Operating System:

[SUSE]

Published:

09 March 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.0843
         SUSE-SU-2020:0605-1 Security update for the Linux Kernel
                               9 March 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           linux kernel
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Access Privileged Data          -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-7053 CVE-2019-19965 CVE-2019-19927
                   CVE-2019-19318 CVE-2019-19054 CVE-2019-19045
                   CVE-2019-19036 CVE-2019-16994 CVE-2019-14897
                   CVE-2019-14896 CVE-2019-14615 

Reference:         ASB-2020.0010
                   ESB-2020.0830
                   ESB-2020.0797
                   ESB-2020.0305
                   ESB-2020.0251

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2020/suse-su-20200605-1.html

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for the Linux Kernel

______________________________________________________________________________

Announcement ID:   SUSE-SU-2020:0605-1
Rating:            moderate
References:        #1050244 #1051510 #1051858 #1065600 #1065729 #1071995
                   #1083647 #1085030 #1086301 #1086313 #1086314 #1104745
                   #1109837 #1111666 #1112178 #1112374 #1113956 #1114279
                   #1114685 #1123328 #1144333 #1151927 #1153917 #1154601
                   #1157155 #1157157 #1157692 #1158013 #1158026 #1158071
                   #1159028 #1159096 #1159377 #1159394 #1159588 #1159911
                   #1160147 #1160195 #1160210 #1160211 #1160433 #1160442
                   #1160469 #1160470 #1160476 #1160560 #1160618 #1160678
                   #1160755 #1160756 #1160784 #1160787 #1160802 #1160803
                   #1160804 #1160917 #1160966 #1161087 #1161243 #1161472
                   #1161514 #1161518 #1161522 #1161523 #1161549 #1161674
                   #1161875 #1162028
Cross-References:  CVE-2019-14615 CVE-2019-14896 CVE-2019-14897 CVE-2019-16994
                   CVE-2019-19036 CVE-2019-19045 CVE-2019-19054 CVE-2019-19318
                   CVE-2019-19927 CVE-2019-19965 CVE-2020-7053
Affected Products:
                   SUSE Linux Enterprise Real Time Extension 12-SP5
______________________________________________________________________________

An update that solves 11 vulnerabilities and has 57 fixes is now available.

Description:


The SUSE Linux Enterprise 12 SP5 real-time kernel was updated to receive
various security and bugfixes.

The following security bugs were fixed:

  o CVE-2019-14615: An information disclosure vulnerability existed due to
    insufficient control flow in certain data structures for some Intel(R)
    Processors (bnc#1160195).
  o CVE-2019-14896: A heap overflow was found in the add_ie_rates() function of
    the Marvell Wifi Driver (bsc#1157157).
  o CVE-2019-14897: A stack overflow was found in the lbs_ibss_join_existing()
    function of the Marvell Wifi Driver (bsc#1157155).
  o CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c
    which might have caused denial of service, aka CID-07f12b26e21a (bnc#
    1161523).
  o CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c
    allowed a NULL pointer dereference because rcu_dereference(root->node) can
    be zero (bnc#1157692).
  o CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/
    fpga/conn.c allowed attackers to cause a denial of service (memory
    consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7
    (bnc#1161522).
  o CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers
    /media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of
    service (memory consumption) by triggering kfifo_alloc() failures, aka
    CID-a7b2df76b42b (bnc#1161518).
  o CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a
    use-after-free (bnc#1158026).
  o CVE-2019-19927: A slab-out-of-bounds read access could have been caused
    when mounting a crafted f2fs filesystem image and performing some
    operations on it, in drivers/gpu/drm/ttm/ttm_page_alloc.c (bnc#1160147).
  o CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas
    /sas_discover.c because of mishandling of port disconnection during
    discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bnc#
    1159911).
  o CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close
    function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c (bnc#
    1160966).

The following non-security bugs were fixed:

  o ALSA: hda - Apply sync-write workaround to old Intel platforms, too (bsc#
    1111666).
  o ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker (bsc#
    1111666).
  o ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).
  o ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th
    gen (bsc#1111666).
  o ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC (bsc#1111666).
  o ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).
  o ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).
  o ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 (bsc#
    1111666).
  o ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).
  o ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).
  o ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI (bsc#
    1111666).
  o Fix partial checked out tree build ... so that bisection does not break.
  o Fix the locking in dcache_readdir() and friends (bsc#1123328).
  o HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).
  o HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).
  o HID: uhid: Fix returning EPOLLOUT from uhid_char_poll (bsc#1051510).
  o IB/hfi1: Do not cancel unused work item (bsc#1114685 ).
  o NFC: pn533: fix bulk-message timeout (bsc#1051510).
  o RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).
  o Temporary workaround for bsc#1159096 should no longer be needed.
  o USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).
  o USB: serial: io_edgeport: add missing active-port sanity check (bsc#
    1051510).
  o USB: serial: keyspan: handle unbound ports (bsc#1051510).
  o USB: serial: opticon: fix control-message timeouts (bsc#1051510).
  o USB: serial: quatech2: handle unbound ports (bsc#1051510).
  o USB: serial: suppress driver bind attributes (bsc#1051510).
  o blk-mq: avoid sysfs buffer overflow with too many CPU cores (bsc#1159377).
  o blk-mq: make sure that line break can be printed (bsc#1159377).
  o bnxt: apply computed clamp value for coalece parameter (bsc#1104745).
  o bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).
  o bnxt_en: Return error if FW returns more data than dump length (bsc#
    1104745).
  o bpf/sockmap: Read psock ingress_msg before sk_receive_queue (bsc#1083647).
  o bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).
  o bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).
  o bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).
  o bpf: Sanity check max value for var_off stack access (bco#1160618).
  o bpf: Support variable offset stack access from helpers (bco#1160618).
  o bpf: add self-check logic to liveness analysis (bsc#1160618).
  o bpf: add verifier stats and log_level bit 2 (bsc#1160618).
  o bpf: improve stacksafe state comparison (bco#1160618).
  o bpf: improve verification speed by droping states (bsc#1160618).
  o bpf: improve verification speed by not remarking live_read (bsc#1160618).
  o bpf: improve verifier branch analysis (bsc#1160618).
  o bpf: increase complexity limit and maximum program size (bsc#1160618).
  o bpf: increase verifier log limit (bsc#1160618).
  o bpf: speed up stacksafe check (bco#1160618).
  o bpf: verifier: teach the verifier to reason about the BPF_JSET instruction
    (bco#1160618).
  o btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it
    (dependency for bsc#1157692).
  o btrfs: fix block group remaining RO forever after error during device
    replace (bsc#1160442).
  o btrfs: fix infinite loop during nocow writeback due to race (bsc#1160804).
  o btrfs: fix integer overflow in calc_reclaim_items_nr (bsc#1160433).
  o btrfs: fix negative subv_writers counter and data space leak after buffered
    write (bsc#1160802).
  o btrfs: fix removal logic of the tree mod log that leads to use-after-free
    issues (bsc#1160803).
  o btrfs: fix selftests failure due to uninitialized i_mode in test inodes
    (Fix for dependency of bsc#1157692).
  o btrfs: inode: Verify inode mode to avoid NULL pointer dereference
    (dependency for bsc#1157692).
  o btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).
  o btrfs: tree-checker: Check chunk item at tree block read time (dependency
    for bsc#1157692).
  o btrfs: tree-checker: Check level for leaves and nodes (dependency for bsc#
    1157692).
  o btrfs: tree-checker: Enhance chunk checker to validate chunk profile
    (dependency for bsc#1157692).
  o btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency of
    bsc#1157692).
  o btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead
    of EIO (dependency for bsc#1157692).
  o btrfs: tree-checker: Make chunk item checker messages more readable
    (dependency for bsc#1157692).
  o btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).
  o btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in block_group_err (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_block_group_item
    (dependency for bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_csum_item (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_dev_item (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_dir_item (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_extent_data_item
    (dependency for bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_inode_item (dependency
    for bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in check_leaf (dependency for bsc#
    1157692).
  o btrfs: tree-checker: get fs_info from eb in check_leaf_item (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in chunk_err (dependency for bsc#
    1157692).
  o btrfs: tree-checker: get fs_info from eb in dev_item_err (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in dir_item_err (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in file_extent_err (dependency for
    bsc#1157692).
  o btrfs: tree-checker: get fs_info from eb in generic_err (dependency for bsc
    #1157692).
  o can: gs_usb: gs_usb_probe(): use descriptors of current altsetting (bsc#
    1051510).
  o can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling
    to irq mode (bsc#1051510).
  o cfg80211/mac80211: make ieee80211_send_layer2_update a public function (bsc
    #1051510).
  o cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).
  o cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).
  o cifs: Close cached root handle only if it had a lease (bsc#1144333).
  o cifs: Close open handle after interrupted close (bsc#1144333).
  o cifs: Do not miss cancelled OPEN responses (bsc#1144333).
  o cifs: Fix NULL pointer dereference in mid callback (bsc#1144333).
  o cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks (bsc#
    1144333).
  o cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).
  o cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() (bsc#1144333).
  o cifs: Fix mount options set in automount (bsc#1144333).
  o cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).
  o cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).
  o cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).
  o cifs: Properly process SMB3 lease breaks (bsc#1144333).
  o cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1144333).
  o cifs: add support for flock (bsc#1144333).
  o cifs: close the shared root handle on tree disconnect (bsc#1144333).
  o cifs: remove set but not used variables 'cinode' and 'netfid' (bsc#
    1144333).
  o clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).
  o clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).
  o clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).
  o clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering (bsc#1051510).
  o clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).
  o drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (bsc#1051510).
  o drm/fb-helper: Round up bits_per_pixel if possible (bsc#1051510).
  o drm/i810: Prevent underflow in ioctl (bsc#1114279)
  o drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)
  o drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)
  o drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)
  o drm/i915: Add missing include file (bsc#1051510).
  o drm/i915: Fix pid leak with banned clients (bsc#1114279)
  o drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
  o drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
  o drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)
  o drm/sun4i: hdmi: Remove duplicate cleanup calls (bsc#1113956)
  o drm: limit to INT_MAX in create_blob ioctl (bsc#1051510).
  o exit: panic before exit_mm() on global init exit (bsc#1161549).
  o extcon: max8997: Fix lack of path setting in USB device mode (bsc#1051510).
  o fjes: fix missed check in fjes_acpi_add (bsc#1051510).
  o fs: cifs: Fix atime update check vs mtime (bsc#1144333).
  o ftrace: Avoid potential division by zero in function profiler (bsc#
    1160784).
  o gpio: Fix error message on out-of-range GPIO in lookup table (bsc#1051510).
  o hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).
  o iio: buffer: align the size of scan bytes to size of the largest element
    (bsc#1051510).
  o inet: protect against too small mtu values (networking-stable-19_12_16).
  o init: add arch_call_rest_init to allow stack switching (jsc#SLE-11178).
  o iommu/iova: Init the struct iova to fix the possible memleak (bsc#1160469).
  o iommu/mediatek: Correct the flush_iotlb_all callback (bsc#1160470).
  o iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).
  o iommu: Remove device link to group on failure (bsc#1160755).
  o iwlwifi: change monitor DMA to be coherent (bsc#1161243).
  o kABI fixup for alloc_dax_region (bsc#1158071,bsc#1160678).
  o kABI: Protest new fields in BPF structs (bsc#1160618).
  o kABI: protect struct sctp_ep_common (kabi).
  o kernel/trace: Fix do not unregister tracepoints when register
    sched_migrate_task fail (bsc#1160787).
  o kvm: x86: Host feature SSBD does not imply guest feature SPEC_CTRL_SSBD
    (bsc#1160476).
  o leds: Allow to call led_classdev_unregister() unconditionally (bsc#
    1161674).
  o leds: class: ensure workqueue is initialized before setting brightness (bsc
    #1161674).
  o livepatch: Simplify stack trace retrieval (jsc#SLE-11178).
  o mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1112374).
  o mm, debug_pagealloc: do not rely on static keys too early (VM debuging
    functionality, bsc#1159096).
  o mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock (bsc
    #1159394).
  o mmc: sdhci: Add a quirk for broken command queuing (git-fixes).
  o mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes).
  o net, sysctl: Fix compiler warning when only cBPF is present (bsc#1109837).
  o net/mlx4_en: fix mlx4 ethtool -N insertion (networking-stable-19_11_25).
  o net/mlx5e: Fix set vf link state error flow (networking-stable-19_11_25).
  o net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).
  o net/sched: act_pedit: fix WARN() in the traffic path
    (networking-stable-19_11_25).
  o net: bridge: deny dev_set_mac_address() when unregistering
    (networking-stable-19_12_16).
  o net: ethernet: ti: cpsw: fix extra rx interrupt
    (networking-stable-19_12_16).
  o net: psample: fix skb_over_panic (networking-stable-19_12_03).
  o net: rtnetlink: prevent underflows in do_setvfinfo()
    (networking-stable-19_11_25).
  o net: sched: fix `tc -s class show` no bstats on class with nolock subqueues
    (networking-stable-19_12_03).
  o net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).
  o net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules
    (networking-stable-19_11_18).
  o openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info()
    (networking-stable-19_12_03).
  o openvswitch: remove another BUG_ON() (networking-stable-19_12_03).
  o openvswitch: support asymmetric conntrack (networking-stable-19_12_16).
  o platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 (bsc#
    1051510).
  o powerpc/irq: fix stack overflow verification (bsc#1065729).
  o powerpc/livepatch: return -ERRNO values in save_stack_trace_tsk_reliable()
    (bsc#1071995 bsc#1161875).
  o powerpc/mm: drop #ifdef CONFIG_MMU in is_ioremap_addr() (bsc#1065729).
  o powerpc/pkeys: remove unused pkey_allows_readwrite (bsc#1065729).
  o powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028 ltc#
    181740).
  o powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
    (git-fixes).
  o powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).
  o powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).
  o powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts (bsc#1085030).
  o powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB
    (bnc#1151927 5.3.17).
  o powerpc: Allow flush_icache_range to work across ranges >4GB (bnc#1151927
    5.3.17).
  o qede: Disable hardware gro when xdp prog is installed (bsc#1086314 bsc#
    1086313 bsc#1086301 ).
  o r8152: add missing endpoint sanity check (bsc#1051510).
  o s390/ftrace: save traced function caller (jsc#SLE-11178).
  o s390/ftrace: use HAVE_FUNCTION_GRAPH_RET_ADDR_PTR (jsc#SLE-11178).
  o s390/head64: correct init_task stack setup (jsc#SLE-11178).
  o s390/kasan: avoid false positives during stack unwind (jsc#SLE-11178).
  o s390/kasan: avoid report in get_wchan (jsc#SLE-11178).
  o s390/livepatch: Implement reliable stack tracing for the consistency model
    (jsc#SLE-11178).
  o s390/process: avoid custom stack unwinding in get_wchan (jsc#SLE-11178).
  o s390/stacktrace: use common arch_stack_walk infrastructure (jsc#SLE-11178).
  o s390/suspend: fix stack setup in swsusp_arch_suspend (jsc#SLE-11178).
  o s390/test_unwind: print verbose unwinding results (jsc#SLE-11178).
  o s390/unwind: add stack pointer alignment sanity checks (jsc#SLE-11178).
  o s390/unwind: always inline get_stack_pointer (jsc#SLE-11178).
  o s390/unwind: avoid int overflow in outside_of_stack (jsc#SLE-11178).
  o s390/unwind: cleanup unused READ_ONCE_TASK_STACK (jsc#SLE-11178).
  o s390/unwind: correct stack switching during unwind (jsc#SLE-11178).
  o s390/unwind: drop unnecessary code around calling ftrace_graph_ret_addr()
    (jsc#SLE-11178).
  o s390/unwind: filter out unreliable bogus %r14 (jsc#SLE-11178).
  o s390/unwind: fix get_stack_pointer(NULL, NULL) (jsc#SLE-11178).
  o s390/unwind: fix mixing regs and sp (jsc#SLE-11178).
  o s390/unwind: introduce stack unwind API (jsc#SLE-11178).
  o s390/unwind: make reuse_sp default when unwinding pt_regs (jsc#SLE-11178).
  o s390/unwind: remove stack recursion warning (jsc#SLE-11178).
  o s390/unwind: report an error if pt_regs are not on stack (jsc#SLE-11178).
  o s390/unwind: start unwinding from reliable state (jsc#SLE-11178).
  o s390/unwind: stop gracefully at task pt_regs (jsc#SLE-11178).
  o s390/unwind: stop gracefully at user mode pt_regs in irq stack (jsc#
    SLE-11178).
  o s390/unwind: unify task is current checks (jsc#SLE-11178).
  o s390: add stack switch helper (jsc#SLE-11178).
  o s390: add support for virtually mapped kernel stacks (jsc#SLE-11178).
  o s390: always inline current_stack_pointer() (jsc#SLE-11178).
  o s390: always inline disabled_wait (jsc#SLE-11178).
  o s390: avoid misusing CALL_ON_STACK for task stack setup (jsc#SLE-11178).
  o s390: clean up stacks setup (jsc#SLE-11178).
  o s390: correct CALL_ON_STACK back_chain saving (jsc#SLE-11178).
  o s390: disable preemption when switching to nodat stack with CALL_ON_STACK
    (jsc#SLE-11178).
  o s390: fine-tune stack switch helper (jsc#SLE-11178).
  o s390: fix register clobbering in CALL_ON_STACK (jsc#SLE-11178).
  o s390: kabi workaround for ftrace_ret_stack (jsc#SLE-11178).
  o s390: kabi workaround for lowcore changes due to vmap stack (jsc#
    SLE-11178).
  o s390: kabi workaround for reliable stack tracing (jsc#SLE-11178).
  o s390: preserve kabi for stack unwind API (jsc#SLE-11178).
  o s390: unify stack size definitions (jsc#SLE-11178).
  o scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1154601).
  o scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs (bsc#1158013).
  o scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport
    (bsc#1158013).
  o scsi: qla2xxx: Cleanup unused async_logout_done (bsc#1158013).
  o scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).
  o scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).
  o scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).
  o scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).
  o scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).
  o scsi: qla2xxx: Fix stuck login session using prli_pend_timer (bsc#1158013).
  o scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).
  o scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
    (bsc#1158013).
  o scsi: qla2xxx: Fix update_fcport for current_topology (bsc#1158013).
  o scsi: qla2xxx: Improve readability of the code that handles qla_flt_header
    (bsc#1158013).
  o scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (bsc#
    1158013).
  o scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).
  o scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).
  o scsi: qla2xxx: Use get_unaligned_*() instead of open-coding these functions
    (bsc#1158013).
  o sctp: cache netns in sctp_ep_common (networking-stable-19_12_03).
  o sfc: Only cancel the PPS workqueue if it exists
    (networking-stable-19_11_25).
  o sfc: Remove 'PCIE error reporting unavailable' (bsc#1161472).
  o smb3: Fix crash in SMB2_open_init due to uninitialized field in compounding
    path (bsc#1144333).
  o smb3: Fix persistent handles reconnect (bsc#1144333).
  o smb3: fix refcount underflow warning on unmount when no directory leases
    (bsc#1144333).
  o smb3: remove confusing dmesg when mounting with encryption ("seal") (bsc#
    1144333).
  o stacktrace: Do not skip first entry on noncurrent tasks (jsc#SLE-11178).
  o stacktrace: Force USER_DS for stack_trace_save_user() (jsc#SLE-11178).
  o stacktrace: Get rid of unneeded '!!' pattern (jsc#SLE-11178).
  o stacktrace: Provide common infrastructure (jsc#SLE-11178).
  o stacktrace: Provide helpers for common stack trace operations (jsc#
    SLE-11178).
  o stacktrace: Unbreak stack_trace_save_tsk_reliable() (jsc#SLE-11178).
  o stacktrace: Use PF_KTHREAD to check for kernel threads (jsc#SLE-11178).
  o tcp: clear tp->packets_out when purging write queue (bsc#1160560).
  o tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable
    4.14.159).
  o tcp: md5: fix potential overestimation of TCP option space
    (networking-stable-19_12_16).
  o tracing: Cleanup stack trace code (jsc#SLE-11178).
  o tracing: Have the histogram compare functions convert to u64 first (bsc#
    1160210).
  o workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).
  o x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks (bsc#
    1114279).
  o x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() (bsc#
    1114279).
  o x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI (bsc#1114279).
  o x86/mce/AMD: Allow any CPU to initialize the smca_banks array (bsc#
    1114279).
  o x86/mce: Fix possibly incorrect severity calculation on AMD (bsc#1114279).
  o x86/resctrl: Fix an imbalance in domain_remove_cpu() (bsc#1114279).
  o x86/resctrl: Fix potential memory leak (bsc#1114279).
  o xen-blkfront: switch kcalloc to kvcalloc for large array allocation (bsc#
    1160917).
  o xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk (bsc#1065600).
  o xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1161087, bsc#
    1153917).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Real Time Extension 12-SP5:
    zypper in -t patch SUSE-SLE-RT-12-SP5-2020-605=1

Package List:

  o SUSE Linux Enterprise Real Time Extension 12-SP5 (noarch):
       kernel-devel-rt-4.12.14-6.3.1
       kernel-source-rt-4.12.14-6.3.1
  o SUSE Linux Enterprise Real Time Extension 12-SP5 (x86_64):
       cluster-md-kmp-rt-4.12.14-6.3.1
       dlm-kmp-rt-4.12.14-6.3.1
       gfs2-kmp-rt-4.12.14-6.3.1
       kernel-rt-4.12.14-6.3.1
       kernel-rt-base-4.12.14-6.3.1
       kernel-rt-devel-4.12.14-6.3.1
       kernel-rt_debug-4.12.14-6.3.1
       kernel-rt_debug-devel-4.12.14-6.3.1
       kernel-syms-rt-4.12.14-6.3.1
       ocfs2-kmp-rt-4.12.14-6.3.1


References:

  o https://www.suse.com/security/cve/CVE-2019-14615.html
  o https://www.suse.com/security/cve/CVE-2019-14896.html
  o https://www.suse.com/security/cve/CVE-2019-14897.html
  o https://www.suse.com/security/cve/CVE-2019-16994.html
  o https://www.suse.com/security/cve/CVE-2019-19036.html
  o https://www.suse.com/security/cve/CVE-2019-19045.html
  o https://www.suse.com/security/cve/CVE-2019-19054.html
  o https://www.suse.com/security/cve/CVE-2019-19318.html
  o https://www.suse.com/security/cve/CVE-2019-19927.html
  o https://www.suse.com/security/cve/CVE-2019-19965.html
  o https://www.suse.com/security/cve/CVE-2020-7053.html
  o https://bugzilla.suse.com/1050244
  o https://bugzilla.suse.com/1051510
  o https://bugzilla.suse.com/1051858
  o https://bugzilla.suse.com/1065600
  o https://bugzilla.suse.com/1065729
  o https://bugzilla.suse.com/1071995
  o https://bugzilla.suse.com/1083647
  o https://bugzilla.suse.com/1085030
  o https://bugzilla.suse.com/1086301
  o https://bugzilla.suse.com/1086313
  o https://bugzilla.suse.com/1086314
  o https://bugzilla.suse.com/1104745
  o https://bugzilla.suse.com/1109837
  o https://bugzilla.suse.com/1111666
  o https://bugzilla.suse.com/1112178
  o https://bugzilla.suse.com/1112374
  o https://bugzilla.suse.com/1113956
  o https://bugzilla.suse.com/1114279
  o https://bugzilla.suse.com/1114685
  o https://bugzilla.suse.com/1123328
  o https://bugzilla.suse.com/1144333
  o https://bugzilla.suse.com/1151927
  o https://bugzilla.suse.com/1153917
  o https://bugzilla.suse.com/1154601
  o https://bugzilla.suse.com/1157155
  o https://bugzilla.suse.com/1157157
  o https://bugzilla.suse.com/1157692
  o https://bugzilla.suse.com/1158013
  o https://bugzilla.suse.com/1158026
  o https://bugzilla.suse.com/1158071
  o https://bugzilla.suse.com/1159028
  o https://bugzilla.suse.com/1159096
  o https://bugzilla.suse.com/1159377
  o https://bugzilla.suse.com/1159394
  o https://bugzilla.suse.com/1159588
  o https://bugzilla.suse.com/1159911
  o https://bugzilla.suse.com/1160147
  o https://bugzilla.suse.com/1160195
  o https://bugzilla.suse.com/1160210
  o https://bugzilla.suse.com/1160211
  o https://bugzilla.suse.com/1160433
  o https://bugzilla.suse.com/1160442
  o https://bugzilla.suse.com/1160469
  o https://bugzilla.suse.com/1160470
  o https://bugzilla.suse.com/1160476
  o https://bugzilla.suse.com/1160560
  o https://bugzilla.suse.com/1160618
  o https://bugzilla.suse.com/1160678
  o https://bugzilla.suse.com/1160755
  o https://bugzilla.suse.com/1160756
  o https://bugzilla.suse.com/1160784
  o https://bugzilla.suse.com/1160787
  o https://bugzilla.suse.com/1160802
  o https://bugzilla.suse.com/1160803
  o https://bugzilla.suse.com/1160804
  o https://bugzilla.suse.com/1160917
  o https://bugzilla.suse.com/1160966
  o https://bugzilla.suse.com/1161087
  o https://bugzilla.suse.com/1161243
  o https://bugzilla.suse.com/1161472
  o https://bugzilla.suse.com/1161514
  o https://bugzilla.suse.com/1161518
  o https://bugzilla.suse.com/1161522
  o https://bugzilla.suse.com/1161523
  o https://bugzilla.suse.com/1161549
  o https://bugzilla.suse.com/1161674
  o https://bugzilla.suse.com/1161875
  o https://bugzilla.suse.com/1162028

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXmW+LGaOgq3Tt24GAQiOrRAAw+/cpnKunjsfLa/YTDuxchrmCIkanS15
dRZzPkri+zs2w2DfPKAWG78/4LvNScj5gPCDYI5Hu9HpcFEzf/ApUSK6bOJerzAW
RYx1EYZgIFFUO+OPcxtG6BT77PjCwcd/IMpGv8pOHqyceBwKx6s8N5iNuaEsmfMD
N6xf8dZfHk/BXjuqu91ytwgKQXJsMYwbjwZ5iR+W57149NAEFRN3I1iqMd23dJd8
zrjwQqzg0796eRh7go8/XwQ2W73lcAIg/WEZqdSntCbaREL8FQRVglqROsiWCBKg
LMh5MD7hmMQdxoEWkK47iyPcZ/jHEpmUPkFW4ilYjYPVTVIK4Ah6EvLUDa0AHms9
tNuI2c7FmA5W+iAY4ykrX60aOhS+qv1d8BI7eRQutEHc+6JADi2PVhDX55WFKw2Q
YAqybhOyObcByAzjx/w3urmTuBa3skjJL8ZZAN7ohP3HNJvgLqJJIMeh8w2A8KZT
mhRIthBzf1VcKRLvR4+O+Q62sQFe1TioRW6508MJdA48JY7ZhNCN+VTAu/TLWWdq
bGKWqicB565owjXhCS1LE6JRGHXCrH9N+1aMZC+kLjtZTfHjyCuDZAIHRMCUDMbQ
nwZpojTs9WKK6rSVbPgOUdXB/JjBRi9ZlAVc4hc3Txo2wdooAONoC/pKC/2sKluo
N0ozcro9cDY=
=nqQk
-----END PGP SIGNATURE-----