7774) 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM App Connect Enterprise IBM Integration Bus Publisher: IBM Operating System: Linux variants Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2020-7774 Reference: ESB-2021.2649 ESB-2021.0587 Original Bulletin: https://www.ibm.com/support/pages/node/6412225 - --------------------------BEGIN INCLUDED TEXT-------------------- Vulnerabilities in Node.js affect IBM App Connect Enterprise and IBM Integration Bus (CVE-2020-7774) Document Information Document number : 6412225 Modified date : 24 September 2021 Product : IBM Integration Bus Component : - Software version : - Operating system(s): Linux Windows Summary IBM App Connect Enterprise and IBM Integration Bus ship with Node.js for which vulnerabilities were reported and have been addressed. Vulnerability details are listed below. Vulnerability Details CVEID: CVE-2020-7774 DESCRIPTION: Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. CVSS Base score: 7.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/ 191999 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) Affected Products and Versions IBM App Connect Enterprise V11 , V11.0.0.0 - V11.0.0.13 IBM App Connect Enterprise V12 , V12.0.1.0 Remediation/Fixes +-------------------+--------------------+-------+----------------------------+ | Product | VRMF |APAR | Remediation / Fix | +-------------------+--------------------+-------+----------------------------+ |IBM App Connect | | |The APAR is available in fix| |Enterprise v11 |V11.0.0.0-V11.0.0.13|IT37753|pack 11.0.0.14 | | | | |11.0.0.14 | +-------------------+--------------------+-------+----------------------------+ |IBM App Connect |V12.0.1.0 |IT37753|Interim fix is available on | |Enterprise V12 | | |IBM Fix Central | +-------------------+--------------------+-------+----------------------------+ Workarounds and Mitigations None Acknowledgement Change History 29 Jan 2021: Initial Publication - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEt0ONLKJtyKPYoAQjKeg/+LMH8WptW+V/+ozCIFjmN5RqE0XdrY+ha ynqu33T0gWD66tHd2c0+UAAg2FIjaNpTf4UNpmjVZcpkbkjeglPNDMlsCdRfoX6i roI/tm3TboTn1KK1HArKiuoSWv6p5NglsYWVvV6jmtHsyMKXFhO6Ymb220ohjFbI sMRluM4t4a3KgZ8VpVh4aLd4oAQ9j7CW3f8fMM0bP3opdXed7bDr4rJf+3MvOE9C J1o8i7JE9sYPWNQZ7Vu6gPwK5LdzR2PYnVNYH1olAh8O+F+57PL6wyREI9ZJfX1w hR8JrX0rb4gZwuCkfx0W2GiH+3K4fmP31GTTUUowNk9gV802bw0ZaoTOKpeWg4aP NQPf3W88OhrGPqNKJU+O/Oqu9zJr2fm5GznfqHguyKWibZHWQd6ny+ja/AZttdTw shwmVOecqWg1LuD2KnSiz289XL0/RhAvc+By8aSJDX61HTAdNthu4iPttTbdc/4Z ZmPky8sXBsbv+SpZ1kH8lqsBwyOINBqgsGzNmVdVwSXJwrA0uU1U3bqdMZKRuJ3S K9LZFOttowW6EYVJ2MG/oQZtXdKiYUfanvLusOPRyivPklnpdM9Z9XLK58rHYCIA 9rdf6sWjJ4iPFyg0jsPW+ap60Y9Tr2F43hEgzYeJ2eCh96yXxadEC0CrhL+29KHr +4K/4VeFa44= =Gluo -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3226 - ALERT [Win][UNIX/Linux] Google Chrome: Execute arbitrary code/commands - Remote with user interaction

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3226 Stable Channel Update for Desktop 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Publisher: Google Operating System: Windows UNIX variants (UNIX, Linux, OSX) Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-37973 Original Bulletin: https://chromereleases.googleblog.com/2021/09/stable-channel-update-for-desktop_24.html Comment: Google is aware that an exploit for CVE-2021-37973 exists in the wild. - --------------------------BEGIN INCLUDED TEXT-------------------- Stable Channel Update for Desktop Friday, September 24, 2021 The Stable channel has been updated to 94.0.4606.61 for Windows, Mac and Linux which will roll out over the coming days/weeks A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed. This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$NA][1251727] High CVE-2021-37973 : Use after free in Portals. Reported by Clement Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero on 2021-09-21 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.Google is aware that an exploit for CVE-2021-37973 exists in the wild. Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. Srinivas Sista Google Chrome - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEtQeNLKJtyKPYoAQgu2g//S+RqRf35okEJrqkqpm57XNHVf2h119jA h3IdeHMRbXurvGNMrtMXcY3i6IzMTK38yfSPM49mrJ9WCj02bN95INEofa+SXRui t1AlvWtJBphWyFsujMWZEZtIRc51ljm1X/I9S20tpLX/EY19aCjKXSBRrWUW9Edu jeh8LputdR0u6Ylx1OE/s1Nhf+mIPMv43hguXyjg/qXQAFUFfM9sfyDBqILEGUag APtDv2ZR7ZdOMaIJvA5bTkeYe2iUx0GHi6znWroP7Ms6IkVIgCGXO6eWCHhRjweo xl+osYAg4KsQG5DJClo+MBhsol3HdDM1+58Tiky8W1EUacgsXsR1aK8dibE6uj37 uPVkdtMCn/Rr7kWrL8lczmC+ZbpUmOjhmjDUTgX4Qa38xK8ZadJfOng1gjkOwx/R yGJu73hsk3/+bYZfqVY9GcyKm5PHMYP1J/M9DuFYlzBCBUZ3PeOO8i950l3mpUaG fcnv7DUXvEXW9yU69y1fMvNV7ZGju9M/AsqpirqRGhlGjNj425d8IWcoaRTZYh+5 taFSp8vrTdwBRWxkbnQv5YgeZfFxQyKRdjbO0bEcYhXdPhGMvXl02nLAHYPA4qfR hpqebx04u/JKOLvIOYSxjXNw1sy6zzrwXVUmzpvvq78Lsf/vg4G+VtqK9q15FO2T s4b7H78oyvw= =Zecz -----END PGP SIGNATURE-----
2021. szeptember 27.

ASB-2021.0187 - [Win] Microsoft Edge (Chromium-based): Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2021.0187 Microsoft Security Update Release for Microsoft Edge (Chromium-based) 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Edge (Chromium-based) Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-37973 CVE-2021-37972 CVE-2021-37971 CVE-2021-37970 CVE-2021-37969 CVE-2021-37968 CVE-2021-37967 CVE-2021-37966 CVE-2021-37965 CVE-2021-37964 CVE-2021-37963 CVE-2021-37962 CVE-2021-37961 CVE-2021-37960 CVE-2021-37959 CVE-2021-37958 CVE-2021-37957 CVE-2021-37956 Reference: ESB-2021.3174 OVERVIEW The following Chrome CVEs have been released on September 24, 2021. These CVEs were assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses these vulnerabilities. Please see Google Chrome Releases for more information. [1] Microsoft has also reported a number of unique CVEs not included in the upstream product. Edge version: 94.0.992.31 Chromium version: 94.0.4606.54 [2] IMPACT The following vulnerabilities have been addressed: * CVE-2021-37973 * CVE-2021-37972 * CVE-2021-37971 * CVE-2021-37970 * CVE-2021-37969 * CVE-2021-37968 * CVE-2021-37967 * CVE-2021-37966 * CVE-2021-37965 * CVE-2021-37964 * CVE-2021-37963 * CVE-2021-37962 * CVE-2021-37961 * CVE-2021-37960 * CVE-2021-37959 * CVE-2021-37958 * CVE-2021-37957 * CVE-2021-37956 See Security Update Guide Supports CVEs Assigned by Industry Partners for more information about third-party CVEs in the Security Update Guide. [3] MITIGATION It is advised to update Edge to the latest release. REFERENCES [1] Google Chrome Releases https://chromereleases.googleblog.com/2021 [2] Security Update Guide https://msrc.microsoft.com/update-guide [3] Security Update Guide Supports CVEs Assigned by Industry Partners https://msrc-blog.microsoft.com/2021/01/13/security-update-guide-supports-cves-assigned-by-industry-partners/ AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEs4eNLKJtyKPYoAQjWSw//RWz5QIqy+YZDI2Mov8y1EfqeN1e6IBQ9 u11hEcIhLlqnABxBxl492H2BoVxnGVDXuEjDAemm187xw1nebylxqCTdpOwpOHHM VZoh/kAe8BYk6xKUmFw+NeeQWUNOQ0inJtr6MgM9eVRKx9PxWY7Y8fHS+SZgGUdD 8LFZLDTFFIioEAroF/4zL/9QuxdoyBQxb108SyOk6nQAKW6ZWOT9BGjWBfQwMPFM 1W3zHW9c3v3KrTuEtwtWQu2zOJcwRMilgq7rqva1v9tYlEV/vNcE/pQvBHFi6Oiv 319fJ9cYPTYyTvygG0FqFR+UE+6BHhATeKmg1FUssUaX5YvXYpbhzNbSSzWiJHKE mW1utyXQwK0Xld9ChzOVxwAeia4bMEZUtDR3vM20WsEySgXozxaIQc95lu6zGNMV ap+UCUkAMXddMpOhpshJf5B4NeacjW63X41tPZjJDhpo5PnqIROApN9vUAuB9aNz 45sAXz67qo0lSdWWw9JtDrQM/g4XM+xmpmdeBEm2T1ierTKkg402F0Hi3amS3Vu8 +VGXA8TAKcfyxPa0ljN6E6xrRCdIghzcJt6J7TRQQske3crgkAm2hnLuF5JAADDL wLqQl7uA2cmA7BIVXxEjpbXIxWlcRC3TW9YclpxF42Vp959WRxleVNZPeEDdeQVS nsYDzQU+PSw= =BMsR -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3225 - [Debian] linux: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3225 linux security update 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: linux Publisher: Debian Operating System: Debian GNU/Linux Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Increased Privileges -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-41073 CVE-2021-40490 CVE-2021-38199 CVE-2021-38166 CVE-2021-38160 CVE-2021-37576 CVE-2021-3753 CVE-2021-3743 CVE-2021-3739 CVE-2021-3732 CVE-2021-3679 CVE-2021-3656 CVE-2021-3653 CVE-2020-16119 CVE-2020-3702 Reference: ESB-2021.3185 ESB-2021.3070 ESB-2021.3017 Original Bulletin: http://www.debian.org/security/2021/dsa-4978 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-4978-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 25, 2021 https://www.debian.org/security/faq - - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-37576 CVE-2021-38160 CVE-2021-38166 CVE-2021-38199 CVE-2021-40490 CVE-2021-41073 Debian Bug : 993948 993978 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 802.11n family of chipsets (ath9k) allowing information disclosure. CVE-2020-16119 Hadar Manor reported a use-after-free in the DCCP protocol implementation in the Linux kernel. A local attacker can take advantage of this flaw to cause a denial of service or potentially to execute arbitrary code. CVE-2021-3653 Maxim Levitsky discovered a vulnerability in the KVM hypervisor implementation for AMD processors in the Linux kernel: Missing validation of the `int_ctl` VMCB field could allow a malicious L1 guest to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. The L2 guest can take advantage of this flaw to write to a limited but still relatively large subset of the host physical memory. CVE-2021-3656 Maxim Levitsky and Paolo Bonzini discovered a flaw in the KVM hypervisor implementation for AMD processors in the Linux kernel. Missing validation of the the `virt_ext` VMCB field could allow a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances, the L2 guest is able to run VMLOAD/VMSAVE unintercepted and thus read/write portions of the host's physical memory. CVE-2021-3679 A flaw in the Linux kernel tracing module functionality could allow a privileged local user (with CAP_SYS_ADMIN capability) to cause a denial of service (resource starvation). CVE-2021-3732 Alois Wohlschlager reported a flaw in the implementation of the overlayfs subsystem, allowing a local attacker with privileges to mount a filesystem to reveal files hidden in the original mount. CVE-2021-3739 A NULL pointer dereference flaw was found in the btrfs filesystem, allowing a local attacker with CAP_SYS_ADMIN capabilities to cause a denial of service. CVE-2021-3743 An out-of-bounds memory read was discovered in the Qualcomm IPC router protocol implementation, allowing to cause a denial of service or information leak. CVE-2021-3753 Minh Yuan reported a race condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read in vt. CVE-2021-37576 Alexey Kardashevskiy reported a buffer overflow in the KVM subsystem on the powerpc platform, which allows KVM guest OS users to cause memory corruption on the host. CVE-2021-38160 A flaw in the virtio_console was discovered allowing data corruption or data loss by an untrusted device. CVE-2021-38166 An integer overflow flaw in the BPF subsystem could allow a local attacker to cause a denial of service or potentially the execution of arbitrary code. This flaw is mitigated by default in Debian as unprivileged calls to bpf() are disabled. CVE-2021-38199 Michael Wakabayashi reported a flaw in the NFSv4 client implementation, where incorrect connection setup ordering allows operations of a remote NFSv4 server to cause a denial of service. CVE-2021-40490 A race condition was discovered in the ext4 subsystem when writing to an inline_data file while its xattrs are changing. This could result in denial of service. CVE-2021-41073 Valentina Palmiotti discovered a flaw in io_uring allowing a local attacker to escalate privileges. For the stable distribution (bullseye), these problems have been fixed in version 5.10.46-5. This update includes fixes for #993948 and #993978. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmFO2GNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0TnbQ/8C5VZ8M2c1r7inKdf/JxcNqAgmquOVo/Ib9Ei17r+7/IXa4mo/FCz4xOb V68lNhqA43GJPWGHcj8mndVfkTHnn0PRekd5oPoKTdo4fJS0JEipUvNM3W+ukYVo eJi9+rV6fLmA9w0TTLqRaAZG1jjHxKqNo0XjbwGMhM8+hp5grAGuZrNfQ8mJk/CX RM8PyeWFTkio0eVr5G4wgxSDLJeg3Aa9azYvfXhgZ8OCl1ArSgLN3xhHqfuXFPAN F2i8ZRSwwlFtkea/Zm1eet+uwEs3Mz0pCXxBApITIaPh8Zo1Lj/0u8BBQqbGTuiF 6JNYnZc6TZ16DI3M8/a4x8sjG/C4Q6D+rOTpfaoydz4kcGEFWZC7/L9Y0wmd11da a4OIQq56Kk1bYI+G/7hl6BstLZxaqY/mafshV+nhQIzOBMBo35/r6Coz7AQUSJ5R vpPv1CKSwwki9zic0aegXZRUd0SJAyNEOqpvDSlT0hy2nNlnYFKIAySlFv68Lz9M RO/t4qFaKz07UdrNqN7E6qXZ6TZ18cIw2SQiozcR7g3CQ5WrBErxibkvmM4vHDgp /AlmxCuiTNtBdwGNlcT16kCbvyQLx3wSzisUBceIQqb/XTw9Ti2ctDWgYStsscSC LaEFBjJhYxBvDhnav4P2ZpHni5C1J/KS3qiR6wCEBTh4Qy5dYjo= =L0c4 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEeTeNLKJtyKPYoAQi4CA/7BceeUvI+ByV3pb0yL/6hMdahCG4aZ5or Mk2JSC6TzxzcQwFaDZnawxBMDQB3C3XAO/+5ach6tIQt31xM0wKcT+skXSbgAWEt X0LOcvBKsUW/ziiH28d4otGrf3oNHB3OmnuueYqMW7+NHhZmPqtMvtypHy5jbafv gmg4LqP1uWbByD0Pp5YyvX1Xz7x3XITKyERhFsyU5vQNVpwjNpbgihqbPrCRcj96 0+S972IQDWynLbibsMNC7YVRQ555nvMRfEYcHMRXl9PZlHuhOUmFhDqzlR797qx3 SH+m/ce7HkcsWpdqDjUd7+XXcg40hgWOqBcW7BTafDF7WgSC+BKZCD8kXuEdZuen ig+Vw1oxCJ3vZ7GeTklvRamBes4xsIb3pNNNS8DAi12iKyCbCdhF+P8RqIZqaBsq pXBd6lyegdTveuv0xRN7PBYt9c2Zn33SEsG5C+NzlbL8jaeCYFRzjAG4631t/MJ5 +6HTxVqE662G/+JsVxYH3UP1JB7SOGBGZsvWlzLjNuVALjL6STqft8e6Fo2FrtXt rCguOasN1oXg11XxYWtCmyZIDWGVsh/ZkTQee9ylz2w8mAeXcCx9Wh5Ge31QWghy zuekSpIKuaY9OmIOBR2dXqHWOSfcUo/vmobTjIThDtMOUrbkHFkve1iwiQQBIh1U iuKoUKCK+ic= =QFIv -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3224 - [Debian] openssl: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3224 openssl security update 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl Publisher: Debian Operating System: Debian GNU/Linux Impact/Access: Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-3712 Reference: ESB-2021.3194 ESB-2021.2895 ESB-2021.2864 Original Bulletin: https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2766-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Thorsten Alteholz September 27, 2021 https://wiki.debian.org/LTS - - ------------------------------------------------------------------------- Package : openssl Version : 1.1.0l-1~deb9u4 CVE ID : CVE-2021-3712 An issue has been found in openssl, a Secure Sockets Layer toolkit. Ingo Schwarze reported a buffer overrun flaw when processing ASN.1 strings, which can result in denial of service. For Debian 9 stretch, this problem has been fixed in version 1.1.0l-1~deb9u4. We recommend that you upgrade your openssl packages. For the detailed security status of openssl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openssl Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS - -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmFQ7kVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEdaNQ/+ILDOzjfPJTwsfWL/DZq7gPk/8AK6Li87vBOUCpFsR5vQm8Gf2nf/zyNS FteOM3pYxqhgcb+Zhbk97BvWwyxP6gx2a7VrWtqcVqUqtdSXPn1RFusnQLov1exg lvLNxYAys6yq5ETPjuBYFIeTLbvDQ1jll+XlBEL7REoZ7d79EK9kG/DMD+jtECL9 +P4k3ogiK9BV6yFx6RcV3dFsawBJDUwLEOHze46KpwGasUdPW5ZtNHPlFlTCnw/u LvgbgawO7tZgJMwO8Rr77yMpZioVd2K+/C9Y3zV5ffr2rY2g+2l/nlyTd/YUSSDA jyYkote66Q8s9KFeIGHD+igX+bpys1/1JAw8ebHatZwrZ7FJRMPhBuiutFH+ydVB bmCJR5R0/S7XRrqhyR6WP+z8b4ZB7HlfruFpU2z8vjBb5KzRb9FLLcRNvshkguTJ VergsspBdfLh/gZEqng7c2dsflpVmsFnlegRPtlEEmTwH309bDUWICu5XkmuYvbz gG48lq2yTV2o0KGNOAVQhtqVUV9GF46RZa3sfO9/Ks/Buvq9c+4hzwAgp7dbl7/j rIy+24iaP6jL077Oq7IVqmu3ZGVnaLSiPNm9AUd6LQCI3yQJJoXG1DQ/fHAzZmBE Wlen90uWvSzyShzJndfdzsQ0/b5/OTDFvoTxYOYSKxYwTO5eHps= =7z7o - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEZOONLKJtyKPYoAQhtHw/+N1Nvm01VqQNH2jXlZFVsw4XBOtc2RVD+ UHjWwQIMp/aTO3YTZtIPWejV5y1XjCJ0/y3Li5e6Dg2crA/3LDqefCnTBHHhIEXg UfOCktflvZ3Eq9LNBDnsB2DTyeX4Z8sNzZofFLLprUlqQkCc1n3crm6fqzHW8UUu CMN7CIvdahdus/Pvr2tZzKHC4tEKeYDYHzFeo3xbf1itHOv6IHvImnHAcVGiXk5J 8a9RezNLyBl+U0vujDoPW6egBuDSqei0MIoUlgE0gapr6lUSJqcV8r5t76sfwGsQ cSIVJAVNm6iShL1fxw+1OVy5T9y6s9Inj+xEg2h+8NZxWHrtwAR/uJacclHjt/59 4r44uKlgS0z1If+IDuFugQnnO/uLKXCXTVsL5NEFOdIQCgBMmExaxrJ1m6q+8FCE T/6P+gdXwnwZVvIA1kjC97HvVXfHTQvMwvrRC2rrHt5LTKUZX8oL3ANFSYLkfwsO WobeO57pj2iszJDbzHpl6i8OX3EXe/UQEbaIarCZ6khs7F/DMPfGDF1sq/c5mdbo MXAW8vNTmMb1eMCnW6GsL/XQVYBwnlEe5Vi+Yuqnvv8MTr5kJcSW5oaRpaorZ9GS 4exMbTlE3E1VG1GYlzxEk0+o4HCxHmFZFpDMsrQwRbB6LCB9pDqdziYyAQRG5HtO fkgAirFQTGs= =oz1Y -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3223 - [SUSE] xen: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3223 Security update for xen 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: xen Publisher: SUSE Operating System: SUSE Impact/Access: Increased Privileges -- Existing Account Denial of Service -- Existing Account Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-28701 Reference: ESB-2021.3189 ESB-2021.3151 ESB-2021.3023 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213213-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3213-1 Rating: important References: #1189373 #1189378 #1189632 Cross-References: CVE-2021-28701 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL HPE Helion Openstack 8 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for xen fixes the following issues: o CVE-2021-28701: Fixed race condition in XENMAPSPACE_grant_table handling (XSA-384) (bsc#1189632). o Integrate bugfixes (bsc#1189373, bsc#1189378). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-3213=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2021-3213=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-3213=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-3213=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-3213=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2021-3213=1 Package List: o SUSE OpenStack Cloud Crowbar 8 (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 o SUSE OpenStack Cloud 8 (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 o SUSE Linux Enterprise Server 12-SP3-LTSS (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 o HPE Helion Openstack 8 (x86_64): xen-4.9.4_22-3.94.2 xen-debugsource-4.9.4_22-3.94.2 xen-doc-html-4.9.4_22-3.94.2 xen-libs-32bit-4.9.4_22-3.94.2 xen-libs-4.9.4_22-3.94.2 xen-libs-debuginfo-32bit-4.9.4_22-3.94.2 xen-libs-debuginfo-4.9.4_22-3.94.2 xen-tools-4.9.4_22-3.94.2 xen-tools-debuginfo-4.9.4_22-3.94.2 xen-tools-domU-4.9.4_22-3.94.2 xen-tools-domU-debuginfo-4.9.4_22-3.94.2 References: o https://www.suse.com/security/cve/CVE-2021-28701.html o https://bugzilla.suse.com/1189373 o https://bugzilla.suse.com/1189378 o https://bugzilla.suse.com/1189632 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEZJ+NLKJtyKPYoAQgNGg/8DHnzjJI5qHpbfb9e9tdNi6NPDIDaxDvB VU6a3GUfBx2oJPx3fasr6Y8EOKjMF28kjxtD9mKFLaotenkxQGxAN/HKuLYmoRMu y1EroJmmgkrJGC7WZu37UfSOS1jt1438qZYXdGNY3U39UzJSn/aNMN6C3i8wtYgk FxOJqd2UJBSCMGJQaZj0bQFa/If+5hoJjtfG47uWoevqyWxV5IjHvhpQGucdNuKT +awEkGBQVjfNx5dWCbiFLona2VDCxDRNtKtYIg8e8/k4HpiselcIQytaq1zbKDzS qiWjrGjGBnj6RmcKGWCoHd4V1EZt0x+iqTF6Xvazpf1/syAReGvjdGKyYdLkyKxs PLm/GcyeVkxGaGrhUSE/iPIfJjqty+7bCep9uu9yBbGVjxkLvJwsx1uSq42lDmTL RmEwJNQH/wuJRPdM1pQW+5JJDakcuOYkmT2JqNsAM1bYAyNoskd2kxFrxSOjKKWh TVt2XLt6qQ3P8VjvxW8vSPHcEluPEwbhEC22D1pTs64jAtqlQPOpLwJxCE0uKYTw O4faCsfmgAzBrmgR+RDD9bCRx5LESJJ59jJM+tU2vKgWhw5aW+66UQ6ib1gMnEFw VeDMxdG52fKKlV1fPsuc3+C0MWAUOHG0ov+PNSlA2sYxbQ9ApeKwHzhc/WZluZUj XlWUi6lmQtg= =VqzE -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3222 - [SUSE] Linux Kernel: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3222 Security update for the Linux Kernel 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Linux Kernel Publisher: SUSE Operating System: SUSE Impact/Access: Increased Privileges -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-38209 CVE-2021-38207 CVE-2021-38206 CVE-2021-38205 CVE-2021-38204 CVE-2021-38198 CVE-2021-38166 CVE-2021-38160 CVE-2021-35477 CVE-2021-34556 CVE-2021-3759 CVE-2021-3753 CVE-2021-3743 CVE-2021-3739 CVE-2021-3732 CVE-2021-3679 CVE-2021-3656 CVE-2021-3653 CVE-2021-3640 CVE-2020-12770 CVE-2019-3900 CVE-2019-3874 CVE-2018-9517 Reference: ESB-2021.3206 ESB-2021.3185 ESB-2021.3034 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213217-1 https://www.suse.com/support/update/announcement/2021/suse-su-20213206-1 https://www.suse.com/support/update/announcement/2021/suse-su-20213207-1 https://www.suse.com/support/update/announcement/2021/suse-su-20213205-1 Comment: This bulletin contains four (4) SUSE security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3217-1 Rating: important References: #1040364 #1108488 #1114648 #1127650 #1129898 #1133374 #1136513 #1171420 #1183050 #1183983 #1185902 #1185973 #1187076 #1188172 #1188439 #1188616 #1188885 #1188982 #1188983 #1188985 #1189057 #1189262 #1189268 #1189269 #1189270 #1189271 #1189272 #1189291 #1189301 #1189384 #1189385 #1189392 #1189399 #1189400 #1189505 #1189506 #1189562 #1189564 #1189565 #1189566 #1189567 #1189568 #1189569 #1189573 #1189577 #1189579 #1189581 #1189582 #1189639 #1189640 #1189706 #1189846 #1190022 #1190025 #1190115 #1190117 Cross-References: CVE-2018-9517 CVE-2019-3874 CVE-2019-3900 CVE-2020-12770 CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3753 CVE-2021-3759 CVE-2021-38160 CVE-2021-38198 CVE-2021-38204 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP5 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has 40 fixes is now available. Description: The SUSE Linux Enterprise 12 SP5 Realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: o CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488). o CVE-2019-3874: Fixed possible denial of service attack via SCTP socket buffer used by a userspace applications (bnc#1129898). o CVE-2019-3900: Fixed an infinite loop issue while handling incoming packets in handle_rx() (bnc#1133374). o CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). o CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). o CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). o CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). o CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). o CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc# 1190025). o CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). o CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/ char/virtio_console.c (bsc#1190117) o CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). o CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). o CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). o CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). o CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). The following non-security bugs were fixed: o ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). o ALSA: seq: Fix racy deletion of subscriber (git-fixes). o ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). o ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). o ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). o Bluetooth: Move shutdown callback before flushing tx and rx queue (git-fixes). o Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). o Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). o Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). o Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). o KVM: SVM: Call SEV Guest Decommission if ASID binding fails (12sp5). o NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). o NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc# 1040364). o PCI/MSI: Correct misleading comments (git-fixes). o PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). o PCI/MSI: Enable and mask MSI-X early (git-fixes). o PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). o PCI: Add Intel VMD devices to pci ids (bsc#1183983). o PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). o PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973). o PCI: vmd: Add an additional VMD device id to driver device id table (bsc# 1183983). o PCI: vmd: Add offset to bus numbers if necessary (bsc#1183983). o PCI: vmd: Assign membar addresses from shadow registers (bsc#1183983). o PCI: vmd: Filter resource type bits from shadow register (bsc#1183983). o PCI: vmd: Fix config addressing when using bus offsets (bsc#1183983). o PCI: vmd: Fix shadow offsets to reflect spec changes (bsc#1183983). o SUNRPC: Fix the batch tasks count wraparound (git-fixes). o SUNRPC: Should wake up the privileged task firstly (git-fixes). o SUNRPC: improve error response to over-size gss credential (bsc#1190022). o USB: serial: ch341: fix character loss at high transfer rates (git-fixes). o USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). o USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). o USB: usbtmc: Fix RCU stall warning (git-fixes). o USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). o arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback (git-fixes). o ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). o ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (git-fixes). o bcma: Fix memory leak for internally-handled cores (git-fixes). o bdi: Do not use freezable workqueue (bsc#1189573). o blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). o block: fix trace completion for chained bio (bsc#1189505). o can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). o cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). o cifs: avoid starvation when refreshing dfs cache (bsc#1185902). o cifs: constify get_normalized_path() properly (bsc#1185902). o cifs: do not cargo-cult strndup() (bsc#1185902). o cifs: do not send tree disconnect to ipc shares (bsc#1185902). o cifs: do not share tcp servers with dfs mounts (bsc#1185902). o cifs: do not share tcp sessions of dfs connections (bsc#1185902). o cifs: fix check of dfs interlinks (bsc#1185902). o cifs: fix path comparison and hash calc (bsc#1185902). o cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). o cifs: handle different charsets in dfs cache (bsc#1185902). o cifs: keep referral server sessions alive (bsc#1185902). o cifs: missing null pointer check in cifs_mount (bsc#1185902). o cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). o cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). o clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). o crypto: ccp - Annotate SEV Firmware file names (bsc#1189268). o crypto: nx - Fix RCU warning in nx842_OF_upd_status (git-fixes). o crypto: nx - Fix memcpy() over-reading in nonce (git-fixes). o crypto: talitos - Do not modify req->cryptlen on decryption (git-fixes). o crypto: talitos - fix ECB algs ivsize (git-fixes). o crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes). o dm btree remove: assign new_root only when removal succeeds (git fixes). o dm cache metadata: Avoid returning cmd->bm wild pointer on error (git fixes). o dm era: Fix bitset memory leaks (git fixes). o dm era: Recover committed writeset after crash (git fixes). o dm era: Reinitialize bitset cache before digesting a new writeset (git fixes). o dm era: Use correct value size in equality function of writeset tree (git fixes). o dm era: Verify the data block size hasn't changed (git fixes). o dm era: only resize metadata in preresume (git fixes). o dm ioctl: fix error return code in target_message (git fixes). o dm ioctl: fix out of bounds array access when no devices (git fixes). o dm persistent data: packed struct should have an aligned() attribute too (git fixes). o dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git fixes). o dm snapshot: fix crash with transient storage and zero chunk size (git fixes). o dm snapshot: flush merged data before committing metadata (git fixes). o dm snapshot: properly fix a crash when an origin has no snapshots (git fixes). o dm space map common: fix division bug in sm_ll_find_free_block() (git fixes). o dm table: fix iterate_devices based device capability checks (git fixes). o dm thin metadata: Avoid returning cmd->bm wild pointer on error (git fixes). o dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). o dm writecache: fix the maximum number of arguments (git-fixes). o dm writecache: handle DAX to partitions on persistent memory correctly (git-fixes). o dm writecache: remove BUG() and fail gracefully instead (git-fixes). o dm zoned: select CONFIG_CRC32 (git-fixes). o dm: eliminate potential source of excessive kernel log noise (git fixes). o dm: remove invalid sparse __acquires and __releases annotations (git-fixes). o ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). o ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). o ext4: fix avefreec in find_group_orlov (bsc#1189566). o ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). o ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). o ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). o ftgmac100: Restart MAC HW once (git-fixes). o i2c: dev: zero out array used for i2c reads from userspace (git-fixes). o i2c: highlander: add IRQ check (git-fixes). o i2c: iop3xx: fix deferred probing (git-fixes). o i2c: mt65xx: fix IRQ check (git-fixes). o i2c: s3c2410: fix IRQ check (git-fixes). o i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (git-fixes). o iio: adc: Fix incorrect exit of for-loop (git-fixes). o iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). o iommu/amd: Fix extended features logging (bsc#1189269). o iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189270). o iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189271). o iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189272). o kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). o kABI: s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193818). o mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). o md/raid10: properly indicate failure when ending a failed write request (git-fixes). o media: go7007: fix memory leak in go7007_usb_probe (git-fixes). o media: rtl28xxu: fix zero-length control request (git-fixes). o memcg: enable accounting for file lock caches (bsc#1190115). o mm, vmscan: guarantee drop_slab_node() termination (VM Functionality, bsc# 1189301). o mm/memory-failure: unnecessary amount of unmapping (bsc#1189640). o mm/memory.c: do_fault: avoid usage of stale vm_area_struct (bsc#1136513). o mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes). o mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc# 1189569). o mm/vmscan: fix infinite loop in drop_slab_node (VM Performance, bsc# 1189301). o mm: vmscan: scan anonymous pages on file refaults (VM Performance, bsc# 1183050). o mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). o net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes). o net: mvpp2: Add TCAM entry to drop flow control pause frames (git-fixes). o net: mvpp2: prs: fix PPPoE with ipv6 packet parse (git-fixes). o net: stmmac: use netif_tx_start|stop_all_queues() function (git-fixes). o net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes). o net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes). o nfs: fix acl memory leak of posix_acl_create() (git-fixes). o nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1187076). o nvme-fc: convert assoc_active flag to bit op (bsc#1187076). o nvme-fc: eliminate terminate_io use by nvme_fc_error_recovery (bsc# 1187076). o nvme-fc: fix double-free scenarios on hw queues (bsc#1187076). o nvme-fc: fix io timeout to abort I/O (bsc#1187076). o nvme-fc: fix racing controller reset and create association (bsc#1187076). o nvme-fc: remove err_work work item (bsc#1187076). o nvme-fc: remove nvme_fc_terminate_io() (bsc#1187076). o nvme-fc: track error_recovery while connecting (bsc#1187076). o ocfs2: fix snprintf() checking (bsc#1189581). o ocfs2: fix zero out valid data (bsc#1189579). o ocfs2: issue zeroout to EOF blocks (bsc#1189582). o ocfs2: ocfs2_downconvert_lock failure results in deadlock (bsc#1188439). o overflow: Correct check_shl_overflow() comment (git-fixes). o overflow: Include header file with SIZE_MAX declaration (git-fixes). o ovl: check whiteout in ovl_create_over_whiteout() (bsc#1189846). o ovl: filter of trusted xattr results in audit (bsc#1189846). o ovl: fix dentry leak in ovl_get_redirect (bsc#1189846). o ovl: initialize error in ovl_copy_xattr (bsc#1189846). o ovl: relax WARN_ON() on rename to self (bsc#1189846). o pcmcia: i82092: fix a null pointer dereference bug (git-fixes). o power: supply: max17042: handle fails of reading status register (git-fixes). o powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes). o qlcnic: Fix error code in probe (git-fixes). o r8152: Fix potential PM refcount imbalance (git-fixes). o readdir: make sure to verify directory entry for legacy interfaces too (bsc #1189639). o regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). o s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC# 193818). o scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). o scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). o scsi: libfc: Fix array index out of bound exception (bsc#1188616). o scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). o scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc# 1189385). o scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). o scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc #1189385). o scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). o scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). o scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). o scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). o scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). o scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc# 1189385). o scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc# 1189385). o scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). o scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). o scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). o scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc# 1189385). o scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc# 1189385). o scsi: lpfc: Improve firmware download logging (bsc#1189385). o scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). o scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). o scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc# 1189385). o scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). o scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). o scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc# 1189385). o scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). o scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc #1189385). o scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). o scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). o scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc# 1189385). o scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc #1189385). o scsi: qla2xxx: Add heartbeat check (bsc#1189392). o scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc# 1189392). o scsi: qla2xxx: Fix spelling mistakes "allloc" -> "alloc" (bsc#1189384). o scsi: qla2xxx: Fix use after free in debug code (bsc#1189384). o scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc# 1189392). o scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). o scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). o scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc# 1189392). o scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc# 1189384). o scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). o scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189384). o scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). o scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc# 1189392). o scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189384). o scsi: qla2xxx: edif: Add detection of secure device (bsc#1189384). o scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189384). o scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189384). o scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc# 1189384). o scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189384). o scsi: qla2xxx: edif: Add key update (bsc#1189384). o scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc# 1189384). o scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). o scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189384). o scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). o serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). o spi: mediatek: Fix fifo transfer (git-fixes). o spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). o staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). o virtio_net: Fix error code in probe() (git-fixes). o writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). o x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1114648). o x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1114648). o x86/fpu: Reset state for all signal restore failures (bsc#1114648). o x86/kvm: fix vcpu-id indexed array sizes (git-fixes). o x86/signal: Detect and prevent an alternate signal stack overflow (bsc# 1114648). o xen/events: Fix race in set_evtchn_to_irq (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Real Time Extension 12-SP5: zypper in -t patch SUSE-SLE-RT-12-SP5-2021-3217=1 Package List: o SUSE Linux Enterprise Real Time Extension 12-SP5 (noarch): kernel-devel-rt-4.12.14-10.57.1 kernel-source-rt-4.12.14-10.57.1 o SUSE Linux Enterprise Real Time Extension 12-SP5 (x86_64): cluster-md-kmp-rt-4.12.14-10.57.2 cluster-md-kmp-rt-debuginfo-4.12.14-10.57.2 dlm-kmp-rt-4.12.14-10.57.2 dlm-kmp-rt-debuginfo-4.12.14-10.57.2 gfs2-kmp-rt-4.12.14-10.57.2 gfs2-kmp-rt-debuginfo-4.12.14-10.57.2 kernel-rt-4.12.14-10.57.2 kernel-rt-base-4.12.14-10.57.2 kernel-rt-base-debuginfo-4.12.14-10.57.2 kernel-rt-debuginfo-4.12.14-10.57.2 kernel-rt-debugsource-4.12.14-10.57.2 kernel-rt-devel-4.12.14-10.57.2 kernel-rt-devel-debuginfo-4.12.14-10.57.2 kernel-rt_debug-4.12.14-10.57.2 kernel-rt_debug-debuginfo-4.12.14-10.57.2 kernel-rt_debug-debugsource-4.12.14-10.57.2 kernel-rt_debug-devel-4.12.14-10.57.2 kernel-rt_debug-devel-debuginfo-4.12.14-10.57.2 kernel-syms-rt-4.12.14-10.57.1 ocfs2-kmp-rt-4.12.14-10.57.2 ocfs2-kmp-rt-debuginfo-4.12.14-10.57.2 References: o https://www.suse.com/security/cve/CVE-2018-9517.html o https://www.suse.com/security/cve/CVE-2019-3874.html o https://www.suse.com/security/cve/CVE-2019-3900.html o https://www.suse.com/security/cve/CVE-2020-12770.html o https://www.suse.com/security/cve/CVE-2021-34556.html o https://www.suse.com/security/cve/CVE-2021-35477.html o https://www.suse.com/security/cve/CVE-2021-3640.html o https://www.suse.com/security/cve/CVE-2021-3653.html o https://www.suse.com/security/cve/CVE-2021-3656.html o https://www.suse.com/security/cve/CVE-2021-3679.html o https://www.suse.com/security/cve/CVE-2021-3732.html o https://www.suse.com/security/cve/CVE-2021-3753.html o https://www.suse.com/security/cve/CVE-2021-3759.html o https://www.suse.com/security/cve/CVE-2021-38160.html o https://www.suse.com/security/cve/CVE-2021-38198.html o https://www.suse.com/security/cve/CVE-2021-38204.html o https://bugzilla.suse.com/1040364 o https://bugzilla.suse.com/1108488 o https://bugzilla.suse.com/1114648 o https://bugzilla.suse.com/1127650 o https://bugzilla.suse.com/1129898 o https://bugzilla.suse.com/1133374 o https://bugzilla.suse.com/1136513 o https://bugzilla.suse.com/1171420 o https://bugzilla.suse.com/1183050 o https://bugzilla.suse.com/1183983 o https://bugzilla.suse.com/1185902 o https://bugzilla.suse.com/1185973 o https://bugzilla.suse.com/1187076 o https://bugzilla.suse.com/1188172 o https://bugzilla.suse.com/1188439 o https://bugzilla.suse.com/1188616 o https://bugzilla.suse.com/1188885 o https://bugzilla.suse.com/1188982 o https://bugzilla.suse.com/1188983 o https://bugzilla.suse.com/1188985 o https://bugzilla.suse.com/1189057 o https://bugzilla.suse.com/1189262 o https://bugzilla.suse.com/1189268 o https://bugzilla.suse.com/1189269 o https://bugzilla.suse.com/1189270 o https://bugzilla.suse.com/1189271 o https://bugzilla.suse.com/1189272 o https://bugzilla.suse.com/1189291 o https://bugzilla.suse.com/1189301 o https://bugzilla.suse.com/1189384 o https://bugzilla.suse.com/1189385 o https://bugzilla.suse.com/1189392 o https://bugzilla.suse.com/1189399 o https://bugzilla.suse.com/1189400 o https://bugzilla.suse.com/1189505 o https://bugzilla.suse.com/1189506 o https://bugzilla.suse.com/1189562 o https://bugzilla.suse.com/1189564 o https://bugzilla.suse.com/1189565 o https://bugzilla.suse.com/1189566 o https://bugzilla.suse.com/1189567 o https://bugzilla.suse.com/1189568 o https://bugzilla.suse.com/1189569 o https://bugzilla.suse.com/1189573 o https://bugzilla.suse.com/1189577 o https://bugzilla.suse.com/1189579 o https://bugzilla.suse.com/1189581 o https://bugzilla.suse.com/1189582 o https://bugzilla.suse.com/1189639 o https://bugzilla.suse.com/1189640 o https://bugzilla.suse.com/1189706 o https://bugzilla.suse.com/1189846 o https://bugzilla.suse.com/1190022 o https://bugzilla.suse.com/1190025 o https://bugzilla.suse.com/1190115 o https://bugzilla.suse.com/1190117 - -------------------------------------------------------------------------------- SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3206-1 Rating: important References: #1040364 #1108488 #1114648 #1127650 #1129898 #1133374 #1136513 #1171420 #1183050 #1183983 #1185902 #1185973 #1187076 #1188172 #1188439 #1188616 #1188885 #1188982 #1188983 #1188985 #1189057 #1189262 #1189268 #1189269 #1189270 #1189271 #1189272 #1189291 #1189301 #1189384 #1189385 #1189392 #1189399 #1189400 #1189505 #1189506 #1189562 #1189564 #1189565 #1189566 #1189567 #1189568 #1189569 #1189573 #1189577 #1189579 #1189581 #1189582 #1189639 #1189640 #1189706 #1189846 #1190022 #1190025 #1190115 #1190117 Cross-References: CVE-2018-9517 CVE-2019-3874 CVE-2019-3900 CVE-2020-12770 CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3753 CVE-2021-3759 CVE-2021-38160 CVE-2021-38198 CVE-2021-38204 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise High Availability 12-SP5 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has 40 fixes is now available. Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: o CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488). o CVE-2019-3874: Fixed possible denial of service attack via SCTP socket buffer used by a userspace applications (bnc#1129898). o CVE-2019-3900: Fixed an infinite loop issue while handling incoming packets in handle_rx() (bnc#1133374). o CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). o CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). o CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). o CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). o CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). o CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc# 1190025). o CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). o CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/ char/virtio_console.c (bsc#1190117) o CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). o CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). o CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). o CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). o CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). The following non-security bugs were fixed: o ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). o ALSA: seq: Fix racy deletion of subscriber (git-fixes). o ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). o ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). o ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). o Bluetooth: Move shutdown callback before flushing tx and rx queue (git-fixes). o Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). o Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). o Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). o Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). o KVM: SVM: Call SEV Guest Decommission if ASID binding fails (12sp5). o NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). o NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc# 1040364). o PCI/MSI: Correct misleading comments (git-fixes). o PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). o PCI/MSI: Enable and mask MSI-X early (git-fixes). o PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). o PCI: Add Intel VMD devices to pci ids (bsc#1183983). o PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). o PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973). o PCI: vmd: Add an additional VMD device id to driver device id table (bsc# 1183983). o PCI: vmd: Add offset to bus numbers if necessary (bsc#1183983). o PCI: vmd: Assign membar addresses from shadow registers (bsc#1183983). o PCI: vmd: Filter resource type bits from shadow register (bsc#1183983). o PCI: vmd: Fix config addressing when using bus offsets (bsc#1183983). o PCI: vmd: Fix shadow offsets to reflect spec changes (bsc#1183983). o SUNRPC: Fix the batch tasks count wraparound (git-fixes). o SUNRPC: Should wake up the privileged task firstly (git-fixes). o SUNRPC: improve error response to over-size gss credential (bsc#1190022). o USB: serial: ch341: fix character loss at high transfer rates (git-fixes). o USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). o USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). o USB: usbtmc: Fix RCU stall warning (git-fixes). o USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). o arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback (git-fixes). o ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). o ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (git-fixes). o bcma: Fix memory leak for internally-handled cores (git-fixes). o bdi: Do not use freezable workqueue (bsc#1189573). o blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). o block: fix trace completion for chained bio (bsc#1189505). o can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). o cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). o cifs: avoid starvation when refreshing dfs cache (bsc#1185902). o cifs: constify get_normalized_path() properly (bsc#1185902). o cifs: do not cargo-cult strndup() (bsc#1185902). o cifs: do not send tree disconnect to ipc shares (bsc#1185902). o cifs: do not share tcp servers with dfs mounts (bsc#1185902). o cifs: do not share tcp sessions of dfs connections (bsc#1185902). o cifs: fix check of dfs interlinks (bsc#1185902). o cifs: fix path comparison and hash calc (bsc#1185902). o cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). o cifs: handle different charsets in dfs cache (bsc#1185902). o cifs: keep referral server sessions alive (bsc#1185902). o cifs: missing null pointer check in cifs_mount (bsc#1185902). o cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). o cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). o clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). o crypto: ccp - Annotate SEV Firmware file names (bsc#1189268). o crypto: nx - Fix RCU warning in nx842_OF_upd_status (git-fixes). o crypto: nx - Fix memcpy() over-reading in nonce (git-fixes). o crypto: talitos - Do not modify req->cryptlen on decryption (git-fixes). o crypto: talitos - fix ECB algs ivsize (git-fixes). o crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes). o dm btree remove: assign new_root only when removal succeeds (git fixes). o dm cache metadata: Avoid returning cmd->bm wild pointer on error (git fixes). o dm era: Fix bitset memory leaks (git fixes). o dm era: Recover committed writeset after crash (git fixes). o dm era: Reinitialize bitset cache before digesting a new writeset (git fixes). o dm era: Use correct value size in equality function of writeset tree (git fixes). o dm era: Verify the data block size hasn't changed (git fixes). o dm era: only resize metadata in preresume (git fixes). o dm ioctl: fix error return code in target_message (git fixes). o dm ioctl: fix out of bounds array access when no devices (git fixes). o dm persistent data: packed struct should have an aligned() attribute too (git fixes). o dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git fixes). o dm snapshot: fix crash with transient storage and zero chunk size (git fixes). o dm snapshot: flush merged data before committing metadata (git fixes). o dm snapshot: properly fix a crash when an origin has no snapshots (git fixes). o dm space map common: fix division bug in sm_ll_find_free_block() (git fixes). o dm table: fix iterate_devices based device capability checks (git fixes). o dm thin metadata: Avoid returning cmd->bm wild pointer on error (git fixes). o dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). o dm writecache: fix the maximum number of arguments (git-fixes). o dm writecache: handle DAX to partitions on persistent memory correctly (git-fixes). o dm writecache: remove BUG() and fail gracefully instead (git-fixes). o dm zoned: select CONFIG_CRC32 (git-fixes). o dm: eliminate potential source of excessive kernel log noise (git fixes). o dm: remove invalid sparse __acquires and __releases annotations (git-fixes). o ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). o ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). o ext4: fix avefreec in find_group_orlov (bsc#1189566). o ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). o ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). o ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). o ftgmac100: Restart MAC HW once (git-fixes). o i2c: dev: zero out array used for i2c reads from userspace (git-fixes). o i2c: highlander: add IRQ check (git-fixes). o i2c: iop3xx: fix deferred probing (git-fixes). o i2c: mt65xx: fix IRQ check (git-fixes). o i2c: s3c2410: fix IRQ check (git-fixes). o i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (git-fixes). o iio: adc: Fix incorrect exit of for-loop (git-fixes). o iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). o iommu/amd: Fix extended features logging (bsc#1189269). o iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189270). o iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189271). o iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189272). o kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). o kABI: s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193818). o mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). o md/raid10: properly indicate failure when ending a failed write request (git-fixes). o media: go7007: fix memory leak in go7007_usb_probe (git-fixes). o media: rtl28xxu: fix zero-length control request (git-fixes). o memcg: enable accounting for file lock caches (bsc#1190115). o mm, vmscan: guarantee drop_slab_node() termination (VM Functionality, bsc# 1189301). o mm/memory-failure: unnecessary amount of unmapping (bsc#1189640). o mm/memory.c: do_fault: avoid usage of stale vm_area_struct (bsc#1136513). o mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes). o mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc# 1189569). o mm/vmscan: fix infinite loop in drop_slab_node (VM Performance, bsc# 1189301). o mm: vmscan: scan anonymous pages on file refaults (VM Performance, bsc# 1183050). o mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). o net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes). o net: mvpp2: Add TCAM entry to drop flow control pause frames (git-fixes). o net: mvpp2: prs: fix PPPoE with ipv6 packet parse (git-fixes). o net: stmmac: use netif_tx_start|stop_all_queues() function (git-fixes). o net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes). o net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes). o nfs: fix acl memory leak of posix_acl_create() (git-fixes). o nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1187076). o nvme-fc: convert assoc_active flag to bit op (bsc#1187076). o nvme-fc: eliminate terminate_io use by nvme_fc_error_recovery (bsc# 1187076). o nvme-fc: fix double-free scenarios on hw queues (bsc#1187076). o nvme-fc: fix io timeout to abort I/O (bsc#1187076). o nvme-fc: fix racing controller reset and create association (bsc#1187076). o nvme-fc: remove err_work work item (bsc#1187076). o nvme-fc: remove nvme_fc_terminate_io() (bsc#1187076). o nvme-fc: track error_recovery while connecting (bsc#1187076). o ocfs2: fix snprintf() checking (bsc#1189581). o ocfs2: fix zero out valid data (bsc#1189579). o ocfs2: issue zeroout to EOF blocks (bsc#1189582). o ocfs2: ocfs2_downconvert_lock failure results in deadlock (bsc#1188439). o overflow: Correct check_shl_overflow() comment (git-fixes). o overflow: Include header file with SIZE_MAX declaration (git-fixes). o ovl: check whiteout in ovl_create_over_whiteout() (bsc#1189846). o ovl: filter of trusted xattr results in audit (bsc#1189846). o ovl: fix dentry leak in ovl_get_redirect (bsc#1189846). o ovl: initialize error in ovl_copy_xattr (bsc#1189846). o ovl: relax WARN_ON() on rename to self (bsc#1189846). o pcmcia: i82092: fix a null pointer dereference bug (git-fixes). o power: supply: max17042: handle fails of reading status register (git-fixes). o powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes). o qlcnic: Fix error code in probe (git-fixes). o r8152: Fix potential PM refcount imbalance (git-fixes). o readdir: make sure to verify directory entry for legacy interfaces too (bsc #1189639). o regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). o s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC# 193818). o scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). o scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). o scsi: libfc: Fix array index out of bound exception (bsc#1188616). o scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). o scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc# 1189385). o scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). o scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc #1189385). o scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). o scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). o scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). o scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). o scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). o scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc# 1189385). o scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc# 1189385). o scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). o scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). o scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). o scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc# 1189385). o scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc# 1189385). o scsi: lpfc: Improve firmware download logging (bsc#1189385). o scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). o scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). o scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc# 1189385). o scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). o scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). o scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc# 1189385). o scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). o scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc #1189385). o scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). o scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). o scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc# 1189385). o scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc #1189385). o scsi: qla2xxx: Add heartbeat check (bsc#1189392). o scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc# 1189392). o scsi: qla2xxx: Fix spelling mistakes "allloc" -> "alloc" (bsc#1189384). o scsi: qla2xxx: Fix use after free in debug code (bsc#1189384). o scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc# 1189392). o scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). o scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). o scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc# 1189392). o scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc# 1189384). o scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). o scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189384). o scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). o scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc# 1189392). o scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189384). o scsi: qla2xxx: edif: Add detection of secure device (bsc#1189384). o scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189384). o scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189384). o scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc# 1189384). o scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189384). o scsi: qla2xxx: edif: Add key update (bsc#1189384). o scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc# 1189384). o scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). o scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189384). o scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). o serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). o spi: mediatek: Fix fifo transfer (git-fixes). o spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). o staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). o virtio_net: Fix error code in probe() (git-fixes). o writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). o x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1114648). o x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1114648). o x86/fpu: Reset state for all signal restore failures (bsc#1114648). o x86/kvm: fix vcpu-id indexed array sizes (git-fixes). o x86/signal: Detect and prevent an alternate signal stack overflow (bsc# 1114648). o xen/events: Fix race in set_evtchn_to_irq (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2021-3206=1 o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-3206=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-3206=1 o SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2021-3206=1 o SUSE Linux Enterprise High Availability 12-SP5: zypper in -t patch SUSE-SLE-HA-12-SP5-2021-3206=1 Package List: o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): kernel-default-debuginfo-4.12.14-122.88.1 kernel-default-debugsource-4.12.14-122.88.1 kernel-default-extra-4.12.14-122.88.1 kernel-default-extra-debuginfo-4.12.14-122.88.1 o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.12.14-122.88.2 kernel-obs-build-debugsource-4.12.14-122.88.2 o SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch): kernel-docs-4.12.14-122.88.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): kernel-default-4.12.14-122.88.1 kernel-default-base-4.12.14-122.88.1 kernel-default-base-debuginfo-4.12.14-122.88.1 kernel-default-debuginfo-4.12.14-122.88.1 kernel-default-debugsource-4.12.14-122.88.1 kernel-default-devel-4.12.14-122.88.1 kernel-syms-4.12.14-122.88.1 o SUSE Linux Enterprise Server 12-SP5 (x86_64): kernel-default-devel-debuginfo-4.12.14-122.88.1 o SUSE Linux Enterprise Server 12-SP5 (noarch): kernel-devel-4.12.14-122.88.1 kernel-macros-4.12.14-122.88.1 kernel-source-4.12.14-122.88.1 o SUSE Linux Enterprise Server 12-SP5 (s390x): kernel-default-man-4.12.14-122.88.1 o SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kernel-default-debuginfo-4.12.14-122.88.1 kernel-default-debugsource-4.12.14-122.88.1 kernel-default-kgraft-4.12.14-122.88.1 kernel-default-kgraft-devel-4.12.14-122.88.1 kgraft-patch-4_12_14-122_88-default-1-8.5.1 o SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64): cluster-md-kmp-default-4.12.14-122.88.1 cluster-md-kmp-default-debuginfo-4.12.14-122.88.1 dlm-kmp-default-4.12.14-122.88.1 dlm-kmp-default-debuginfo-4.12.14-122.88.1 gfs2-kmp-default-4.12.14-122.88.1 gfs2-kmp-default-debuginfo-4.12.14-122.88.1 kernel-default-debuginfo-4.12.14-122.88.1 kernel-default-debugsource-4.12.14-122.88.1 ocfs2-kmp-default-4.12.14-122.88.1 ocfs2-kmp-default-debuginfo-4.12.14-122.88.1 References: o https://www.suse.com/security/cve/CVE-2018-9517.html o https://www.suse.com/security/cve/CVE-2019-3874.html o https://www.suse.com/security/cve/CVE-2019-3900.html o https://www.suse.com/security/cve/CVE-2020-12770.html o https://www.suse.com/security/cve/CVE-2021-34556.html o https://www.suse.com/security/cve/CVE-2021-35477.html o https://www.suse.com/security/cve/CVE-2021-3640.html o https://www.suse.com/security/cve/CVE-2021-3653.html o https://www.suse.com/security/cve/CVE-2021-3656.html o https://www.suse.com/security/cve/CVE-2021-3679.html o https://www.suse.com/security/cve/CVE-2021-3732.html o https://www.suse.com/security/cve/CVE-2021-3753.html o https://www.suse.com/security/cve/CVE-2021-3759.html o https://www.suse.com/security/cve/CVE-2021-38160.html o https://www.suse.com/security/cve/CVE-2021-38198.html o https://www.suse.com/security/cve/CVE-2021-38204.html o https://bugzilla.suse.com/1040364 o https://bugzilla.suse.com/1108488 o https://bugzilla.suse.com/1114648 o https://bugzilla.suse.com/1127650 o https://bugzilla.suse.com/1129898 o https://bugzilla.suse.com/1133374 o https://bugzilla.suse.com/1136513 o https://bugzilla.suse.com/1171420 o https://bugzilla.suse.com/1183050 o https://bugzilla.suse.com/1183983 o https://bugzilla.suse.com/1185902 o https://bugzilla.suse.com/1185973 o https://bugzilla.suse.com/1187076 o https://bugzilla.suse.com/1188172 o https://bugzilla.suse.com/1188439 o https://bugzilla.suse.com/1188616 o https://bugzilla.suse.com/1188885 o https://bugzilla.suse.com/1188982 o https://bugzilla.suse.com/1188983 o https://bugzilla.suse.com/1188985 o https://bugzilla.suse.com/1189057 o https://bugzilla.suse.com/1189262 o https://bugzilla.suse.com/1189268 o https://bugzilla.suse.com/1189269 o https://bugzilla.suse.com/1189270 o https://bugzilla.suse.com/1189271 o https://bugzilla.suse.com/1189272 o https://bugzilla.suse.com/1189291 o https://bugzilla.suse.com/1189301 o https://bugzilla.suse.com/1189384 o https://bugzilla.suse.com/1189385 o https://bugzilla.suse.com/1189392 o https://bugzilla.suse.com/1189399 o https://bugzilla.suse.com/1189400 o https://bugzilla.suse.com/1189505 o https://bugzilla.suse.com/1189506 o https://bugzilla.suse.com/1189562 o https://bugzilla.suse.com/1189564 o https://bugzilla.suse.com/1189565 o https://bugzilla.suse.com/1189566 o https://bugzilla.suse.com/1189567 o https://bugzilla.suse.com/1189568 o https://bugzilla.suse.com/1189569 o https://bugzilla.suse.com/1189573 o https://bugzilla.suse.com/1189577 o https://bugzilla.suse.com/1189579 o https://bugzilla.suse.com/1189581 o https://bugzilla.suse.com/1189582 o https://bugzilla.suse.com/1189639 o https://bugzilla.suse.com/1189640 o https://bugzilla.suse.com/1189706 o https://bugzilla.suse.com/1189846 o https://bugzilla.suse.com/1190022 o https://bugzilla.suse.com/1190025 o https://bugzilla.suse.com/1190115 o https://bugzilla.suse.com/1190117 - -------------------------------------------------------------------------------- SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3207-1 Rating: important References: #1040364 #1127650 #1135481 #1152489 #1160010 #1167032 #1168202 #1174969 #1175052 #1175543 #1177399 #1180141 #1180347 #1181148 #1181972 #1184114 #1184180 #1185675 #1185902 #1186264 #1186731 #1187211 #1187455 #1187468 #1187619 #1188067 #1188172 #1188418 #1188439 #1188616 #1188780 #1188781 #1188782 #1188783 #1188784 #1188786 #1188787 #1188788 #1188790 #1188878 #1188885 #1188924 #1188982 #1188983 #1188985 #1189021 #1189057 #1189077 #1189153 #1189197 #1189209 #1189210 #1189212 #1189213 #1189214 #1189215 #1189216 #1189217 #1189218 #1189219 #1189220 #1189221 #1189222 #1189229 #1189262 #1189291 #1189292 #1189298 #1189301 #1189305 #1189323 #1189384 #1189385 #1189392 #1189399 #1189400 #1189427 #1189449 #1189503 #1189504 #1189505 #1189506 #1189507 #1189562 #1189563 #1189564 #1189565 #1189566 #1189567 #1189568 #1189569 #1189573 #1189574 #1189575 #1189576 #1189577 #1189579 #1189581 #1189582 #1189583 #1189585 #1189586 #1189587 #1189706 #1189760 #1189832 #1189841 #1189870 #1189883 #1190025 #1190115 #1190117 #1190131 #1190181 Cross-References: CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-38160 CVE-2021-38198 CVE-2021-38204 CVE-2021-38205 CVE-2021-38207 Affected Products: SUSE MicroOS 5.0 SUSE Linux Enterprise Workstation Extension 15-SP2 SUSE Linux Enterprise Module for Live Patching 15-SP2 SUSE Linux Enterprise Module for Legacy Software 15-SP2 SUSE Linux Enterprise Module for Development Tools 15-SP2 SUSE Linux Enterprise Module for Basesystem 15-SP2 SUSE Linux Enterprise High Availability 15-SP2 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has 98 fixes is now available. Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: o CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). o CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/ char/virtio_console.c (bsc#1190117) o CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). o CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc# 1190025). o CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883). o CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by invalid id (bsc#1189832 ). o CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). o CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). o CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). o CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). o CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes (bnc#1189298). o CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292). o CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). o CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). o CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). o CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). The following non-security bugs were fixed: o ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). o ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Export function to claim _CST control (bsc#1175543) o ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc# 1175543) o ALSA: hda - fix the 'Capture Switch' value change notifications (git-fixes). o ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop (git-fixes). o ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256) (git-fixes). o ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes). o ALSA: hda/via: Apply runtime PM workaround for ASUS B23E (git-fixes). o ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes). o ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes). o ALSA: seq: Fix racy deletion of subscriber (git-fixes). o ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes). o ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (git-fixes). o ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes). o ALSA: usb-audio: fix incorrect clock source setting (git-fixes). o ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (git-fixes). o ASoC: cs42l42: Correct definition of ADC Volume control (git-fixes). o ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). o ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes). o ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). o ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). o ASoC: intel: atom: Fix breakage for PCM buffer address setup (git-fixes). o ASoC: intel: atom: Fix reference to PCM buffer address (git-fixes). o ASoC: ti: delete some dead code in omap_abe_probe() (git-fixes). o ASoC: tlv320aic31xx: Fix jack detection after suspend (git-fixes). o ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (git-fixes). o ASoC: wcd9335: Disable irq on slave ports in the remove function (git-fixes). o ASoC: wcd9335: Fix a double irq free in the remove function (git-fixes). o ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (git-fixes). o ASoC: xilinx: Fix reference to PCM buffer address (git-fixes). o Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). o Bluetooth: defer cleanup of resources in hci_unregister_dev() (git-fixes). o Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). o Bluetooth: hidp: use correct wait queue when removing ctrl_wait (git-fixes). o Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). o Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). o Documentation: admin-guide: PM: Add intel_idle document (bsc#1175543) o Drop watchdog iTCO_wdt patch that causes incompatible behavior (bsc# 1189449) Also blacklisted o Fix breakage of swap over NFS (bsc#1188924). o Fix kabi of prepare_to_wait_exclusive() (bsc#1189575). o HID: i2c-hid: Fix Elan touchpad regression (git-fixes). o HID: input: do not report stylus battery state as "full" (git-fixes). o KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786). o KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787). o KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (bsc #1188788). o KVM: nVMX: Really make emulated nested preemption timer pinned (bsc# 1188780). o KVM: nVMX: Reset the segment cache when stuffing guest segs (bsc#1188781). o KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc# 1188782). o KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration (bsc#1188783). o KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit (bsc#1188784). o KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790). o Move upstreamed BT fixes into sorted section o NFS: Correct size calculation for create reply length (bsc#1189870). o NFSv4.1: Do not rebind to the same source port when (bnc#1186264 bnc# 1189021) o NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). o NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc# 1040364). o PCI/MSI: Correct misleading comments (git-fixes). o PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). o PCI/MSI: Enable and mask MSI-X early (git-fixes). o PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes). o PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes). o PCI/MSI: Mask all unused MSI-X entries (git-fixes). o PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes). o PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). o PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes). o PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes). o PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). o README: Modernize build instructions. o Revert "ACPICA: Fix memory leak caused by _CID repair function" (git-fixes). o Revert "USB: serial: ch341: fix character loss at high transfer rates" (git-fixes). o Revert "dmaengine: imx-sdma: refine to load context only once" (git-fixes). o Revert "gpio: eic-sprd: Use devm_platform_ioremap_resource()" (git-fixes). o Revert "mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711" (git-fixes). o SUNRPC: 'Directory with parent 'rpc_clnt' already present!' (bsc#1168202 bsc#1188924). o SUNRPC: Fix the batch tasks count wraparound (git-fixes). o SUNRPC: Should wake up the privileged task firstly (git-fixes). o SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). o SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202 bsc# 1188924). o SUNRPC: prevent port reuse on transports which do not request it (bnc# 1186264 bnc#1189021). o USB: core: Avoid WARNings for 0-length descriptor requests (git-fixes). o USB: serial: ch341: fix character loss at high transfer rates (git-fixes). o USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). o USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). o USB: serial: option: add new VID/PID to support Fibocom FG150 (git-fixes). o USB: usbtmc: Fix RCU stall warning (git-fixes). o USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). o Update patches.suse/ ibmvnic-Allow-device-probe-if-the-device-is-not-read.patch (bsc#1167032 ltc #184087 bsc#1184114 ltc#192237). o VMCI: fix NULL pointer dereference when unmapping queue pair (git-fixes). o ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). o ath9k: Clear key cache explicitly on disabling hardware (git-fixes). o ath: Use safer key clearing with key cache entries (git-fixes). o bcma: Fix memory leak for internally-handled cores (git-fixes). o bdi: Do not use freezable workqueue (bsc#1189573). o blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() (bsc#1189507). o blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). o blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() (bsc#1189503). o blk-wbt: make sure throttle is enabled properly (bsc#1189504). o block: fix trace completion for chained bio (bsc#1189505). o brcmfmac: pcie: fix oops on failure to resume and reprobe (git-fixes). o btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077). o btrfs: account for new extents being deleted in total_bytes_pinned (bsc# 1135481). o btrfs: add a comment explaining the data flush steps (bsc#1135481). o btrfs: add btrfs_reserve_data_bytes and use it (bsc#1135481). o btrfs: add flushing states for handling data reservations (bsc#1135481). o btrfs: add the data transaction commit logic into may_commit_transaction (bsc#1135481). o btrfs: call btrfs_try_granting_tickets when freeing reserved bytes (bsc# 1135481). o btrfs: call btrfs_try_granting_tickets when reserving space (bsc#1135481). o btrfs: call btrfs_try_granting_tickets when unpinning anything (bsc# 1135481). o btrfs: change nr to u64 in btrfs_start_delalloc_roots (bsc#1135481). o btrfs: check tickets after waiting on ordered extents (bsc#1135481). o btrfs: do async reclaim for data reservations (bsc#1135481). o btrfs: don't force commit if we are data (bsc#1135481). o btrfs: drop the commit_cycles stuff for data reservations (bsc#1135481). o btrfs: factor out create_chunk() (bsc#1189077). o btrfs: factor out decide_stripe_size() (bsc#1189077). o btrfs: factor out gather_device_info() (bsc#1189077). o btrfs: factor out init_alloc_chunk_ctl (bsc#1189077). o btrfs: fix deadlock with concurrent chunk allocations involving system chunks (bsc#1189077). o btrfs: fix possible infinite loop in data async reclaim (bsc#1135481). o btrfs: flush delayed refs when trying to reserve data space (bsc#1135481). o btrfs: handle U64_MAX for shrink_delalloc (bsc#1135481). o btrfs: handle invalid profile in chunk allocation (bsc#1189077). o btrfs: handle space_info::total_bytes_pinned inside the delayed ref itself (bsc#1135481). o btrfs: introduce alloc_chunk_ctl (bsc#1189077). o btrfs: introduce chunk allocation policy (bsc#1189077). o btrfs: make ALLOC_CHUNK use the space info flags (bsc#1135481). o btrfs: make shrink_delalloc take space_info as an arg (bsc#1135481). o btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077). o btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077). o btrfs: refactor find_free_dev_extent_start() (bsc#1189077). o btrfs: remove orig from shrink_delalloc (bsc#1135481). o btrfs: rework chunk allocation to avoid exhaustion of the system chunk array (bsc#1189077). o btrfs: run delayed iputs before committing the transaction for data (bsc# 1135481). o btrfs: serialize data reservations if we are flushing (bsc#1135481). o btrfs: shrink delalloc pages instead of full inodes (bsc#1135481). o btrfs: track ordered bytes instead of just dio ordered bytes (bsc#1135481). o btrfs: use btrfs_start_delalloc_roots in shrink_delalloc (bsc#1135481). o btrfs: use the btrfs_space_info_free_bytes_may_use helper for delalloc (bsc #1135481). o btrfs: use the same helper for data and metadata reservations (bsc# 1135481). o btrfs: use ticketing for data space reservations (bsc#1135481). o can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes). o can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). o ceph: clean up and optimize ceph_check_delayed_caps() (bsc#1187468). o ceph: reduce contention in ceph_check_delayed_caps() (bsc#1187468). o ceph: take snap_empty_lock atomically with snaprealm refcount change (bsc# 1189427). o cfg80211: Fix possible memory leak in function cfg80211_bss_update (git-fixes). o cgroup1: fix leaked context root causing sporadic NULL deref in LTP (bsc# 1190181). o cgroup: verify that source is a string (bsc#1190131). o cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). o cifs: avoid starvation when refreshing dfs cache (bsc#1185902). o cifs: constify get_normalized_path() properly (bsc#1185902). o cifs: do not cargo-cult strndup() (bsc#1185902). o cifs: do not send tree disconnect to ipc shares (bsc#1185902). o cifs: do not share tcp servers with dfs mounts (bsc#1185902). o cifs: do not share tcp sessions of dfs connections (bsc#1185902). o cifs: fix check of dfs interlinks (bsc#1185902). o cifs: fix path comparison and hash calc (bsc#1185902). o cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). o cifs: handle different charsets in dfs cache (bsc#1185902). o cifs: keep referral server sessions alive (bsc#1185902). o cifs: missing null pointer check in cifs_mount (bsc#1185902). o cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). o cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). o clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes). o clk: kirkwood: Fix a clocking boot regression (git-fixes). o clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). o cpuidle: Allow idle states to be disabled by default (bsc#1175543) o cpuidle: Consolidate disabled state checks (bsc#1175543) o cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543) o cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543) o cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc# 1175543) o cpuidle: cpuidle_state kABI fix (bsc#1175543) o crypto: ccp - Annotate SEV Firmware file names (bsc#1189212). o crypto: qat - use proper type for vf_mask (git-fixes). o crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit (git-fixes). o dm integrity: fix missing goto in bitmap_flush_interval error handling (git-fixes). o dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git-fixes). o dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). o dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes). o dmaengine: imx-sdma: remove duplicated sdma_load_context (git-fixes). o dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (git-fixes). o dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (git-fixes). o dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (git-fixes). o drivers/block/null_blk/main: Fix a double free in null_init (git-fixes). o drm/amdgpu/acp: Make PM domain really work (git-fixes). o drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes). o drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (git-fixes). o drm/msm/dsi: Fix some reference counted resource leaks (git-fixes). o drm/nouveau/disp: power down unused DP links during init (git-fixes). o drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (git-fixes). o drm: Copy drm_wait_vblank to user before returning (git-fixes). o ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). o ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). o ext4: fix avefreec in find_group_orlov (bsc#1189566). o ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). o ext4: fix potential htree corruption when growing large_dir directories (bsc#1189576). o ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). o ext4: return error code when ext4_fill_flex_info() fails (bsc#1189563). o ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). o fanotify: fix copy_event_to_user() fid error clean up (bsc#1189574). o firmware_loader: fix use-after-free in firmware_fallback_sysfs (git-fixes). o firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback (git-fixes). o fpga: altera-freeze-bridge: Address warning about unused variable (git-fixes). o fpga: xiilnx-spi: Address warning about unused variable (git-fixes). o fpga: zynqmp-fpga: Address warning about unused variable (git-fixes). o gpio: eic-sprd: break loop when getting NULL device resource (git-fixes). o gpio: tqmx86: really make IRQ optional (git-fixes). o i2c: dev: zero out array used for i2c reads from userspace (git-fixes). o i2c: highlander: add IRQ check (git-fixes). o i2c: iop3xx: fix deferred probing (git-fixes). o i2c: mt65xx: fix IRQ check (git-fixes). o i2c: s3c2410: fix IRQ check (git-fixes). o iio: adc: Fix incorrect exit of for-loop (git-fixes). o iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (git-fixes). o iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). o intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc# 1175543) o intel_idle: Allow ACPI _CST to be used for selected known processors (bsc# 1175543) o intel_idle: Annotate init time data structures (bsc#1175543) o intel_idle: Customize IceLake server support (bsc#1175543) o intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc# 1180347, bsc#1180141) o intel_idle: Fix max_cstate for processor models without C-state tables (bsc #1175543) o intel_idle: Ignore _CST if control cannot be taken from the platform (bsc# 1175543) o intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543) o intel_idle: Use ACPI _CST for processor models without C-state tables (bsc# 1175543) o intel_idle: Use ACPI _CST on server systems (bsc#1175543) o iommu/amd: Fix extended features logging (bsc#1189213). o iommu/arm-smmu-v3: Decrease the queue size of evtq and priq (bsc#1189210). o iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189209). o iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214). o iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229). o iommu/vt-d: Check for allocation failure in aux_detach_device() (bsc# 1189215). o iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189216). o iommu/vt-d: Do not set then clear private data in prq_event_thread() (bsc# 1189217). o iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218). o iommu/vt-d: Force to flush iotlb before creating superpage (bsc#1189219). o iommu/vt-d: Global devTLB flush when present context entry changed (bsc# 1189220). o iommu/vt-d: Invalidate PASID cache when root/context entry changed (bsc# 1189221). o iommu/vt-d: Reject unsupported page request modes (bsc#1189222). o iwlwifi: rs-fw: do not support stbc for HE 160 (git-fixes). o kABI fix of usb_dcd_config_params (git-fixes). o kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). o kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server (bnc#1186264 bnc#1189021) o kabi fix for SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). o kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (bsc#1189153). o lib/mpi: use kcalloc in mpi_resize (git-fixes). o libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes). o mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). o mailbox: sti: quieten kernel-doc warnings (git-fixes). o md/raid10: properly indicate failure when ending a failed write request (git-fixes). o media: TDA1997x: enable EDID support (git-fixes). o media: cxd2880-spi: Fix an error handling path (git-fixes). o media: drivers/media/usb: fix memory leak in zr364xx_probe (git-fixes). o media: dvb-usb: Fix error handling in dvb_usb_i2c_init (git-fixes). o media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (git-fixes). o media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (git-fixes). o media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (git-fixes). o media: go7007: fix memory leak in go7007_usb_probe (git-fixes). o media: go7007: remove redundant initialization (git-fixes). o media: rtl28xxu: fix zero-length control request (git-fixes). o media: stkwebcam: fix memory leak in stk_camera_probe (git-fixes). o media: venus: venc: Fix potential null pointer dereference on pointer fmt (git-fixes). o media: videobuf2-core: dequeue if start_streaming fails (git-fixes). o media: zr364xx: fix memory leaks in probe() (git-fixes). o media: zr364xx: propagate errors from zr364xx_start_readpipe() (git-fixes). o memcg: enable accounting for file lock caches (bsc#1190115). o misc: atmel-ssc: lock with mutex instead of spinlock (git-fixes). o misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() (git-fixes). o mm, vmscan: guarantee drop_slab_node() termination (VM Functionality, bsc# 1189301). o mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc# 1189569). o mm: swap: properly update readahead statistics in unuse_pte_range() (bsc# 1187619). o mmc: dw_mmc: Fix hang on data CRC error (git-fixes). o mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (git-fixes). o mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711 (git-fixes). o mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (git-fixes). o mtd: rawnand: cafe: Fix a resource leak in the error handling path of 'cafe_nand_probe()' (git-fixes). o nbd: Aovid double completion of a request (git-fixes). o nbd: Fix NULL pointer in flush_workqueue (git-fixes). o nbd: do not update block size after device is started (git-fixes). o net/mlx5: Properly convey driver version to firmware (git-fixes). o net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes). o net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (git-fixes). o net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). o nfs: fix acl memory leak of posix_acl_create() (git-fixes). o nvme-multipath: revalidate paths during rescan (bsc#1187211) o nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth (bsc# 1181972). o nvme-pci: fix NULL req in completion handler (bsc#1181972). o nvme-pci: limit maximum queue depth to 4095 (bsc#1181972). o nvme-pci: use unsigned for io queue depth (bsc#1181972). o nvme-tcp: Do not reset transport on data digest errors (bsc#1188418). o nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data (bsc# 1181972). o nvme: avoid possible double fetch in handling CQE (bsc#1181972). o nvme: code command_id with a genctr for use-after-free validation (bsc# 1181972). o nvme: only call synchronize_srcu when clearing current path (bsc#1188067). o nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384). o ocfs2: fix snprintf() checking (bsc#1189581). o ocfs2: fix zero out valid data (bsc#1189579). o ocfs2: initialize ip_next_orphan (bsc#1186731). o ocfs2: issue zeroout to EOF blocks (bsc#1189582). o ocfs2: ocfs2_downconvert_lock failure results in deadlock (bsc#1188439). o overflow: Correct check_shl_overflow() comment (git-fixes). o ovl: allow upperdir inside lowerdir (bsc#1189323). o ovl: expand warning in ovl_d_real() (bsc#1189323). o ovl: fix missing revert_creds() on error path (bsc#1189323). o ovl: perform vfs_getxattr() with mounter creds (bsc#1189323). o ovl: skip getxattr of security labels (bsc#1189323). o params: lift param_set_uint_minmax to common code (bsc#1181972). o pcmcia: i82092: fix a null pointer dereference bug (git-fixes). o pinctrl: samsung: Fix pinctrl bank pin count (git-fixes). o pinctrl: single: Fix error return code in pcs_parse_bits_in_pinctrl_entry() (git-fixes). o pinctrl: stmfx: Fix hazardous u8[] to unsigned long cast (git-fixes). o platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (git-fixes). o power: supply: max17042: handle fails of reading status register (git-fixes). o powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes). o powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible (bsc# 1189197 ltc#193906). o powerpc/pseries: Fix regression while building external modules (bsc# 1160010 ltc#183046 git-fixes). o powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes) o powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148 ltc#190702 git-fixes). o regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). o regulator: vctrl: Avoid lockdep warning in enable/disable ops (git-fixes). o regulator: vctrl: Use locked regulator_get_voltage in probe path (git-fixes). o rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305) o rpm: Abolish image suffix (bsc#1189841). o rpm: Define $certs as rpm macro (bsc#1189841). o rpm: Fold kernel-devel and kernel-source scriptlets into spec files (bsc# 1189841). o rpm: kernel-binary.spec: Define $image as rpm macro (bsc#1189841). o rpm: support gz and zst compression methods Extend commit 18fcdff43a00 ("rpm: support compressed modules") for compression methods other than xz. o rq-qos: fix missed wake-ups in rq_qos_throttle try two (bsc#1189575). o rsi: fix an error code in rsi_probe() (git-fixes). o rsi: fix error code in rsi_load_9116_firmware() (git-fixes). o s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC# 193817). o s390/boot: fix use of expolines in the DMA code (bsc#1188878 ltc#193771). o sched/fair: Correctly insert cfs_rq's to list on unthrottle (git-fixes) o sched/rt: Fix RT utilization tracking during policy change (git-fixes) o scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc# SLE-18970). o scsi: blkcg: Fix application ID config options (bsc#1189385 jsc#SLE-18970). o scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970). o scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). o scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). o scsi: libfc: Fix array index out of bound exception (bsc#1188616). o scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). o scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc# 1189385). o scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). o scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc #1189385). o scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). o scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). o scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). o scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). o scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). o scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc# 1189385). o scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc# 1189385). o scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). o scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385). o scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). o scsi: lpfc: Fix function description comments for vmid routines (bsc# 1189385). o scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). o scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc# 1189385). o scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc# 1189385). o scsi: lpfc: Improve firmware download logging (bsc#1189385). o scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). o scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). o scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc# 1189385). o scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). o scsi: lpfc: Remove redundant assignment to pointer temp_hdr (bsc#1189385). o scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). o scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc# 1189385). o scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). o scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc #1189385). o scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). o scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). o scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc# 1189385). o scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc #1189385). o scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread (bsc# 1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc (bsc# 1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Add support for VMID in mailbox command (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Append the VMID to the wqe before sending (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Implement ELS commands for appid (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc# SLE-18970). o scsi: qla2xxx: Add heartbeat check (bsc#1189392). o scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc# 1189392). o scsi: qla2xxx: Fix spelling mistakes "allloc" -> "alloc" (bsc#1189392). o scsi: qla2xxx: Fix use after free in debug code (bsc#1189392). o scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc# 1189392). o scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). o scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). o scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc# 1189392). o scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc# 1189392). o scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). o scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392). o scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). o scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc# 1189392). o scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189392). o scsi: qla2xxx: edif: Add detection of secure device (bsc#1189392). o scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189392). o scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392). o scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc# 1189392). o scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189392). o scsi: qla2xxx: edif: Add key update (bsc#1189392). o scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc# 1189392). o scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). o scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189392). o scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state (bsc# 1184180). o scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). o scsi: zfcp: Report port fc_security as unknown early during remote cable pull (git-fixes). o serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). o serial: 8250_mtk: fix uart corruption issue when rx power off (git-fixes). o serial: tegra: Only print FIFO error message when an error occurs (git-fixes). o slimbus: messaging: check for valid transaction id (git-fixes). o slimbus: messaging: start transaction ids from 1 instead of zero (git-fixes). o slimbus: ngd: reset dma setup during runtime pm (git-fixes). o soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes). o soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes). o soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes). o soc: ixp4xx: fix printing resources (git-fixes). o soc: qcom: rpmhpd: Use corner in power_off (git-fixes). o soc: qcom: smsm: Fix missed interrupts if state changes while masked (git-fixes). o spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes). o spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation (git-fixes). o spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (git-fixes). o spi: mediatek: Fix fifo transfer (git-fixes). o spi: meson-spicc: fix memory leak in meson_spicc_remove (git-fixes). o spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes). o spi: stm32h7: fix full duplex irq handler handling (git-fixes). o staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (git-fixes). o staging: rtl8712: get rid of flush_scheduled_work (git-fixes). o staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). o tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (git-fixes). o tracing / histogram: Give calculation hist_fields a size (git-fixes). o tracing: Reject string operand in the histogram expression (git-fixes). o tty: serial: fsl_lpuart: fix the wrong mapbase value (git-fixes). o ubifs: Fix error return code in alloc_wbufs() (bsc#1189585). o ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583). o ubifs: Only check replay with inode type to judge if inode linked (bsc# 1187455). o ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (bsc#1189587). o ubifs: journal: Fix error return code in ubifs_jnl_write_inode() (bsc# 1189586). o usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (git-fixes). o usb: dwc2: Postponed gadget registration to the udc class driver (git-fixes). o usb: dwc3: Add support for DWC_usb32 IP (git-fixes). o usb: dwc3: Disable phy suspend after power-on reset (git-fixes). o usb: dwc3: Separate field holding multiple properties (git-fixes). o usb: dwc3: Stop active transfers before halting the controller (git-fixes). o usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes). o usb: dwc3: Use devres to get clocks (git-fixes). o usb: dwc3: core: Properly default unspecified speed (git-fixes). o usb: dwc3: core: do not do suspend for device mode if already suspended (git-fixes). o usb: dwc3: debug: Remove newline printout (git-fixes). o usb: dwc3: gadget: Check MPS of the request length (git-fixes). o usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set (git-fixes). o usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (git-fixes). o usb: dwc3: gadget: Disable gadget IRQ during pullup disable (git-fixes). o usb: dwc3: gadget: Do not send unintended link state change (git-fixes). o usb: dwc3: gadget: Do not setup more than requested (git-fixes). o usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes). o usb: dwc3: gadget: Fix handling ZLP (git-fixes). o usb: dwc3: gadget: Give back staled requests (git-fixes). o usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes). o usb: dwc3: gadget: Prevent EP queuing while stopping transfers (git-fixes). o usb: dwc3: gadget: Properly track pending and queued SG (git-fixes). o usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (git-fixes). o usb: dwc3: gadget: Set BESL config parameter (git-fixes). o usb: dwc3: gadget: Set link state to RX_Detect on disconnect (git-fixes). o usb: dwc3: gadget: Stop EP0 transfers during pullup disable (git-fixes). o usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes). o usb: dwc3: meson-g12a: add IRQ check (git-fixes). o usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init (git-fixes). o usb: dwc3: of-simple: add a shutdown (git-fixes). o usb: dwc3: st: Add of_dev_put() in probe function (git-fixes). o usb: dwc3: st: Add of_node_put() before return in probe function (git-fixes). o usb: dwc3: support continuous runtime PM with dual role (git-fixes). o usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (git-fixes). o usb: gadget: Export recommended BESL values (git-fixes). o usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (git-fixes). o usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes). o usb: gadget: f_hid: idle uses the highest byte for duration (git-fixes). o usb: gadget: mv_u3d: request_irq() after initializing UDC (git-fixes). o usb: gadget: udc: at91: add IRQ check (git-fixes). o usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (git-fixes). o usb: host: ohci-tmio: add IRQ check (git-fixes). o usb: host: xhci-rcar: Do not reload firmware after the completion (git-fixes). o usb: mtu3: fix the wrong HS mult value (git-fixes). o usb: mtu3: use @mult for HS isoc or intr (git-fixes). o usb: phy: fsl-usb: add IRQ check (git-fixes). o usb: phy: tahvo: add IRQ check (git-fixes). o usb: phy: twl6030: add IRQ checks (git-fixes). o virt_wifi: fix error on connect (git-fixes). o virtio_pci: Support surprise removal of virtio pci device (git-fixes). o wireguard: allowedips: allocate nodes in kmem_cache (git-fixes). o wireguard: allowedips: free empty intermediate nodes when removing single node (git-fixes). o wireguard: allowedips: remove nodes in O(1) (git-fixes). o writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). o x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1152489). o x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1152489). o x86/fpu: Reset state for all signal restore failures (bsc#1152489). o x86/kvm: fix vcpu-id indexed array sizes (git-fixes). o x86/signal: Detect and prevent an alternate signal stack overflow (bsc# 1152489). o xen/events: Fix race in set_evtchn_to_irq (git-fixes). o xprtrdma: Pad optimization, revisited (bsc#1189760). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE MicroOS 5.0: zypper in -t patch SUSE-SUSE-MicroOS-5.0-2021-3207=1 o SUSE Linux Enterprise Workstation Extension 15-SP2: zypper in -t patch SUSE-SLE-Product-WE-15-SP2-2021-3207=1 o SUSE Linux Enterprise Module for Live Patching 15-SP2: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2021-3207=1 o SUSE Linux Enterprise Module for Legacy Software 15-SP2: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP2-2021-3207=1 o SUSE Linux Enterprise Module for Development Tools 15-SP2: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2021-3207=1 o SUSE Linux Enterprise Module for Basesystem 15-SP2: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2021-3207=1 o SUSE Linux Enterprise High Availability 15-SP2: zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2021-3207=1 Package List: o SUSE MicroOS 5.0 (aarch64 x86_64): kernel-default-5.3.18-24.83.2 kernel-default-base-5.3.18-24.83.2.9.38.3 kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 o SUSE Linux Enterprise Workstation Extension 15-SP2 (x86_64): kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 kernel-default-extra-5.3.18-24.83.2 kernel-default-extra-debuginfo-5.3.18-24.83.2 kernel-preempt-extra-5.3.18-24.83.2 kernel-preempt-extra-debuginfo-5.3.18-24.83.2 o SUSE Linux Enterprise Module for Live Patching 15-SP2 (ppc64le s390x x86_64): kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 kernel-default-livepatch-5.3.18-24.83.2 kernel-default-livepatch-devel-5.3.18-24.83.2 kernel-livepatch-5_3_18-24_83-default-1-5.3.4 kernel-livepatch-5_3_18-24_83-default-debuginfo-1-5.3.4 kernel-livepatch-SLE15-SP2_Update_19-debugsource-1-5.3.4 o SUSE Linux Enterprise Module for Legacy Software 15-SP2 (aarch64 ppc64le s390x x86_64): kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 reiserfs-kmp-default-5.3.18-24.83.2 reiserfs-kmp-default-debuginfo-5.3.18-24.83.2 o SUSE Linux Enterprise Module for Development Tools 15-SP2 (aarch64 ppc64le s390x x86_64): kernel-obs-build-5.3.18-24.83.2 kernel-obs-build-debugsource-5.3.18-24.83.2 kernel-syms-5.3.18-24.83.1 o SUSE Linux Enterprise Module for Development Tools 15-SP2 (aarch64 x86_64): kernel-preempt-debuginfo-5.3.18-24.83.2 kernel-preempt-debugsource-5.3.18-24.83.2 kernel-preempt-devel-5.3.18-24.83.2 kernel-preempt-devel-debuginfo-5.3.18-24.83.2 o SUSE Linux Enterprise Module for Development Tools 15-SP2 (noarch): kernel-docs-5.3.18-24.83.2 kernel-source-5.3.18-24.83.1 o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x x86_64): kernel-default-5.3.18-24.83.2 kernel-default-base-5.3.18-24.83.2.9.38.3 kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 kernel-default-devel-5.3.18-24.83.2 kernel-default-devel-debuginfo-5.3.18-24.83.2 o SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 x86_64): kernel-preempt-5.3.18-24.83.2 kernel-preempt-debuginfo-5.3.18-24.83.2 kernel-preempt-debugsource-5.3.18-24.83.2 o SUSE Linux Enterprise Module for Basesystem 15-SP2 (noarch): kernel-devel-5.3.18-24.83.1 kernel-macros-5.3.18-24.83.1 o SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64): cluster-md-kmp-default-5.3.18-24.83.2 cluster-md-kmp-default-debuginfo-5.3.18-24.83.2 dlm-kmp-default-5.3.18-24.83.2 dlm-kmp-default-debuginfo-5.3.18-24.83.2 gfs2-kmp-default-5.3.18-24.83.2 gfs2-kmp-default-debuginfo-5.3.18-24.83.2 kernel-default-debuginfo-5.3.18-24.83.2 kernel-default-debugsource-5.3.18-24.83.2 ocfs2-kmp-default-5.3.18-24.83.2 ocfs2-kmp-default-debuginfo-5.3.18-24.83.2 References: o https://www.suse.com/security/cve/CVE-2021-34556.html o https://www.suse.com/security/cve/CVE-2021-35477.html o https://www.suse.com/security/cve/CVE-2021-3640.html o https://www.suse.com/security/cve/CVE-2021-3653.html o https://www.suse.com/security/cve/CVE-2021-3656.html o https://www.suse.com/security/cve/CVE-2021-3679.html o https://www.suse.com/security/cve/CVE-2021-3732.html o https://www.suse.com/security/cve/CVE-2021-3739.html o https://www.suse.com/security/cve/CVE-2021-3743.html o https://www.suse.com/security/cve/CVE-2021-3753.html o https://www.suse.com/security/cve/CVE-2021-3759.html o https://www.suse.com/security/cve/CVE-2021-38160.html o https://www.suse.com/security/cve/CVE-2021-38198.html o https://www.suse.com/security/cve/CVE-2021-38204.html o https://www.suse.com/security/cve/CVE-2021-38205.html o https://www.suse.com/security/cve/CVE-2021-38207.html o https://bugzilla.suse.com/1040364 o https://bugzilla.suse.com/1127650 o https://bugzilla.suse.com/1135481 o https://bugzilla.suse.com/1152489 o https://bugzilla.suse.com/1160010 o https://bugzilla.suse.com/1167032 o https://bugzilla.suse.com/1168202 o https://bugzilla.suse.com/1174969 o https://bugzilla.suse.com/1175052 o https://bugzilla.suse.com/1175543 o https://bugzilla.suse.com/1177399 o https://bugzilla.suse.com/1180141 o https://bugzilla.suse.com/1180347 o https://bugzilla.suse.com/1181148 o https://bugzilla.suse.com/1181972 o https://bugzilla.suse.com/1184114 o https://bugzilla.suse.com/1184180 o https://bugzilla.suse.com/1185675 o https://bugzilla.suse.com/1185902 o https://bugzilla.suse.com/1186264 o https://bugzilla.suse.com/1186731 o https://bugzilla.suse.com/1187211 o https://bugzilla.suse.com/1187455 o https://bugzilla.suse.com/1187468 o https://bugzilla.suse.com/1187619 o https://bugzilla.suse.com/1188067 o https://bugzilla.suse.com/1188172 o https://bugzilla.suse.com/1188418 o https://bugzilla.suse.com/1188439 o https://bugzilla.suse.com/1188616 o https://bugzilla.suse.com/1188780 o https://bugzilla.suse.com/1188781 o https://bugzilla.suse.com/1188782 o https://bugzilla.suse.com/1188783 o https://bugzilla.suse.com/1188784 o https://bugzilla.suse.com/1188786 o https://bugzilla.suse.com/1188787 o https://bugzilla.suse.com/1188788 o https://bugzilla.suse.com/1188790 o https://bugzilla.suse.com/1188878 o https://bugzilla.suse.com/1188885 o https://bugzilla.suse.com/1188924 o https://bugzilla.suse.com/1188982 o https://bugzilla.suse.com/1188983 o https://bugzilla.suse.com/1188985 o https://bugzilla.suse.com/1189021 o https://bugzilla.suse.com/1189057 o https://bugzilla.suse.com/1189077 o https://bugzilla.suse.com/1189153 o https://bugzilla.suse.com/1189197 o https://bugzilla.suse.com/1189209 o https://bugzilla.suse.com/1189210 o https://bugzilla.suse.com/1189212 o https://bugzilla.suse.com/1189213 o https://bugzilla.suse.com/1189214 o https://bugzilla.suse.com/1189215 o https://bugzilla.suse.com/1189216 o https://bugzilla.suse.com/1189217 o https://bugzilla.suse.com/1189218 o https://bugzilla.suse.com/1189219 o https://bugzilla.suse.com/1189220 o https://bugzilla.suse.com/1189221 o https://bugzilla.suse.com/1189222 o https://bugzilla.suse.com/1189229 o https://bugzilla.suse.com/1189262 o https://bugzilla.suse.com/1189291 o https://bugzilla.suse.com/1189292 o https://bugzilla.suse.com/1189298 o https://bugzilla.suse.com/1189301 o https://bugzilla.suse.com/1189305 o https://bugzilla.suse.com/1189323 o https://bugzilla.suse.com/1189384 o https://bugzilla.suse.com/1189385 o https://bugzilla.suse.com/1189392 o https://bugzilla.suse.com/1189399 o https://bugzilla.suse.com/1189400 o https://bugzilla.suse.com/1189427 o https://bugzilla.suse.com/1189449 o https://bugzilla.suse.com/1189503 o https://bugzilla.suse.com/1189504 o https://bugzilla.suse.com/1189505 o https://bugzilla.suse.com/1189506 o https://bugzilla.suse.com/1189507 o https://bugzilla.suse.com/1189562 o https://bugzilla.suse.com/1189563 o https://bugzilla.suse.com/1189564 o https://bugzilla.suse.com/1189565 o https://bugzilla.suse.com/1189566 o https://bugzilla.suse.com/1189567 o https://bugzilla.suse.com/1189568 o https://bugzilla.suse.com/1189569 o https://bugzilla.suse.com/1189573 o https://bugzilla.suse.com/1189574 o https://bugzilla.suse.com/1189575 o https://bugzilla.suse.com/1189576 o https://bugzilla.suse.com/1189577 o https://bugzilla.suse.com/1189579 o https://bugzilla.suse.com/1189581 o https://bugzilla.suse.com/1189582 o https://bugzilla.suse.com/1189583 o https://bugzilla.suse.com/1189585 o https://bugzilla.suse.com/1189586 o https://bugzilla.suse.com/1189587 o https://bugzilla.suse.com/1189706 o https://bugzilla.suse.com/1189760 o https://bugzilla.suse.com/1189832 o https://bugzilla.suse.com/1189841 o https://bugzilla.suse.com/1189870 o https://bugzilla.suse.com/1189883 o https://bugzilla.suse.com/1190025 o https://bugzilla.suse.com/1190115 o https://bugzilla.suse.com/1190117 o https://bugzilla.suse.com/1190131 o https://bugzilla.suse.com/1190181 - -------------------------------------------------------------------------------- SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3205-1 Rating: important References: #1040364 #1127650 #1135481 #1152489 #1160010 #1168202 #1171420 #1174969 #1175052 #1175543 #1177399 #1180100 #1180141 #1180347 #1181006 #1181148 #1181972 #1184180 #1185902 #1186264 #1186731 #1187211 #1187455 #1187468 #1187483 #1187619 #1187959 #1188067 #1188172 #1188231 #1188270 #1188412 #1188418 #1188616 #1188700 #1188780 #1188781 #1188782 #1188783 #1188784 #1188786 #1188787 #1188788 #1188790 #1188878 #1188885 #1188924 #1188982 #1188983 #1188985 #1189021 #1189057 #1189077 #1189153 #1189197 #1189209 #1189210 #1189212 #1189213 #1189214 #1189215 #1189216 #1189217 #1189218 #1189219 #1189220 #1189221 #1189222 #1189225 #1189229 #1189233 #1189262 #1189291 #1189292 #1189296 #1189298 #1189301 #1189305 #1189323 #1189384 #1189385 #1189392 #1189393 #1189399 #1189400 #1189427 #1189503 #1189504 #1189505 #1189506 #1189507 #1189562 #1189563 #1189564 #1189565 #1189566 #1189567 #1189568 #1189569 #1189573 #1189574 #1189575 #1189576 #1189577 #1189579 #1189581 #1189582 #1189583 #1189585 #1189586 #1189587 #1189706 #1189760 #1189762 #1189832 #1189841 #1189870 #1189872 #1189883 #1190022 #1190025 #1190115 #1190117 #1190412 #1190413 #1190428 Cross-References: CVE-2020-12770 CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3739 CVE-2021-3743 CVE-2021-3753 CVE-2021-3759 CVE-2021-38160 CVE-2021-38166 CVE-2021-38198 CVE-2021-38204 CVE-2021-38205 CVE-2021-38206 CVE-2021-38207 CVE-2021-38209 Affected Products: SUSE Linux Enterprise Workstation Extension 15-SP3 SUSE Linux Enterprise Module for Live Patching 15-SP3 SUSE Linux Enterprise Module for Legacy Software 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise High Availability 15-SP3 ______________________________________________________________________________ An update that solves 20 vulnerabilities and has 106 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: o CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). o CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). o CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). o CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). o CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). o CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by invalid id (bsc#1189832 ). o CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883). o CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc# 1190025). o CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/ char/virtio_console.c (bsc#1190117) o CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). o CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). o CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292). o CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes (bnc#1189298). o CVE-2021-38166: Fixed an integer overflow and out-of-bounds write when many elements are placed in a single bucket in kernel/bpf/hashtab.c (bnc#1189233 ). o CVE-2021-38209: Fixed allowed observation of changes in any net namespace via net/netfilter/nf_conntrack_standalone.c (bnc#1189393). o CVE-2021-38206: Fixed NULL pointer dereference in the radiotap parser inside the mac80211 subsystem (bnc#1189296). o CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). o CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). o CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). o CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). The following non-security bugs were fixed: o ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). o ACPI: processor: Clean up acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Export acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Export function to claim _CST control (bsc#1175543) o ACPI: processor: Introduce acpi_processor_evaluate_cst() (bsc#1175543) o ACPI: processor: Make ACPI_PROCESSOR_CSTATE depend on ACPI_PROCESSOR (bsc# 1175543) o ALSA: hda - fix the 'Capture Switch' value change notifications (git-fixes). o ALSA: hda/hdmi: Add quirk to force pin connectivity on NUC10 (git-fixes). o ALSA: hda/hdmi: fix max DP-MST dev_num for Intel TGL+ platforms (git-fixes). o ALSA: hda/hdmi: let new platforms assign the pcm slot dynamically (git-fixes). o ALSA: hda/realtek - Add ALC285 HP init procedure (git-fixes). o ALSA: hda/realtek - Add type for ALC287 (git-fixes). o ALSA: hda/realtek: Change device names for quirks to barebone names (git-fixes). o ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9510 laptop (git-fixes). o ALSA: hda/realtek: Fix headset mic for Acer SWIFT SF314-56 (ALC256) (git-fixes). o ALSA: hda/realtek: Limit mic boost on HP ProBook 445 G8 (git-fixes). o ALSA: hda/realtek: add mic quirk for Acer SF314-42 (git-fixes). o ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx series (git-fixes). o ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 650 G8 Notebook PC (git-fixes). o ALSA: hda/via: Apply runtime PM workaround for ASUS B23E (git-fixes). o ALSA: hda: Add quirk for ASUS Flow x13 (git-fixes). o ALSA: hda: Fix hang during shutdown due to link reset (git-fixes). o ALSA: hda: Release controller display power during shutdown/reboot (git-fixes). o ALSA: pcm: Fix mmap breakage without explicit buffer setup (git-fixes). o ALSA: pcm: fix divide error in snd_pcm_lib_ioctl (git-fixes). o ALSA: seq: Fix racy deletion of subscriber (git-fixes). o ALSA: usb-audio: Add registration quirk for JBL Quantum 600 (git-fixes). o ALSA: usb-audio: Avoid unnecessary or invalid connector selection at resume (git-fixes). o ALSA: usb-audio: Fix regression on Sony WALKMAN NW-A45 DAC (git-fixes). o ALSA: usb-audio: Fix superfluous autosuspend recovery (git-fixes). o ALSA: usb-audio: fix incorrect clock source setting (git-fixes). o ASoC: Intel: Skylake: Fix module resource and format selection (git-fixes). o ASoC: Intel: Skylake: Leave data as is when invoking TLV IPCs (git-fixes). o ASoC: Intel: kbl_da7219_max98927: Fix format selection for max98373 (git-fixes). o ASoC: SOF: Intel: hda-ipc: fix reply size checking (git-fixes). o ASoC: amd: Fix reference to PCM buffer address (git-fixes). o ASoC: component: Remove misplaced prefix handling in pin control functions (git-fixes). o ASoC: cs42l42: Correct definition of ADC Volume control (git-fixes). o ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). o ASoC: cs42l42: Fix LRCLK frame start edge (git-fixes). o ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). o ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). o ASoC: intel: atom: Fix breakage for PCM buffer address setup (git-fixes). o ASoC: intel: atom: Fix reference to PCM buffer address (git-fixes). o ASoC: mediatek: mt8183: Fix Unbalanced pm_runtime_enable in mt8183_afe_pcm_dev_probe (git-fixes). o ASoC: rt5682: Adjust headset volume button threshold (git-fixes). o ASoC: rt5682: Adjust headset volume button threshold again (git-fixes). o ASoC: rt5682: Fix the issue of garbled recording after powerd_dbus_suspend (git-fixes). o ASoC: ti: j721e-evm: Check for not initialized parent_clk_id (git-fixes). o ASoC: ti: j721e-evm: Fix unbalanced domain activity tracking during startup (git-fixes). o ASoC: tlv320aic31xx: Fix jack detection after suspend (git-fixes). o ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits (git-fixes). o ASoC: uniphier: Fix reference to PCM buffer address (git-fixes). o ASoC: wcd9335: Disable irq on slave ports in the remove function (git-fixes). o ASoC: wcd9335: Fix a double irq free in the remove function (git-fixes). o ASoC: wcd9335: Fix a memory leak in the error handling path of the probe function (git-fixes). o ASoC: xilinx: Fix reference to PCM buffer address (git-fixes). o Avoid double printing SUSE specific flags in mod->taint (bsc#1190413). o Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). o Bluetooth: btusb: Fix a unspported condition to set available debug features (git-fixes). o Bluetooth: btusb: check conditions before enabling USB ALT 3 for WBS (git-fixes). o Bluetooth: defer cleanup of resources in hci_unregister_dev() (git-fixes). o Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). o Bluetooth: hidp: use correct wait queue when removing ctrl_wait (git-fixes). o Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). o Bluetooth: mgmt: Fix wrong opcode in the response for add_adv cmd (git-fixes). o Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). o Drop two intel_int0002_vgpio patches that cause Oops (bsc#1190412) o KVM: VMX: Drop guest CPUID check for VMXE in vmx_set_cr4() (bsc#1188786). o KVM: VMX: Enable machine check support for 32bit targets (bsc#1188787). o KVM: VMX: Explicitly clear RFLAGS.CF and RFLAGS.ZF in VM-Exit RSB path (bsc #1188788). o KVM: VMX: Extend VMXs #AC interceptor to handle split lock #AC in guest (bsc#1187959). o KVM: nVMX: Handle split-lock #AC exceptions that happen in L2 (bsc# 1187959). o KVM: nVMX: Really make emulated nested preemption timer pinned (bsc# 1188780). o KVM: nVMX: Reset the segment cache when stuffing guest segs (bsc#1188781). o KVM: nVMX: Skip IBPB when switching between vmcs01 and vmcs02 (bsc# 1188782). o KVM: nVMX: Sync unsync'd vmcs02 state to vmcs12 on migration (bsc#1188783). o KVM: nVMX: Truncate bits 63:32 of VMCS field on nested check in !64-bit (bsc#1188784). o KVM: x86: Emulate split-lock access as a write in emulator (bsc#1187959). o KVM: x86: bit 8 of non-leaf PDPEs is not reserved (bsc#1188790). o NFS: Correct size calculation for create reply length (bsc#1189870). o NFSv4.1: Do not rebind to the same source port when (bnc#1186264 bnc# 1189021) o NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). o NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc# 1040364). o PCI/MSI: Correct misleading comments (git-fixes). o PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). o PCI/MSI: Enable and mask MSI-X early (git-fixes). o PCI/MSI: Enforce MSI[X] entry updates to be visible (git-fixes). o PCI/MSI: Enforce that MSI-X table entry is masked for update (git-fixes). o PCI/MSI: Mask all unused MSI-X entries (git-fixes). o PCI/MSI: Skip masking MSI-X on Xen PV (git-fixes). o PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). o PCI: Increase D3 delay for AMD Renoir/Cezanne XHCI (git-fixes). o PCI: PM: Avoid forcing PCI_D0 for wakeup reasons inconsistently (git-fixes). o PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). o RDMA/bnxt_re: Fix stats counters (bsc#1188231). o SUNRPC: 'Directory with parent 'rpc_clnt' already present!' (bsc#1168202 bsc#1188924). o SUNRPC: Fix the batch tasks count wraparound (git-fixes). o SUNRPC: Should wake up the privileged task firstly (git-fixes). o SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). o SUNRPC: fix use-after-free in rpc_free_client_work() (bsc#1168202 bsc# 1188924). o SUNRPC: improve error response to over-size gss credential (bsc#1190022). o SUNRPC: prevent port reuse on transports which do not request it (bnc# 1186264 bnc#1189021). o USB: core: Avoid WARNings for 0-length descriptor requests (git-fixes). o USB: serial: ch341: fix character loss at high transfer rates (git-fixes). o USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). o USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). o USB: usbtmc: Fix RCU stall warning (git-fixes). o USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). o VMCI: fix NULL pointer dereference when unmapping queue pair (git-fixes). o ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). o ath9k: Clear key cache explicitly on disabling hardware (git-fixes). o ath: Use safer key clearing with key cache entries (git-fixes). o bcma: Fix memory leak for internally-handled cores (git-fixes). o bdi: Do not use freezable workqueue (bsc#1189573). o blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() (bsc#1189507). o blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). o blk-wbt: introduce a new disable state to prevent false positive by rwb_enabled() (bsc#1189503). o blk-wbt: make sure throttle is enabled properly (bsc#1189504). o block: fix trace completion for chained bio (bsc#1189505). o bnxt_en: Validate vlan protocol ID on RX packets (jsc#SLE-15075). o brcmfmac: pcie: fix oops on failure to resume and reprobe (git-fixes). o btrfs: Rename __btrfs_alloc_chunk to btrfs_alloc_chunk (bsc#1189077). o btrfs: add a trace class for dumping the current ENOSPC state (bsc# 1135481). o btrfs: add a trace point for reserve tickets (bsc#1135481). o btrfs: adjust the flush trace point to include the source (bsc#1135481). o btrfs: check reclaim_size in need_preemptive_reclaim (bsc#1135481). o btrfs: factor out create_chunk() (bsc#1189077). o btrfs: factor out decide_stripe_size() (bsc#1189077). o btrfs: factor out gather_device_info() (bsc#1189077). o btrfs: factor out init_alloc_chunk_ctl (bsc#1189077). o btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1135481). o btrfs: fix deadlock with concurrent chunk allocations involving system chunks (bsc#1189077). o btrfs: handle invalid profile in chunk allocation (bsc#1189077). o btrfs: implement space clamping for preemptive flushing (bsc#1135481). o btrfs: improve preemptive background space flushing (bsc#1135481). o btrfs: introduce a FORCE_COMMIT_TRANS flush operation (bsc#1135481). o btrfs: introduce alloc_chunk_ctl (bsc#1189077). o btrfs: introduce chunk allocation policy (bsc#1189077). o btrfs: make flush_space take a enum btrfs_flush_state instead of int (bsc# 1135481). o btrfs: move the chunk_mutex in btrfs_read_chunk_tree (bsc#1189077). o btrfs: parameterize dev_extent_min for chunk allocation (bsc#1189077). o btrfs: refactor find_free_dev_extent_start() (bsc#1189077). o btrfs: remove FLUSH_DELAYED_REFS from data ENOSPC flushing (bsc#1135481). o btrfs: rename need_do_async_reclaim (bsc#1135481). o btrfs: rework btrfs_calc_reclaim_metadata_size (bsc#1135481). o btrfs: rework chunk allocation to avoid exhaustion of the system chunk array (bsc#1189077). o btrfs: rip out btrfs_space_info::total_bytes_pinned (bsc#1135481). o btrfs: rip the first_ticket_bytes logic from fail_all_tickets (bsc# 1135481). o btrfs: simplify the logic in need_preemptive_flushing (bsc#1135481). o btrfs: tracepoints: convert flush states to using EM macros (bsc#1135481). o btrfs: tracepoints: fix btrfs_trigger_flush symbolic string for flags (bsc# 1135481). o can: ti_hecc: Fix memleak in ti_hecc_probe (git-fixes). o can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). o ceph: clean up and optimize ceph_check_delayed_caps() (bsc#1187468). o ceph: reduce contention in ceph_check_delayed_caps() (bsc#1187468). o ceph: take snap_empty_lock atomically with snaprealm refcount change (bsc# 1189427). o cfg80211: Fix possible memory leak in function cfg80211_bss_update (git-fixes). o cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). o cifs: avoid starvation when refreshing dfs cache (bsc#1185902). o cifs: constify get_normalized_path() properly (bsc#1185902). o cifs: do not cargo-cult strndup() (bsc#1185902). o cifs: do not send tree disconnect to ipc shares (bsc#1185902). o cifs: do not share tcp servers with dfs mounts (bsc#1185902). o cifs: do not share tcp sessions of dfs connections (bsc#1185902). o cifs: fix check of dfs interlinks (bsc#1185902). o cifs: fix path comparison and hash calc (bsc#1185902). o cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). o cifs: handle different charsets in dfs cache (bsc#1185902). o cifs: keep referral server sessions alive (bsc#1185902). o cifs: missing null pointer check in cifs_mount (bsc#1185902). o cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). o cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). o clk: fix leak on devm_clk_bulk_get_all() unwind (git-fixes). o clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). o cpuidle: Allow idle states to be disabled by default (bsc#1175543) o cpuidle: Consolidate disabled state checks (bsc#1175543) o cpuidle: Drop disabled field from struct cpuidle_state (bsc#1175543) o cpuidle: Fix cpuidle_driver_state_disabled() (bsc#1175543) o cpuidle: Introduce cpuidle_driver_state_disabled() for driver quirks (bsc# 1175543) o crypto: ccp - Annotate SEV Firmware file names (bsc#1189212). o crypto: qat - use proper type for vf_mask (git-fixes). o crypto: x86/curve25519 - fix cpu feature checking logic in mod_exit (git-fixes). o device-dax: Fix default return code of range_parse() (git-fixes). o dm integrity: fix missing goto in bitmap_flush_interval error handling (git-fixes). o dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git-fixes). o dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). o dmaengine: idxd: fix setup sequence for MSIXPERM table (git-fixes). o dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes). o dmaengine: imx-dma: configure the generic DMA type to make it work (git-fixes). o dmaengine: imx-sdma: remove duplicated sdma_load_context (git-fixes). o dmaengine: of-dma: router_xlate to return -EPROBE_DEFER if controller is not yet available (git-fixes). o dmaengine: usb-dmac: Fix PM reference leak in usb_dmac_probe() (git-fixes). o dmaengine: xilinx_dma: Fix read-after-free bug when terminating transfers (git-fixes). o drivers/block/null_blk/main: Fix a double free in null_init (git-fixes). o drm/amd/display: Fix Dynamic bpp issue with 8K30 with Navi 1X (git-fixes). o drm/amd/display: Fix comparison error in dcn21 DML (git-fixes). o drm/amd/display: Fix max vstartup calculation for modes with borders (git-fixes). o drm/amd/display: Remove invalid assert for ODM + MPC case (git-fixes). o drm/amd/display: use GFP_ATOMIC in amdgpu_dm_irq_schedule_work (git-fixes). o drm/amd/display: workaround for hard hang on HPD on native DP (git-fixes). o drm/amdgpu/acp: Make PM domain really work (git-fixes). o drm/amdgpu/display: fix DMUB firmware version info (git-fixes). o drm/amdgpu/display: only enable aux backlight control for OLED panels (git-fixes). o drm/amdgpu: do not enable baco on boco platforms in runpm (git-fixes). o drm/amdgpu: fix the doorbell missing when in CGPG issue for renoir (git-fixes). o drm/dp_mst: Fix return code on sideband message failure (git-fixes). o drm/i915/dg1: gmbus pin mapping (bsc#1188700). o drm/i915/dg1: provide port/phy mapping for vbt (bsc#1188700). o drm/i915/gen9_bc: Add W/A for missing STRAP config on TGP PCH + CML combos (bsc#1188700). o drm/i915/gen9_bc: Introduce HPD pin mappings for TGP PCH + CML combos (bsc# 1188700). o drm/i915/gen9_bc: Introduce TGP PCH DDC pin mappings (bsc#1188700). o drm/i915/gen9_bc: Recognize TGP PCH + CML combos (bsc#1188700). o drm/i915/rkl: new rkl ddc map for different PCH (bsc#1188700). o drm/i915: Add VBT AUX CH H and I (bsc#1188700). o drm/i915: Add VBT DVO ports H and I (bsc#1188700). o drm/i915: Add more AUX CHs to the enum (bsc#1188700). o drm/i915: Configure GEN11_{TBT,TC}_HOTPLUG_CTL for ports TC5/6 (bsc# 1188700). o drm/i915: Correct SFC_DONE register offset (git-fixes). o drm/i915: Introduce HPD_PORT_TC (bsc#1188700). o drm/i915: Move hpd_pin setup to encoder init (bsc#1188700). o drm/i915: Nuke the redundant TC/TBT HPD bit defines (bsc#1188700). o drm/i915: Only access SFC_DONE when media domain is not fused off (git-fixes). o drm/meson: fix colour distortion from HDR set during vendor u-boot (git-fixes). o drm/msi/mdp4: populate priv->kms in mdp4_kms_init (git-fixes). o drm/msm/dpu: make dpu_hw_ctl_clear_all_blendstages clear necessary LMs (git-fixes). o drm/msm/dsi: Fix some reference counted resource leaks (git-fixes). o drm/msm: Fix error return code in msm_drm_init() (git-fixes). o drm/nouveau/kms/nv50: workaround EFI GOP window channel format differences (git-fixes). o drm/of: free the iterator object on failure (git-fixes). o drm/of: free the right object (git-fixes). o drm/panfrost: Fix missing clk_disable_unprepare() on error in panfrost_clk_init() (git-fixes). o drm/prime: fix comment on PRIME Helpers (git-fixes). o ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). o ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). o ext4: fix avefreec in find_group_orlov (bsc#1189566). o ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). o ext4: fix potential htree corruption when growing large_dir directories (bsc#1189576). o ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). o ext4: return error code when ext4_fill_flex_info() fails (bsc#1189563). o ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). o fanotify: fix copy_event_to_user() fid error clean up (bsc#1189574). o firmware_loader: fix use-after-free in firmware_fallback_sysfs (git-fixes). o firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback (git-fixes). o fixup "rpm: support gz and zst compression methods" (bsc#1190358, bsc# 1190428). o fpga: altera-freeze-bridge: Address warning about unused variable (git-fixes). o fpga: dfl: fme: Fix cpu hotplug issue in performance reporting (git-fixes). o fpga: dfl: fme: Fix cpu hotplug issue in performance reporting (git-fixes). o fpga: xiilnx-spi: Address warning about unused variable (git-fixes). o fpga: zynqmp-fpga: Address warning about unused variable (git-fixes). o gpio: eic-sprd: break loop when getting NULL device resource (git-fixes). o gpio: tqmx86: really make IRQ optional (git-fixes). o i2c: dev: zero out array used for i2c reads from userspace (git-fixes). o i2c: highlander: add IRQ check (git-fixes). o i2c: iop3xx: fix deferred probing (git-fixes). o i2c: mt65xx: fix IRQ check (git-fixes). o i2c: s3c2410: fix IRQ check (git-fixes). o iio: adc: Fix incorrect exit of for-loop (git-fixes). o iio: adc: ti-ads7950: Ensure CS is deasserted after reading channels (git-fixes). o iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). o intel_idle: Add module parameter to prevent ACPI _CST from being used (bsc# 1175543) o intel_idle: Allow ACPI _CST to be used for selected known processors (bsc# 1175543) o intel_idle: Annotate init time data structures (bsc#1175543) o intel_idle: Customize IceLake server support (bsc#1175543) o intel_idle: Disable ACPI _CST on Haswell (bsc#1175543, bsc#1177399, bsc# 1180347, bsc#1180141) o intel_idle: Fix max_cstate for processor models without C-state tables (bsc #1175543) o intel_idle: Ignore _CST if control cannot be taken from the platform (bsc# 1175543) o intel_idle: Refactor intel_idle_cpuidle_driver_init() (bsc#1175543) o intel_idle: Use ACPI _CST for processor models without C-state tables (bsc# 1175543) o iommu/amd: Fix extended features logging (bsc#1189213). o iommu/amd: Move Stoney Ridge check to detect_ivrs() (bsc#1189762). o iommu/arm-smmu-v3: Decrease the queue size of evtq and priq (bsc#1189210). o iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189209). o iommu/dma: Fix IOVA reserve dma ranges (bsc#1189214). o iommu/dma: Fix compile warning in 32-bit builds (bsc#1189229). o iommu/vt-d: Check for allocation failure in aux_detach_device() (bsc# 1189215). o iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189216). o iommu/vt-d: Do not set then clear private data in prq_event_thread() (bsc# 1189217). o iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189218). o iommu/vt-d: Force to flush iotlb before creating superpage (bsc#1189219). o iommu/vt-d: Global devTLB flush when present context entry changed (bsc# 1189220). o iommu/vt-d: Invalidate PASID cache when root/context entry changed (bsc# 1189221). o iommu/vt-d: Reject unsupported page request modes (bsc#1189222). o ionic: add handling of larger descriptors (jsc#SLE-16649). o ionic: add new queue features to interface (jsc#SLE-16649). o ionic: aggregate Tx byte counting calls (jsc#SLE-16649). o ionic: block actions during fw reset (jsc#SLE-16649). o ionic: change mtu after queues are stopped (jsc#SLE-16649). o ionic: check for link after netdev registration (jsc#SLE-16649). o ionic: code cleanup details (jsc#SLE-16649). o ionic: fix sizeof usage (jsc#SLE-16649). o ionic: fix unchecked reference (jsc#SLE-16649). o ionic: fix up dim accounting for tx and rx (jsc#SLE-16649). o ionic: generic tx skb mapping (jsc#SLE-16649). o ionic: implement Rx page reuse (jsc#SLE-16649). o ionic: make all rx_mode work threadsafe (jsc#SLE-16649). o ionic: move rx_page_alloc and free (jsc#SLE-16649). o ionic: optimize fastpath struct usage (jsc#SLE-16649). o ionic: protect adminq from early destroy (jsc#SLE-16649). o ionic: rebuild debugfs on qcq swap (jsc#SLE-16649). o ionic: remove intr coalesce update from napi (jsc#SLE-16649). o ionic: remove some unnecessary oom messages (jsc#SLE-16649). o ionic: simplify TSO descriptor mapping (jsc#SLE-16649). o ionic: simplify rx skb alloc (jsc#SLE-16649). o ionic: simplify the intr_index use in txq_init (jsc#SLE-16649). o ionic: simplify tx clean (jsc#SLE-16649). o ionic: simplify use of completion types (jsc#SLE-16649). o ionic: start queues before announcing link up (jsc#SLE-16649). o ionic: stop watchdog when in broken state (jsc#SLE-16649). o ionic: useful names for booleans (jsc#SLE-16649). o iwlwifi: pnvm: accept multiple HW-type TLVs (git-fixes). o iwlwifi: rs-fw: do not support stbc for HE 160 (git-fixes). o iwlwifi: skip first element in the WTAS ACPI table (git-fixes). o kABI fix of usb_dcd_config_params (git-fixes). o kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). o kabi fix for NFSv4.1: Do not rebind to the same source port when reconnecting to the server (bnc#1186264 bnc#1189021) o kabi fix for SUNRPC: defer slow parts of rpc_free_client() to a workqueue (bsc#1168202 bsc#1188924). o kernel, fs: Introduce and use set_restart_fn() and arch_set_restart_data() (bsc#1189153). o kernel-cert-subpackage: Fix certificate location in scriptlets (bsc# 1189841). o leds: trigger: audio: Add an activate callback to ensure the initial brightness is set (git-fixes). o lib/mpi: use kcalloc in mpi_resize (git-fixes). o lib: Add zstd support to decompress (bsc#1187483, jsc#SLE-18766). o libata: fix ata_pio_sector for CONFIG_HIGHMEM (git-fixes). o mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). o md/raid10: properly indicate failure when ending a failed write request (git-fixes). o md: revert io stats accounting (git-fixes). o media: TDA1997x: enable EDID support (git-fixes). o media: cxd2880-spi: Fix an error handling path (git-fixes). o media: drivers/media/usb: fix memory leak in zr364xx_probe (git-fixes). o media: dvb-usb: Fix error handling in dvb_usb_i2c_init (git-fixes). o media: dvb-usb: fix uninit-value in dvb_usb_adapter_dvb_init (git-fixes). o media: dvb-usb: fix uninit-value in vp702x_read_mac_addr (git-fixes). o media: em28xx-input: fix refcount bug in em28xx_usb_disconnect (git-fixes). o media: go7007: fix memory leak in go7007_usb_probe (git-fixes). o media: go7007: remove redundant initialization (git-fixes). o media: rtl28xxu: fix zero-length control request (git-fixes). o media: stkwebcam: fix memory leak in stk_camera_probe (git-fixes). o media: venus: venc: Fix potential null pointer dereference on pointer fmt (git-fixes). o media: videobuf2-core: dequeue if start_streaming fails (git-fixes). o media: zr364xx: fix memory leaks in probe() (git-fixes). o media: zr364xx: propagate errors from zr364xx_start_readpipe() (git-fixes). o misc: atmel-ssc: lock with mutex instead of spinlock (git-fixes). o misc: rtsx: do not setting OC_POWER_DOWN reg in rtsx_pci_init_ocp() (git-fixes). o mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc# 1189569). o mm/vmscan: fix infinite loop in drop_slab_node (VM Functionality, bsc# 1189301). o mm: fix memory_failure() handling of dax-namespace metadata (bsc#1189872). o mm: swap: properly update readahead statistics in unuse_pte_range() (bsc# 1187619). o mmc: dw_mmc: Fix hang on data CRC error (git-fixes). o mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). o mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (git-fixes). o mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711 (git-fixes). o mtd: cfi_cmdset_0002: fix crash when erasing/writing AMD cards (git-fixes). o nbd: Aovid double completion of a request (git-fixes). o nbd: Fix NULL pointer in flush_workqueue (git-fixes). o net/mlx5: Add ts_cqe_to_dest_cqn related bits (bsc#1188412) o net/mlx5: Properly convey driver version to firmware (git-fixes). o net/mlx5e: Add missing capability check for uplink follow (bsc#1188412) o net: dsa: mv88e6xxx: Avoid VTU corruption on 6097 (git-fixes). o net: dsa: mv88e6xxx: also read STU state in mv88e6250_g1_vtu_getnext (git-fixes). o net: stmmac: free tx skb buffer in stmmac_resume() (git-fixes). o net: usb: lan78xx: do not modify phy_device state concurrently (bsc# 1188270) o nfs: fix acl memory leak of posix_acl_create() (git-fixes). o nvme-multipath: revalidate paths during rescan (bsc#1187211) o nvme-pci: Use u32 for nvme_dev.q_depth and nvme_queue.q_depth (bsc# 1181972). o nvme-pci: fix NULL req in completion handler (bsc#1181972). o nvme-pci: limit maximum queue depth to 4095 (bsc#1181972). o nvme-pci: use unsigned for io queue depth (bsc#1181972). o nvme-tcp: Do not reset transport on data digest errors (bsc#1188418). o nvme-tcp: do not check blk_mq_tag_to_rq when receiving pdu data (bsc# 1181972). o nvme: avoid possible double fetch in handling CQE (bsc#1181972). o nvme: code command_id with a genctr for use-after-free validation (bsc# 1181972). o nvme: only call synchronize_srcu when clearing current path (bsc#1188067). o nvmet: use NVMET_MAX_NAMESPACES to set nn value (bsc#1189384). o ocfs2: fix snprintf() checking (bsc#1189581). o ocfs2: fix zero out valid data (bsc#1189579). o ocfs2: initialize ip_next_orphan (bsc#1186731). o ocfs2: issue zeroout to EOF blocks (bsc#1189582). o ovl: allow upperdir inside lowerdir (bsc#1189323). o ovl: expand warning in ovl_d_real() (bsc#1189323). o ovl: fix missing revert_creds() on error path (bsc#1189323). o ovl: perform vfs_getxattr() with mounter creds (bsc#1189323). o ovl: skip getxattr of security labels (bsc#1189323). o params: lift param_set_uint_minmax to common code (bsc#1181972). o pcmcia: i82092: fix a null pointer dereference bug (git-fixes). o perf/x86/amd: Do not touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest (bsc#1189225). o pinctrl: tigerlake: Fix GPIO mapping for newer version of software (git-fixes). o platform/x86: pcengines-apuv2: Add missing terminating entries to gpio-lookup tables (git-fixes). o post.sh: detect /usr mountpoint too o power: supply: max17042: handle fails of reading status register (git-fixes). o powerpc/cacheinfo: Improve diagnostics about malformed cache lists (jsc# SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc/cacheinfo: Lookup cache by dt node and thread-group id (jsc# SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc/cacheinfo: Remove the redundant get_shared_cpu_map() (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc/cacheinfo: Use name@unit instead of full DT path in debug messages (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc/papr_scm: Make 'perf_stats' invisible if perf-stats unavailable (bsc#1175052 jsc#SLE-13823 bsc#1174969 jsc#SLE-12769 git-fixes). o powerpc/papr_scm: Reduce error severity if nvdimm stats inaccessible (bsc# 1189197 ltc#193906). o powerpc/pseries: Fix regression while building external modules (bsc# 1160010 ltc#183046 git-fixes). This changes a GPL symbol to general symbol which is kABI change but not kABI break. o powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes). o powerpc/smp: Make some symbols static (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings (jsc#SLE-13615 bsc#1180100 ltc#190257 git-fixes). o powerpc: Fix is_kvm_guest() / kvm_para_available() (bsc#1181148 ltc#190702 git-fixes). o regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). o regulator: vctrl: Avoid lockdep warning in enable/disable ops (git-fixes). o regulator: vctrl: Use locked regulator_get_voltage in probe path (git-fixes). o rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. o rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305) o rpm/kernel-source.rpmlintrc: ignore new include/config files In 5.13, since 0e0345b77ac4, config files have no longer .h suffix. Adapt the zero-length check. Based on Martin Liska's change. o rq-qos: fix missed wake-ups in rq_qos_throttle try two (bsc#1189575). o rsi: fix an error code in rsi_probe() (git-fixes). o rsi: fix error code in rsi_load_9116_firmware() (git-fixes). o s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC# 193817). o s390/boot: fix use of expolines in the DMA code (bsc#1188878 ltc#193771). o scsi: blkcg: Add app identifier support for blkcg (bsc#1189385 jsc# SLE-18970). o scsi: blkcg: Fix application ID config options (bsc#1189385 jsc#SLE-18970). o scsi: cgroup: Add cgroup_get_from_id() (bsc#1189385 jsc#SLE-18970). o scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). o scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). o scsi: libfc: Fix array index out of bound exception (bsc#1188616). o scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). o scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc# 1189385). o scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). o scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc #1189385). o scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). o scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). o scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). o scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). o scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). o scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc# 1189385). o scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc# 1189385). o scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). o scsi: lpfc: Fix build error in lpfc_scsi.c (bsc#1189385). o scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). o scsi: lpfc: Fix function description comments for vmid routines (bsc# 1189385). o scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). o scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc# 1189385). o scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc# 1189385). o scsi: lpfc: Improve firmware download logging (bsc#1189385). o scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). o scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). o scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc# 1189385). o scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). o scsi: lpfc: Remove redundant assignment to pointer temp_hdr (bsc#1189385). o scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). o scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc# 1189385). o scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). o scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc #1189385). o scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). o scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). o scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc# 1189385). o scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc #1189385). o scsi: lpfc: vmid: Add QFPA and VMID timeout check in worker thread (bsc# 1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Add datastructure for supporting VMID in lpfc (bsc# 1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Add support for VMID in mailbox command (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Append the VMID to the wqe before sending (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Functions to manage VMIDs (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Implement CT commands for appid (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Implement ELS commands for appid (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: Introduce VMID in I/O path (bsc#1189385 jsc#SLE-18970). o scsi: lpfc: vmid: Timeout implementation for VMID (bsc#1189385 jsc# SLE-18970). o scsi: lpfc: vmid: VMID parameter initialization (bsc#1189385 jsc# SLE-18970). o scsi: mpt3sas: Fix ReplyPostFree pool allocation (bsc#1181006). o scsi: qla2xxx: Add heartbeat check (bsc#1189392). o scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc# 1189392). o scsi: qla2xxx: Fix spelling mistakes "allloc" -> "alloc" (bsc#1189392). o scsi: qla2xxx: Fix use after free in debug code (bsc#1189392). o scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc# 1189392). o scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). o scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). o scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc# 1189392). o scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc# 1189392). o scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). o scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189392). o scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). o scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc# 1189392). o scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189392). o scsi: qla2xxx: edif: Add detection of secure device (bsc#1189392). o scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189392). o scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189392). o scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc# 1189392). o scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189392). o scsi: qla2xxx: edif: Add key update (bsc#1189392). o scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc# 1189392). o scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). o scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189392). o scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state (bsc# 1184180). o scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). o scsi: zfcp: Report port fc_security as unknown early during remote cable pull (git-fixes). o serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). o serial: 8250_mtk: fix uart corruption issue when rx power off (git-fixes). o serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts (git-fixes). o serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver (git-fixes). o serial: tegra: Only print FIFO error message when an error occurs (git-fixes). o slimbus: messaging: check for valid transaction id (git-fixes). o slimbus: messaging: start transaction ids from 1 instead of zero (git-fixes). o slimbus: ngd: reset dma setup during runtime pm (git-fixes). o soc: aspeed: lpc-ctrl: Fix boundary check for mmap (git-fixes). o soc: aspeed: p2a-ctrl: Fix boundary check for mmap (git-fixes). o soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes). o soc: ixp4xx/qmgr: fix invalid __iomem access (git-fixes). o soc: ixp4xx: fix printing resources (git-fixes). o soc: ixp4xx: fix printing resources (git-fixes). o soc: qcom: rpmhpd: Use corner in power_off (git-fixes). o soc: qcom: smsm: Fix missed interrupts if state changes while masked (git-fixes). o spi: imx: mx51-ecspi: Fix CONFIGREG delay comment (git-fixes). o spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation (git-fixes). o spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay (git-fixes). o spi: mediatek: Fix fifo transfer (git-fixes). o spi: meson-spicc: fix memory leak in meson_spicc_remove (git-fixes). o spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). o spi: sprd: Fix the wrong WDG_LOAD_VAL (git-fixes). o spi: stm32h7: fix full duplex irq handler handling (git-fixes). o staging: rtl8192u: Fix bitwise vs logical operator in TranslateRxSignalStuff819xUsb() (git-fixes). o staging: rtl8712: get rid of flush_scheduled_work (git-fixes). o staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). o staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). o tracing / histogram: Fix NULL pointer dereference on strcmp() on NULL event name (git-fixes). o tracing / histogram: Give calculation hist_fields a size (git-fixes). o tracing: Reject string operand in the histogram expression (git-fixes). o tty: serial: fsl_lpuart: fix the wrong mapbase value (git-fixes). o ubifs: Fix error return code in alloc_wbufs() (bsc#1189585). o ubifs: Fix memleak in ubifs_init_authentication (bsc#1189583). o ubifs: Only check replay with inode type to judge if inode linked (bsc# 1187455). o ubifs: Set/Clear I_LINKABLE under i_lock for whiteout inode (bsc#1189587). o ubifs: journal: Fix error return code in ubifs_jnl_write_inode() (bsc# 1189586). o usb: bdc: Fix an error handling path in 'bdc_probe()' when no suitable DMA config is available (git-fixes). o usb: dwc3: Disable phy suspend after power-on reset (git-fixes). o usb: dwc3: Separate field holding multiple properties (git-fixes). o usb: dwc3: Stop active transfers before halting the controller (git-fixes). o usb: dwc3: Use clk_bulk_prepare_enable() (git-fixes). o usb: dwc3: Use devres to get clocks (git-fixes). o usb: dwc3: core: do not do suspend for device mode if already suspended (git-fixes). o usb: dwc3: debug: Remove newline printout (git-fixes). o usb: dwc3: gadget: Check MPS of the request length (git-fixes). o usb: dwc3: gadget: Clear DCTL.ULSTCHNGREQ before set (git-fixes). o usb: dwc3: gadget: Clear DEP flags after stop transfers in ep disable (git-fixes). o usb: dwc3: gadget: Disable gadget IRQ during pullup disable (git-fixes). o usb: dwc3: gadget: Do not send unintended link state change (git-fixes). o usb: dwc3: gadget: Do not setup more than requested (git-fixes). o usb: dwc3: gadget: Fix dwc3_calc_trbs_left() (git-fixes). o usb: dwc3: gadget: Fix handling ZLP (git-fixes). o usb: dwc3: gadget: Give back staled requests (git-fixes). o usb: dwc3: gadget: Handle ZLP for sg requests (git-fixes). o usb: dwc3: gadget: Prevent EP queuing while stopping transfers (git-fixes). o usb: dwc3: gadget: Properly track pending and queued SG (git-fixes). o usb: dwc3: gadget: Restart DWC3 gadget when enabling pullup (git-fixes). o usb: dwc3: gadget: Set BESL config parameter (git-fixes). o usb: dwc3: gadget: Set link state to RX_Detect on disconnect (git-fixes). o usb: dwc3: gadget: Stop EP0 transfers during pullup disable (git-fixes). o usb: dwc3: gadget: Workaround Mirosoft's BESL check (git-fixes). o usb: dwc3: meson-g12a: add IRQ check (git-fixes). o usb: dwc3: meson-g12a: check return of dwc3_meson_g12a_usb_init (git-fixes). o usb: dwc3: of-simple: add a shutdown (git-fixes). o usb: dwc3: st: Add of_dev_put() in probe function (git-fixes). o usb: dwc3: st: Add of_node_put() before return in probe function (git-fixes). o usb: dwc3: support continuous runtime PM with dual role (git-fixes). o usb: ehci-orion: Handle errors of clk_prepare_enable() in probe (git-fixes). o usb: gadget: Export recommended BESL values (git-fixes). o usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers (git-fixes). o usb: gadget: f_hid: fixed NULL pointer dereference (git-fixes). o usb: gadget: f_hid: idle uses the highest byte for duration (git-fixes). o usb: gadget: mv_u3d: request_irq() after initializing UDC (git-fixes). o usb: gadget: udc: at91: add IRQ check (git-fixes). o usb: gadget: udc: renesas_usb3: Fix soc_device_match() abuse (git-fixes). o usb: host: ohci-tmio: add IRQ check (git-fixes). o usb: host: xhci-rcar: Do not reload firmware after the completion (git-fixes). o usb: mtu3: fix the wrong HS mult value (git-fixes). o usb: mtu3: use @mult for HS isoc or intr (git-fixes). o usb: phy: fsl-usb: add IRQ check (git-fixes). o usb: phy: tahvo: add IRQ check (git-fixes). o usb: phy: twl6030: add IRQ checks (git-fixes). o usr: Add support for zstd compressed initramfs (bsc#1187483, jsc# SLE-18766). o virt_wifi: fix error on connect (git-fixes). o wireguard: allowedips: allocate nodes in kmem_cache (git-fixes). o wireguard: allowedips: free empty intermediate nodes when removing single node (git-fixes). o wireguard: allowedips: remove nodes in O(1) (git-fixes). o writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). o x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1152489). o x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1152489). o x86/fpu: Reset state for all signal restore failures (bsc#1152489). o x86/kvm: fix vcpu-id indexed array sizes (git-fixes). o x86/sev: Make sure IRQs are disabled while GHCB is active (jsc#SLE-14337). o x86/sev: Split up runtime #VC handler for correct state tracking (jsc# SLE-14337). o x86/sev: Use "SEV: " prefix for messages from sev.c (jsc#SLE-14337). o x86/signal: Detect and prevent an alternate signal stack overflow (bsc# 1152489). o x86/split_lock: Provide handle_guest_split_lock() (bsc#1187959). o xen/events: Fix race in set_evtchn_to_irq (git-fixes). o xprtrdma: Pad optimization, revisited (bsc#1189760). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Workstation Extension 15-SP3: zypper in -t patch SUSE-SLE-Product-WE-15-SP3-2021-3205=1 o SUSE Linux Enterprise Module for Live Patching 15-SP3: zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2021-3205=1 o SUSE Linux Enterprise Module for Legacy Software 15-SP3: zypper in -t patch SUSE-SLE-Module-Legacy-15-SP3-2021-3205=1 o SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2021-3205=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2021-3205=1 o SUSE Linux Enterprise High Availability 15-SP3: zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2021-3205=1 Package List: o SUSE Linux Enterprise Workstation Extension 15-SP3 (x86_64): kernel-default-debuginfo-5.3.18-59.24.1 kernel-default-debugsource-5.3.18-59.24.1 kernel-default-extra-5.3.18-59.24.1 kernel-default-extra-debuginfo-5.3.18-59.24.1 kernel-preempt-debuginfo-5.3.18-59.24.1 kernel-preempt-debugsource-5.3.18-59.24.1 kernel-preempt-extra-5.3.18-59.24.1 kernel-preempt-extra-debuginfo-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Live Patching 15-SP3 (ppc64le s390x x86_64): kernel-default-debuginfo-5.3.18-59.24.1 kernel-default-debugsource-5.3.18-59.24.1 kernel-default-livepatch-5.3.18-59.24.1 kernel-default-livepatch-devel-5.3.18-59.24.1 kernel-livepatch-5_3_18-59_24-default-1-7.5.1 kernel-livepatch-5_3_18-59_24-default-debuginfo-1-7.5.1 kernel-livepatch-SLE15-SP3_Update_6-debugsource-1-7.5.1 o SUSE Linux Enterprise Module for Legacy Software 15-SP3 (aarch64 ppc64le s390x x86_64): kernel-default-debuginfo-5.3.18-59.24.1 kernel-default-debugsource-5.3.18-59.24.1 reiserfs-kmp-default-5.3.18-59.24.1 reiserfs-kmp-default-debuginfo-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): kernel-obs-build-5.3.18-59.24.1 kernel-obs-build-debugsource-5.3.18-59.24.1 kernel-syms-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 x86_64): kernel-preempt-debuginfo-5.3.18-59.24.1 kernel-preempt-debugsource-5.3.18-59.24.1 kernel-preempt-devel-5.3.18-59.24.1 kernel-preempt-devel-debuginfo-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch): kernel-docs-5.3.18-59.24.1 kernel-source-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): kernel-default-5.3.18-59.24.1 kernel-default-base-5.3.18-59.24.1.18.12.1 kernel-default-debuginfo-5.3.18-59.24.1 kernel-default-debugsource-5.3.18-59.24.1 kernel-default-devel-5.3.18-59.24.1 kernel-default-devel-debuginfo-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 x86_64): kernel-preempt-5.3.18-59.24.1 kernel-preempt-debuginfo-5.3.18-59.24.1 kernel-preempt-debugsource-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64): kernel-64kb-5.3.18-59.24.1 kernel-64kb-debuginfo-5.3.18-59.24.1 kernel-64kb-debugsource-5.3.18-59.24.1 kernel-64kb-devel-5.3.18-59.24.1 kernel-64kb-devel-debuginfo-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): kernel-devel-5.3.18-59.24.1 kernel-macros-5.3.18-59.24.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (s390x): kernel-zfcpdump-5.3.18-59.24.1 kernel-zfcpdump-debuginfo-5.3.18-59.24.1 kernel-zfcpdump-debugsource-5.3.18-59.24.1 o SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64): cluster-md-kmp-default-5.3.18-59.24.1 cluster-md-kmp-default-debuginfo-5.3.18-59.24.1 dlm-kmp-default-5.3.18-59.24.1 dlm-kmp-default-debuginfo-5.3.18-59.24.1 gfs2-kmp-default-5.3.18-59.24.1 gfs2-kmp-default-debuginfo-5.3.18-59.24.1 kernel-default-debuginfo-5.3.18-59.24.1 kernel-default-debugsource-5.3.18-59.24.1 ocfs2-kmp-default-5.3.18-59.24.1 ocfs2-kmp-default-debuginfo-5.3.18-59.24.1 References: o https://www.suse.com/security/cve/CVE-2020-12770.html o https://www.suse.com/security/cve/CVE-2021-34556.html o https://www.suse.com/security/cve/CVE-2021-35477.html o https://www.suse.com/security/cve/CVE-2021-3640.html o https://www.suse.com/security/cve/CVE-2021-3653.html o https://www.suse.com/security/cve/CVE-2021-3656.html o https://www.suse.com/security/cve/CVE-2021-3679.html o https://www.suse.com/security/cve/CVE-2021-3732.html o https://www.suse.com/security/cve/CVE-2021-3739.html o https://www.suse.com/security/cve/CVE-2021-3743.html o https://www.suse.com/security/cve/CVE-2021-3753.html o https://www.suse.com/security/cve/CVE-2021-3759.html o https://www.suse.com/security/cve/CVE-2021-38160.html o https://www.suse.com/security/cve/CVE-2021-38166.html o https://www.suse.com/security/cve/CVE-2021-38198.html o https://www.suse.com/security/cve/CVE-2021-38204.html o https://www.suse.com/security/cve/CVE-2021-38205.html o https://www.suse.com/security/cve/CVE-2021-38206.html o https://www.suse.com/security/cve/CVE-2021-38207.html o https://www.suse.com/security/cve/CVE-2021-38209.html o https://bugzilla.suse.com/1040364 o https://bugzilla.suse.com/1127650 o https://bugzilla.suse.com/1135481 o https://bugzilla.suse.com/1152489 o https://bugzilla.suse.com/1160010 o https://bugzilla.suse.com/1168202 o https://bugzilla.suse.com/1171420 o https://bugzilla.suse.com/1174969 o https://bugzilla.suse.com/1175052 o https://bugzilla.suse.com/1175543 o https://bugzilla.suse.com/1177399 o https://bugzilla.suse.com/1180100 o https://bugzilla.suse.com/1180141 o https://bugzilla.suse.com/1180347 o https://bugzilla.suse.com/1181006 o https://bugzilla.suse.com/1181148 o https://bugzilla.suse.com/1181972 o https://bugzilla.suse.com/1184180 o https://bugzilla.suse.com/1185902 o https://bugzilla.suse.com/1186264 o https://bugzilla.suse.com/1186731 o https://bugzilla.suse.com/1187211 o https://bugzilla.suse.com/1187455 o https://bugzilla.suse.com/1187468 o https://bugzilla.suse.com/1187483 o https://bugzilla.suse.com/1187619 o https://bugzilla.suse.com/1187959 o https://bugzilla.suse.com/1188067 o https://bugzilla.suse.com/1188172 o https://bugzilla.suse.com/1188231 o https://bugzilla.suse.com/1188270 o https://bugzilla.suse.com/1188412 o https://bugzilla.suse.com/1188418 o https://bugzilla.suse.com/1188616 o https://bugzilla.suse.com/1188700 o https://bugzilla.suse.com/1188780 o https://bugzilla.suse.com/1188781 o https://bugzilla.suse.com/1188782 o https://bugzilla.suse.com/1188783 o https://bugzilla.suse.com/1188784 o https://bugzilla.suse.com/1188786 o https://bugzilla.suse.com/1188787 o https://bugzilla.suse.com/1188788 o https://bugzilla.suse.com/1188790 o https://bugzilla.suse.com/1188878 o https://bugzilla.suse.com/1188885 o https://bugzilla.suse.com/1188924 o https://bugzilla.suse.com/1188982 o https://bugzilla.suse.com/1188983 o https://bugzilla.suse.com/1188985 o https://bugzilla.suse.com/1189021 o https://bugzilla.suse.com/1189057 o https://bugzilla.suse.com/1189077 o https://bugzilla.suse.com/1189153 o https://bugzilla.suse.com/1189197 o https://bugzilla.suse.com/1189209 o https://bugzilla.suse.com/1189210 o https://bugzilla.suse.com/1189212 o https://bugzilla.suse.com/1189213 o https://bugzilla.suse.com/1189214 o https://bugzilla.suse.com/1189215 o https://bugzilla.suse.com/1189216 o https://bugzilla.suse.com/1189217 o https://bugzilla.suse.com/1189218 o https://bugzilla.suse.com/1189219 o https://bugzilla.suse.com/1189220 o https://bugzilla.suse.com/1189221 o https://bugzilla.suse.com/1189222 o https://bugzilla.suse.com/1189225 o https://bugzilla.suse.com/1189229 o https://bugzilla.suse.com/1189233 o https://bugzilla.suse.com/1189262 o https://bugzilla.suse.com/1189291 o https://bugzilla.suse.com/1189292 o https://bugzilla.suse.com/1189296 o https://bugzilla.suse.com/1189298 o https://bugzilla.suse.com/1189301 o https://bugzilla.suse.com/1189305 o https://bugzilla.suse.com/1189323 o https://bugzilla.suse.com/1189384 o https://bugzilla.suse.com/1189385 o https://bugzilla.suse.com/1189392 o https://bugzilla.suse.com/1189393 o https://bugzilla.suse.com/1189399 o https://bugzilla.suse.com/1189400 o https://bugzilla.suse.com/1189427 o https://bugzilla.suse.com/1189503 o https://bugzilla.suse.com/1189504 o https://bugzilla.suse.com/1189505 o https://bugzilla.suse.com/1189506 o https://bugzilla.suse.com/1189507 o https://bugzilla.suse.com/1189562 o https://bugzilla.suse.com/1189563 o https://bugzilla.suse.com/1189564 o https://bugzilla.suse.com/1189565 o https://bugzilla.suse.com/1189566 o https://bugzilla.suse.com/1189567 o https://bugzilla.suse.com/1189568 o https://bugzilla.suse.com/1189569 o https://bugzilla.suse.com/1189573 o https://bugzilla.suse.com/1189574 o https://bugzilla.suse.com/1189575 o https://bugzilla.suse.com/1189576 o https://bugzilla.suse.com/1189577 o https://bugzilla.suse.com/1189579 o https://bugzilla.suse.com/1189581 o https://bugzilla.suse.com/1189582 o https://bugzilla.suse.com/1189583 o https://bugzilla.suse.com/1189585 o https://bugzilla.suse.com/1189586 o https://bugzilla.suse.com/1189587 o https://bugzilla.suse.com/1189706 o https://bugzilla.suse.com/1189760 o https://bugzilla.suse.com/1189762 o https://bugzilla.suse.com/1189832 o https://bugzilla.suse.com/1189841 o https://bugzilla.suse.com/1189870 o https://bugzilla.suse.com/1189872 o https://bugzilla.suse.com/1189883 o https://bugzilla.suse.com/1190022 o https://bugzilla.suse.com/1190025 o https://bugzilla.suse.com/1190115 o https://bugzilla.suse.com/1190117 o https://bugzilla.suse.com/1190412 o https://bugzilla.suse.com/1190413 o https://bugzilla.suse.com/1190428 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEZB+NLKJtyKPYoAQhAIg/+MhsEdknTdbXGb6sSsqCe2jgrvun6lE42 BsHQKD31d9PUjjQcPKWY9wpDfJe5wGnF9jsx0BhH1sp64XgUGbJz9uGFOzKymvQ2 zc5Mw1yeAq9H+03bmFAYYEeLE9P3KCBPm+mlVfeqzjokXv18jwx4mwDqj40LPQgT wq9Hk1n6+lOVoTCTA+VVuv9rBK3dF7kuV44nnvtv96LLuHUunYPXq8B5PuRl/3kS +bXk8q9Und87tY8LZRfVdJUG9Or7WmM7+zMWD1eRgks3G+ZoJHExW79K93mNBF6J IuXZc7IeMMS/QxMjdeUtyUREjSl28KOx8CL7Symr/xlyu+tCk8envxsdGk/1B8D6 S9wvpLWdUM/zoWOIVxWe0CMg8MewQfP9xMu9G0xOcx3QFgAFTNl16W2VphLXkZKe Q+HhYoLyBB+FO6E85IsS3SaGze57rHIPOo7KyOCMNrpkwhVwNFgw6xGvEkDKkkk8 IWl4xeZqoaHRJ1IIAchdJD+AhS3P2MQcpvuaHkkM7KHwVdhCj2J63PJJvxR8z7VX KQS94cD/fBd57ukM/rD7R3hqnQUTc5l8RAN1UAx0vg+akyN02RVmbAbUAkiO7s4N DUE8ph2uMpAD/nVyTOqBkc+0AfNsE59FRbHa+7rTa/VAdHjCGfWJgoVPOWgUDiUb oMV81Hyn4Ug= =0GTx -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3221 - [SUSE] sqlite3: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3221 Security update for sqlite3 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: sqlite3 Publisher: SUSE Operating System: SUSE Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2020-15358 CVE-2020-13632 CVE-2020-13631 CVE-2020-13630 CVE-2020-13435 CVE-2020-13434 CVE-2020-9327 CVE-2019-20218 CVE-2019-19959 CVE-2019-19926 CVE-2019-19925 CVE-2019-19924 CVE-2019-19923 CVE-2019-19880 CVE-2019-19646 CVE-2019-19645 CVE-2019-19603 CVE-2019-19317 CVE-2019-19244 CVE-2019-16168 CVE-2019-8457 CVE-2018-20346 CVE-2018-8740 CVE-2017-10989 CVE-2017-2518 CVE-2016-6153 CVE-2015-3415 CVE-2015-3414 Reference: ESB-2021.2412 ESB-2021.1689 ESB-2021.0692 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213215-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for sqlite3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3215-1 Rating: important References: #1157818 #1158812 #1158958 #1158959 #1158960 #1159491 #1159715 #1159847 #1159850 #1160309 #1160438 #1160439 #1164719 #1172091 #1172115 #1172234 #1172236 #1172240 #1173641 #928700 #928701 Cross-References: CVE-2015-3414 CVE-2015-3415 CVE-2016-6153 CVE-2017-10989 CVE-2017-2518 CVE-2018-20346 CVE-2018-8740 CVE-2019-16168 CVE-2019-19244 CVE-2019-19317 CVE-2019-19603 CVE-2019-19645 CVE-2019-19646 CVE-2019-19880 CVE-2019-19923 CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-19959 CVE-2019-20218 CVE-2019-8457 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-13632 CVE-2020-15358 CVE-2020-9327 Affected Products: SUSE OpenStack Cloud Crowbar 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud 8 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-BCL HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes 28 vulnerabilities, contains one feature is now available. Description: This update for sqlite3 fixes the following issues: sqlite3 is sync version 3.36.0 from Factory (jsc#SLE-16032). The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far: o bsc#1173641, CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization o bsc#1164719, CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator o bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error o bsc#1160438, CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input o bsc#1160309, CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference o bsc#1159850, CVE-2019-19924: improper error handling in sqlite3WindowRewrite() o bsc#1159847, CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive o bsc#1159715, CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c o bsc#1159491, CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference o bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name o bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns o bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements o bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service o bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage o bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability o bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names o CVE-2020-13434 bsc#1172115: integer overflow in sqlite3_str_vappendf o CVE-2020-13630 bsc#1172234: use-after-free in fts3EvalNextRow o CVE-2020-13631 bsc#1172236: virtual table allowed to be renamed to one of its shadow tables o CVE-2020-13632 bsc#1172240: NULL pointer dereference via crafted matchinfo () query o CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-3215=1 o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-3215=1 o SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2021-3215=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2021-3215=1 o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-3215=1 o SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-3215=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-3215=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-3215=1 o SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-3215=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-3215=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-3215=1 o SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-3215=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2021-3215=1 Package List: o SUSE OpenStack Cloud Crowbar 9 (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE OpenStack Cloud Crowbar 8 (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE OpenStack Cloud 9 (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE OpenStack Cloud 8 (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 o HPE Helion Openstack 8 (x86_64): libsqlite3-0-3.36.0-9.18.1 libsqlite3-0-32bit-3.36.0-9.18.1 libsqlite3-0-debuginfo-3.36.0-9.18.1 libsqlite3-0-debuginfo-32bit-3.36.0-9.18.1 sqlite3-3.36.0-9.18.1 sqlite3-debuginfo-3.36.0-9.18.1 sqlite3-debugsource-3.36.0-9.18.1 sqlite3-devel-3.36.0-9.18.1 References: o https://www.suse.com/security/cve/CVE-2015-3414.html o https://www.suse.com/security/cve/CVE-2015-3415.html o https://www.suse.com/security/cve/CVE-2016-6153.html o https://www.suse.com/security/cve/CVE-2017-10989.html o https://www.suse.com/security/cve/CVE-2017-2518.html o https://www.suse.com/security/cve/CVE-2018-20346.html o https://www.suse.com/security/cve/CVE-2018-8740.html o https://www.suse.com/security/cve/CVE-2019-16168.html o https://www.suse.com/security/cve/CVE-2019-19244.html o https://www.suse.com/security/cve/CVE-2019-19317.html o https://www.suse.com/security/cve/CVE-2019-19603.html o https://www.suse.com/security/cve/CVE-2019-19645.html o https://www.suse.com/security/cve/CVE-2019-19646.html o https://www.suse.com/security/cve/CVE-2019-19880.html o https://www.suse.com/security/cve/CVE-2019-19923.html o https://www.suse.com/security/cve/CVE-2019-19924.html o https://www.suse.com/security/cve/CVE-2019-19925.html o https://www.suse.com/security/cve/CVE-2019-19926.html o https://www.suse.com/security/cve/CVE-2019-19959.html o https://www.suse.com/security/cve/CVE-2019-20218.html o https://www.suse.com/security/cve/CVE-2019-8457.html o https://www.suse.com/security/cve/CVE-2020-13434.html o https://www.suse.com/security/cve/CVE-2020-13435.html o https://www.suse.com/security/cve/CVE-2020-13630.html o https://www.suse.com/security/cve/CVE-2020-13631.html o https://www.suse.com/security/cve/CVE-2020-13632.html o https://www.suse.com/security/cve/CVE-2020-15358.html o https://www.suse.com/security/cve/CVE-2020-9327.html o https://bugzilla.suse.com/1157818 o https://bugzilla.suse.com/1158812 o https://bugzilla.suse.com/1158958 o https://bugzilla.suse.com/1158959 o https://bugzilla.suse.com/1158960 o https://bugzilla.suse.com/1159491 o https://bugzilla.suse.com/1159715 o https://bugzilla.suse.com/1159847 o https://bugzilla.suse.com/1159850 o https://bugzilla.suse.com/1160309 o https://bugzilla.suse.com/1160438 o https://bugzilla.suse.com/1160439 o https://bugzilla.suse.com/1164719 o https://bugzilla.suse.com/1172091 o https://bugzilla.suse.com/1172115 o https://bugzilla.suse.com/1172234 o https://bugzilla.suse.com/1172236 o https://bugzilla.suse.com/1172240 o https://bugzilla.suse.com/1173641 o https://bugzilla.suse.com/928700 o https://bugzilla.suse.com/928701 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVERhuNLKJtyKPYoAQipxRAAh4p2ZlwQ6yVEgE/pF8QJr3LhSccZ6fQ/ EUgjDsvGBov/F48CjphiqXqwQH7UOpxMQ1S8gRK5eQF4NmBRuBxQAn/SBQJfNp/F HpggI4DPeuwQBtBBKrTAixAuRvUR96yv5yJDLCH8PdJdzNXzkaUvf0Nagp8wsEqz 1WBOqkXyr9FJgNL3wJmH2iYAH4wXgCgqBwW2pAI+Z1jYhrNKYPpQ7QwFRZlPVqWV MwoSdMqc3Icz094+sPwZ7546Crj+SwHVPOy99HhYlJZ3HdaNvoJpcVQOjm9j+Mw8 OtsJ/0QCMOvDe6bbchxTrnXcvtyF0x57/7q1ODtFq+Y/naaM7EHSyOwnMD9oEwUW 10rZBuYhynewUxP8J4URO4ZbCjtPSd/BGbtT18GQVhsjeuMQ2oS+ufqL4LfrKGHu dVcn2cmWA9qnBqv1zcsREaZfV9NHOCyhSayyxBHNBzzFFSz9DXdk9ZQSFwmQnPu7 5qoTZuQfBb991OD7PcmSyGweRbe5hzH+rWAS4IWvZqIXd2QsEWs0b4SLDzIYJhMC vqMo/BYIhFCICGGTvYySw/ixYJQ68A/xTrxibY6r+z6nGEMoI6a9to7SfciOnK3R q3ahjREOrNDfo7oPyqf0MeMIs1WR6Oedt3WPRpknrE7lnkUAzdYZrEkO52fqNTb1 OLSnp4NQFcs= =H5qi -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3220 - [Win][UNIX/Linux][SUSE] python-reportlab: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3220 Security update for python-reportlab 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: python-reportlab Publisher: SUSE Operating System: SUSE UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Confidential Data -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-28463 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213209-1 Comment: This advisory references vulnerabilities in products which run on platforms other than SUSE. It is recommended that administrators running python-reportlab check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for python-reportlab ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3209-1 Rating: moderate References: #1182503 #1190110 Cross-References: CVE-2020-28463 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for python-reportlab fixes the following issues: o CVE-2020-28463: Fixed Server-side Request Forgery via img tags (bsc# 1182503). o Add missing import in CVE-2020-28463 fix (bsc#1190110). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2021-3209=1 Package List: o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): python-reportlab-2.7-3.8.1 python-reportlab-debuginfo-2.7-3.8.1 python-reportlab-debugsource-2.7-3.8.1 References: o https://www.suse.com/security/cve/CVE-2020-28463.html o https://bugzilla.suse.com/1182503 o https://bugzilla.suse.com/1190110 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVERZuNLKJtyKPYoAQhl0RAAhc4TlY0GPSfyv/WRskIqlf/V9mtdXKq7 6SDnt6RjamLaEon2j9e4HSICKe0l7bqVHgNW5yOnEmu1HWqPP5xaXTv6nFa8xuU0 NUXohlV4HZDJncNrphOK2AULmJpMYC1JXMvgNtsUSRq7wdc2tKz0SVadDr3JtaeZ zr+hg6sGyNyzt7Nyal3drYoX1zTc7ezNAjqh+HNCDM8PvbYWQYGCWA0xzH58W5QP GNGrhD/lgxLGgytILWzHDhXUKRP23n+8d8bRpfewb7nlxy+klyQ1cH+mtacrywVl MNsH89O37hrINQjiV1r8LgYlCq6O14woUmGvYlTNPl2ZlcGnUirUbnP9q3OWyWk7 xJifP0G4sq/+UIiO9pTXnzmjti96Mv3qZGwrlbv5hJDqFaDYsWVo3m5y1S/4jrMh lmBHEtjYQ/44nfcqRioFUMlUc++tXfp7U6J+jZFJM1wUlzDtztOBpC0jqpiA08RT Xw9nrg4Piwu8RPAO6yJ839HrwyhN8jCwVpOm/7hIxFC4DPTzZ1I0AEBl6IxnEKgM 6opPvSFekTIAkmVFE5V3oo8Ay7OlHA0DxOhPo2quft04UV58+Bb857zWhySlFaZ3 7yQQr+Ydyt0o96/4E/G3A2WkRN2gx1Pl7WCKHaBD3/wsmdSImnJOUJOM/bLLFai/ JBEfO6nILdg= =heut -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3219 - [SUSE] nodejs14: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3219 Security update for nodejs14 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nodejs14 Publisher: SUSE Operating System: SUSE Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Cross-site Scripting -- Remote with User Interaction Provide Misleading Information -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-22940 CVE-2021-22939 CVE-2021-22931 CVE-2021-22930 CVE-2021-3672 Reference: ESB-2021.3196 ESB-2021.3190 ESB-2021.2950 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213211-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for nodejs14 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3211-1 Rating: important References: #1188881 #1188917 #1189368 #1189369 #1189370 Cross-References: CVE-2021-22930 CVE-2021-22931 CVE-2021-22939 CVE-2021-22940 CVE-2021-3672 Affected Products: SUSE Linux Enterprise Module for Web Scripting 15-SP3 SUSE Linux Enterprise Module for Web Scripting 15-SP2 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for nodejs14 fixes the following issues: o CVE-2021-3672: Fixed missing input validation on hostnames (bsc#1188881). o CVE-2021-22931: Fixed improper handling of untypical characters in domain names (bsc#1189370). o CVE-2021-22940: Use after free on close http2 on stream canceling (bsc# 1189368) o CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (bsc# 1189369) o CVE-2021-22930: Fixed use after free on close http2 on stream canceling (bsc#1188917). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Module for Web Scripting 15-SP3: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2021-3211=1 o SUSE Linux Enterprise Module for Web Scripting 15-SP2: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP2-2021-3211=1 Package List: o SUSE Linux Enterprise Module for Web Scripting 15-SP3 (aarch64 ppc64le s390x x86_64): nodejs14-14.17.5-5.15.5 nodejs14-debuginfo-14.17.5-5.15.5 nodejs14-debugsource-14.17.5-5.15.5 nodejs14-devel-14.17.5-5.15.5 npm14-14.17.5-5.15.5 o SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch): nodejs14-docs-14.17.5-5.15.5 o SUSE Linux Enterprise Module for Web Scripting 15-SP2 (aarch64 ppc64le s390x x86_64): nodejs14-14.17.5-5.15.5 nodejs14-debuginfo-14.17.5-5.15.5 nodejs14-debugsource-14.17.5-5.15.5 nodejs14-devel-14.17.5-5.15.5 npm14-14.17.5-5.15.5 o SUSE Linux Enterprise Module for Web Scripting 15-SP2 (noarch): nodejs14-docs-14.17.5-5.15.5 References: o https://www.suse.com/security/cve/CVE-2021-22930.html o https://www.suse.com/security/cve/CVE-2021-22931.html o https://www.suse.com/security/cve/CVE-2021-22939.html o https://www.suse.com/security/cve/CVE-2021-22940.html o https://www.suse.com/security/cve/CVE-2021-3672.html o https://bugzilla.suse.com/1188881 o https://bugzilla.suse.com/1188917 o https://bugzilla.suse.com/1189368 o https://bugzilla.suse.com/1189369 o https://bugzilla.suse.com/1189370 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVEF2ONLKJtyKPYoAQiFuw//Qr1Shk3ukqgHYPuARvSu9Muhr6rG3N3j NAMKO3rccK3wuHBjETbMIglQ5X5YHV0DyHIfaNlzUyA/JWgfMsqmG07tPd9z3uXN bJ7oJWY8noEEW8cRx81/hSPrS+7P/IJCmargFVuhtYQeVuHiqpRaEd8kmPg5ML8k uLFX0hm1Sdb3BcC86U/JDpifP8kuupqMqQjagZnO3aSmRkVLx5cQ2auJ2iRKg/Jx y7GE0nL9A7MMLC5WRrRC5OF2amXJpC3m96xiOn0ejJXqlafbDUQvMcb8GElFFA3y C1w0+yD91UIP1nDcHscrmv1tPJ2440CI3zfXZG110gRYfqr1BPvK2Qva6/MKZWq8 TB0s7/rs4KSw7du0yuGkIBX8TVvICSSueRIK4SvBLJcbkKM5EVwmpDbC3x+RIZs0 Gxhe0oox64v4xsf/9peQkWv1y3NwpIdih1FoquQvmofJEvWnWgXtvZi1ML3ENOml hK130FkmWSWVGPicmRBNhKV4lr7yAcTRszTWDnkIYcDoXeCFx1Uc2BRMVf+1WeXh UVi77xTLoC+GOdnaPpP3gejuhiZpQg77WIAU8ip6Wh4NBWAXnmJriwjfSzspxKsO y1V6REYSxanNwpS4xKu690hgTjkei06xc+I0OlWo9Z34V9J5ElOU43VEp7EZQ/Kx 2jf6Po5iiPQ= =GoKT -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3218 - [SUSE] hivex: Denial of service - Remote with user interaction

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3218 Security update for hivex 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: hivex Publisher: SUSE Operating System: SUSE Impact/Access: Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-3622 Reference: ESB-2021.3166 ESB-2021.2954 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213210-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for hivex ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3210-1 Rating: moderate References: #1189060 Cross-References: CVE-2021-3622 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for hivex fixes the following issues: o CVE-2021-3622: Fixed stack overflow due to recursive call of _get_children () (bsc#1189060). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-3210=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-3210=1 Package List: o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): hivex-debuginfo-1.3.10-5.7.1 hivex-debugsource-1.3.10-5.7.1 hivex-devel-1.3.10-5.7.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): hivex-debuginfo-1.3.10-5.7.1 hivex-debugsource-1.3.10-5.7.1 libhivex0-1.3.10-5.7.1 libhivex0-debuginfo-1.3.10-5.7.1 perl-Win-Hivex-1.3.10-5.7.1 perl-Win-Hivex-debuginfo-1.3.10-5.7.1 References: o https://www.suse.com/security/cve/CVE-2021-3622.html o https://bugzilla.suse.com/1189060 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVECZeNLKJtyKPYoAQgoVRAAnmt6O+by9VTfm0wjy5JKTmIPwi1hIZc3 0gunzA030voZw8TFe8W2cnGOx3YHyhEEIvENvvPQvYQSwSu8+8wOpAg+Hv5SuBET 0indjtk7b4XVIidQtAThVWkBNhEOWHqcmcEvY49NqCrhgFdpvwDsEVBLJ7tb9eUs 42pZgTYfcuhoYZTdrABIb+qpQ/LSgAIxDweXD/m+glslOhLyCX+o3pnq6C3+E39S 0nQe/01PGubq72YVFmQfMNguJfvDBBqsUD51NjK0JNJ1pF44OPUPYM+Jr5laPuqx 5wCPPxFsZ+Khe3802MlOudtakvmD4HuNhN22x3bveqlCtqlgB6SYplxaEH+DTAGb 6Jj5GbBqWaUdkZEzL00vJa+Ic8VJtPDmca2BljwGGGekFh1cD0QNbWgH4ksXpGIN zSHP9gropx1kKYHydd8BWbmLkN7w/tbnLxw/OfE7I02TtHIkQEhvI9qTl/aDFTU1 C6G/XITRO4SADDO5NSxENWri+HbgbnPFgu2qtFuPaC5wtJzY0zboi7aZQJ7errt7 jV61RBi+8I0PWTJWMDCic30ASxSlXOFk7UbckrhVaxuu9IPNMFg5pWL9LpGQnHlc CQwrxhANILAQNou6YGaAG23s1gRbKLtHh7zFo01/h3XhbLlfBKaZwN1e8Ziq66Fb 3F5q/Jgwy9k= =PO1D -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3217 - [Win][UNIX/Linux][SUSE] gd: Access confidential data - Existing account

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3217 Security update for gd 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: gd Publisher: SUSE Operating System: SUSE UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-40812 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213214-1 Comment: This advisory references vulnerabilities in products which run on platforms other than SUSE. It is recommended that administrators running GD Graphics Library check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for gd ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3214-1 Rating: moderate References: #1190400 Cross-References: CVE-2021-40812 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for gd fixes the following issues: o CVE-2021-40812: Fixed out-of-bounds read caused by the lack of certain gdGetBuf and gdPutBuf return value checks (bsc#1190400). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2021-3214=1 o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-3214=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-3214=1 Package List: o SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): gd-32bit-2.1.0-24.20.1 gd-debuginfo-32bit-2.1.0-24.20.1 gd-debugsource-2.1.0-24.20.1 o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): gd-debuginfo-2.1.0-24.20.1 gd-debugsource-2.1.0-24.20.1 gd-devel-2.1.0-24.20.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): gd-2.1.0-24.20.1 gd-debuginfo-2.1.0-24.20.1 gd-debugsource-2.1.0-24.20.1 References: o https://www.suse.com/security/cve/CVE-2021-40812.html o https://bugzilla.suse.com/1190400 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVECS+NLKJtyKPYoAQinSRAAm8OscBEMktyG5xJtB8Pgy0SwVf6P2DXa bbGEpfLWsJJyjDdyyc+cXUEM25JbUT7pi9uDdUtMELwFTmvmQTTdw/51WfstmZ8r hShwD9buZrv/+EEwJ0CgnGAl6XHLSvgPO8azZVsJoOSLUKgRZqsGvOqVHmgCMKU0 V6vvv05UZOFl/JBy1UFWtT2cU5Us4eQ120jix9HXUB3vTNywbFwBA06xMEIIdW9L TRrkUtrqcRKzPhAodQiTQzIPtEzpKpHnJNm5WeCzwxl4SObeNn2AbIQb0UzLhG4e JlIfNTBzeQyRqY4Z2TODHLl53QgL5uI+00Z2hs7cIaemFARhrC62m1e/wrPw3ic0 lCCCoHHMvxftj1LjEywzU599x9EcTqFOLlz8dEMj1HrvCora2/eeYPNPuUqwVA2j 78JsexTu6W7R/kZWsA/wn++BqZjx6M9pA0pe1bRtlveqx4DDQV+A0oMoj2T7rH4E n9Pl2/+qWrg7h5Xn4ZtetiDdbbgJCrJcyke2CjylbMS0LRpyD7Q8gJ3LsjuczWJi F3GRgrTRlwq/SI0VeELG8eR1zsS9APzOL/4PMUjFMQTjGp8KKP1Ty5z6Rtl+75ro 1lbm1WTYbCZhNgPSmApRKjH5SmX3m1KWlSjQO8KI4by6AiQOF4eiVow/2NaoNLfq py+B6RhwDUU= =Hdba -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3216 - [SUSE] ffmpeg: Reduced security - Existing account

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3216 Security update for ffmpeg 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ffmpeg Publisher: SUSE Operating System: SUSE Impact/Access: Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-38171 Reference: ESB-2021.3210 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20213212-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for ffmpeg ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:3212-1 Rating: important References: #1189724 Cross-References: CVE-2021-38171 Affected Products: SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Enterprise Storage 6 SUSE CaaS Platform 4.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ffmpeg fixes the following issues: o CVE-2021-38171: Fixed adts_decode_extradata in libavformat/adtsenc.c to check the init_get_bits return value (bsc#1189724). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-3212=1 o SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-3212=1 o SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-3212=1 o SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-3212=1 o SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2021-3212=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-3212=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-3212=1 o SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-3212=1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-3212=1 o SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2021-3212=1 o SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. I will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: o SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server for SAP 15-SP1 (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server for SAP 15 (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server 15-SP1-LTSS (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE Enterprise Storage 6 (aarch64 x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 o SUSE Enterprise Storage 6 (x86_64): libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 o SUSE CaaS Platform 4.0 (x86_64): ffmpeg-debuginfo-3.4.2-4.37.1 ffmpeg-debugsource-3.4.2-4.37.1 libavcodec-devel-3.4.2-4.37.1 libavcodec57-3.4.2-4.37.1 libavcodec57-32bit-3.4.2-4.37.1 libavcodec57-32bit-debuginfo-3.4.2-4.37.1 libavcodec57-debuginfo-3.4.2-4.37.1 libavdevice-devel-3.4.2-4.37.1 libavdevice57-3.4.2-4.37.1 libavdevice57-32bit-3.4.2-4.37.1 libavdevice57-32bit-debuginfo-3.4.2-4.37.1 libavdevice57-debuginfo-3.4.2-4.37.1 libavfilter-devel-3.4.2-4.37.1 libavfilter6-3.4.2-4.37.1 libavfilter6-32bit-3.4.2-4.37.1 libavfilter6-32bit-debuginfo-3.4.2-4.37.1 libavfilter6-debuginfo-3.4.2-4.37.1 libavformat-devel-3.4.2-4.37.1 libavformat57-3.4.2-4.37.1 libavformat57-32bit-3.4.2-4.37.1 libavformat57-32bit-debuginfo-3.4.2-4.37.1 libavformat57-debuginfo-3.4.2-4.37.1 libavresample-devel-3.4.2-4.37.1 libavresample3-3.4.2-4.37.1 libavresample3-32bit-3.4.2-4.37.1 libavresample3-32bit-debuginfo-3.4.2-4.37.1 libavresample3-debuginfo-3.4.2-4.37.1 libavutil-devel-3.4.2-4.37.1 libavutil55-3.4.2-4.37.1 libavutil55-32bit-3.4.2-4.37.1 libavutil55-32bit-debuginfo-3.4.2-4.37.1 libavutil55-debuginfo-3.4.2-4.37.1 libpostproc-devel-3.4.2-4.37.1 libpostproc54-3.4.2-4.37.1 libpostproc54-32bit-3.4.2-4.37.1 libpostproc54-32bit-debuginfo-3.4.2-4.37.1 libpostproc54-debuginfo-3.4.2-4.37.1 libswresample-devel-3.4.2-4.37.1 libswresample2-3.4.2-4.37.1 libswresample2-32bit-3.4.2-4.37.1 libswresample2-32bit-debuginfo-3.4.2-4.37.1 libswresample2-debuginfo-3.4.2-4.37.1 libswscale-devel-3.4.2-4.37.1 libswscale4-3.4.2-4.37.1 libswscale4-32bit-3.4.2-4.37.1 libswscale4-32bit-debuginfo-3.4.2-4.37.1 libswscale4-debuginfo-3.4.2-4.37.1 References: o https://www.suse.com/security/cve/CVE-2021-38171.html o https://bugzilla.suse.com/1189724 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVECJ+NLKJtyKPYoAQizHA/+LwXcf1kWQqAKM7iMdAEXxoT/fus3Zwel KOYXjTqLYtS/iTKOTJ1OcYfokoX9+ieTRhtjNEnwYx0vQf1wBrXYTuIPv85Tx4tv JX8FxwojT7FoQQVMOZXDVkiSB7fl1i4pYr0VjwkKGj3JGHT4gSu3O+MaeShkgHlQ WHYgaCkR+kowyzUuQk6+OWc0BdH9x8Azob3h+ovl4dO5ylewHl37JI/F4hZObaYH VVKuISkSfaUu+FlWu6D+5tzdcmnIUq22MTHnExUKw42KTdbBKluMcFEqLE0d8Ku2 6UPtWGpivhEPLwNtv8IzQsOo9kddEuf8mpChXKIB3CSD6fLNOHyeINPc9wPChZIo +Lac8LS1YSpGAH+uOmlCXXPrm235HcVF3oX56gNAkcgY+yvWcnnHvyb1AhE8PIt4 86ZFeqFKOZ4PfzTvqGS4BAr5ujtwa/c/qqkOLrm6aL3o4j0Y0sJUL7SzPZTjwCUh Lh6pNY3H8Wdv1ghY6BQT4mN4L3frvvUuHopezrfalRUW/vbBBSYDhcL98FdcAjiV dQOUD5SDI3lJjTGfWR1BBq00+1ise7d30pGvXhz1eGHYB5c7Amz344+uHEkX/Xeg vNy7LH/WZxqDnVWo+Rbp3/Ng5ws9oQ4Q8G6QqxcAea0BZiFYV30v41YpDi///3oe FrufTa3Y3BA= =rjPR -----END PGP SIGNATURE-----
2021. szeptember 27.

ESB-2021.3215 - [SUSE] curl: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3215 Security update for curl 27 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: curl Publisher: SUSE Operating System: SUSE Impact/Access: Access Confidential Data -- Remote/Unauthenticated Reduced Security -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-22947 CVE-2021-22946 Reference: ESB-2021.3119.2 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-202114807-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for curl ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14807-1 Rating: moderate References: #1190373 #1190374 Cross-References: CVE-2021-22946 CVE-2021-22947 Affected Products: SUSE Linux Enterprise Server 11-SECURITY ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for curl fixes the following issues: o CVE-2021-22947: Fixed STARTTLS protocol injection via MITM (bsc#1190374). o CVE-2021-22946: Fixed protocol downgrade required TLS bypassed (bsc# 1190373). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server 11-SECURITY: zypper in -t patch secsp3-curl-14807=1 Package List: o SUSE Linux Enterprise Server 11-SECURITY (i586 ia64 ppc64 s390x x86_64): curl-openssl1-7.37.0-70.74.1 libcurl4-openssl1-7.37.0-70.74.1 o SUSE Linux Enterprise Server 11-SECURITY (ppc64 s390x x86_64): libcurl4-openssl1-32bit-7.37.0-70.74.1 o SUSE Linux Enterprise Server 11-SECURITY (ia64): libcurl4-openssl1-x86-7.37.0-70.74.1 References: o https://www.suse.com/security/cve/CVE-2021-22946.html o https://www.suse.com/security/cve/CVE-2021-22947.html o https://bugzilla.suse.com/1190373 o https://bugzilla.suse.com/1190374 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYVECF+NLKJtyKPYoAQhQBQ/9EO4Bbpq3yIRdPRwug9QU4Ibk7ZlwIPkQ yNZ0l2LfMEXuU8R+GuZjtpQYvpXy4OsPy9ycuGE9CHA+Tq46HQ8DreKL80oeoRl1 ixGtdIFcKWKIvHM7Gz6iu7SepiI3vFY9BqKrp9raJ0SHDmttkUVV6x18WBGg/YvR k565YFlnCL1GBKbbXpL5aQRVxba0lcrPkuGT85iLuGliqzcanOtD+gCnIfDGi+bo N0keTEE7/M0JnfpoaEoa8JjwPKaAXK9J7jZam3dKRmSVFWWf9yklCvchJuJCQ4tU Rylc4j5TKIYFoyYzHMR+e5iY9UwrbIok6k8J2h0hUrLFrrXfnB/GrMFSwBa12afr R0nzyoFPz4z0Qz0AFwYVAJ0CVkngGztyngIEyYWVl3Ge1k/GuSLjqp5Wu9walMYh ejkPV40vXVkF/kPvSJY63sFvl9WVUEMiZ6cffo0yam0hKO8UqoAVf5eoI3ZNL3D0 +qRR2TOM3WDiUBWWhXHNhDXq48GKXI/lMk6R2GuPkwj1ob6Tp0xOs89JFxULquoO s7mvaxD2Czhh/o/Yb6PadF1kHMYIsAzXYeY7Tt57fAlRDmhJaEAGBr18IjE8rLtq rY2MYIzfcQ6QyK/OoBBijn+z0j6+FALKWDw7lRhIoq9azMMS6knbe0OaOW/y6ILI U5QFkilbjwg= =bIBt -----END PGP SIGNATURE-----