Advisories


   openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:0579-1
Rating:             important
References:         #1047233 #1065729 #1113295 #1152489 #1154353 
                    #1155518 #1156395 #1167574 #1175995 #1178181 
                    #1181507 #1183405 #1184074 #1184120 #1184194 
                    #1184211 #1184388 #1184391 #1184393 #1184485 
                    #1184509 #1184511 #1184512 #1184514 #1184583 
                    #1184585 #1184647 
Cross-References:   CVE-2020-25670 CVE-2020-25671 CVE-2020-25672
                    CVE-2020-25673 CVE-2020-36310 CVE-2020-36311
                    CVE-2020-36312 CVE-2020-36322 CVE-2021-28950
                    CVE-2021-29154 CVE-2021-30002 CVE-2021-3483
                   
CVSS scores:
                    CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
                    CVE-2020-36310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
                    CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    openSUSE Leap 15.2
______________________________________________________________________________

   An update that solves 12 vulnerabilities and has 15 fixes
   is now available.

Description:

   The openSUSE Linux Leap 15.2 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
   - CVE-2021-30002: Fixed a memory leak for large arguments in
     video_usercopy (bsc#1184120).
   - CVE-2021-29154: Fixed incorrect computation of branch displacements,
     allowing arbitrary code execution (bsc#1184391).
   - CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop
     continually was finding the same bad inode (bsc#1184194).
   - CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509
     ).
   - CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
     destruction of a large SEV VM (bsc#1184511).
   - CVE-2020-36310: Fixed infinite loop for certain nested page faults
     (bsc#1184512).
   - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
     multiple bugs in NFC subsytem (bsc#1178181).
   - CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem
     implementation which could have caused a system crash (bsc#1184211).

   The following non-security bugs were fixed:

   - ALSA: aloop: Fix initialization of controls (git-fixes).
   - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
   - appletalk: Fix skb allocation size in loopback case (git-fixes).
   - ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
   - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
   - ASoC: intel: atom: Remove 44100 sample-rate from the media and
     deep-buffer DAI descriptions (git-fixes).
   - ASoC: intel: atom: Stop advertising non working S24LE support
     (git-fixes).
   - ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
   - ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
   - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
     (git-fixes).
   - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
     (git-fixes).
   - atl1c: fix error return code in atl1c_probe() (git-fixes).
   - atl1e: fix error return code in atl1e_probe() (git-fixes).
   - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
     (git-fixes).
   - bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).
   - bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
   - bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518).
   - brcmfmac: clear EAP/association status bits on linkdown events
     (git-fixes).
   - bus: ti-sysc: Fix warning on unbind if reset is not deasserted
     (git-fixes).
   - cifs: change noisy error message to FYI (bsc#1181507).
   - cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
   - cifs: do not send close in compound create+close requests (bsc#1181507).
   - cifs: New optype for session operations (bsc#1181507).
   - cifs: print MIDs in decimal notation (bsc#1181507).
   - cifs: return proper error code in statfs(2) (bsc#1181507).
   - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
   - clk: fix invalid usage of list cursor in register (git-fixes).
   - clk: fix invalid usage of list cursor in unregister (git-fixes).
   - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
   - dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574,
     bsc#1175995, bsc#1184485).
   - drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
     (git-fixes).
   - drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
   - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
     (git-fixes).
   - drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
   - drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs
     (git-fixes).
   - drm/msm: Ratelimit invalid-fence message (git-fixes).
   - drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
   - enetc: Fix reporting of h/w packet counters (git-fixes).
   - fix Patch-mainline:
     patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch
   - fix patch metadata
   - fuse: fix bad inode (bsc#1184211).
   - fuse: fix live lock in fuse_iget() (bsc#1184211).
   - gianfar: Handle error code at MAC address change (git-fixes).
   - i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
   - i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
   - ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
   - iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).
   - kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
   - libbpf: Fix INSTALL flag order (bsc#1155518).
   - libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).
   - locking/mutex: Fix non debug version of mutex_lock_io_nested()
     (git-fixes).
   - mac80211: choose first enabled channel for monitor (git-fixes).
   - mac80211: fix TXQ AC confusion (git-fixes).
   - mISDN: fix crash in fritzpci (git-fixes).
   - net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
   - net: b44: fix error return code in b44_init_one() (git-fixes).
   - net: ethernet: ti: cpsw: fix error return code in cpsw_probe()
     (git-fixes).
   - net: hns3: Remove the left over redundant check & assignment
     (bsc#1154353).
   - net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
   - net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
   - net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
   - net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
   - net: qualcomm: rmnet: Fix incorrect receive packet handling during
     cleanup (git-fixes).
   - net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
   - net: wan/lmc: unregister device when no matching device is found
     (git-fixes).
   - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
     (git-fixes).
   - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
     (git-fixes).
   - PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
   - post.sh: Return an error when module update fails (bsc#1047233
     bsc#1184388).
   - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
     (bsc#1065729).
   - powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
   - powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
   - powerpc/sstep: Check instruction validity against ISA version before
     emulation (bsc#1156395).
   - powerpc/sstep: Fix darn emulation (bsc#1156395).
   - powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
   - powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
   - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
   - RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
   - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).
   - rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.
   - rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package
     (bsc#1184514) The devel package requires the kernel binary package
     itself for building modules externally.
   - samples/bpf: Fix possible hang in xdpsock with multiple threads
     (bsc#1155518).
   - scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647
     ltc#191231).
   - smb3: add dynamic trace point to trace when credits obtained
     (bsc#1181507).
   - smb3: fix crediting for compounding when only one request in flight
     (bsc#1181507).
   - soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
   - staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).
   - staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).
   - thermal/core: Add NULL pointer check before using cooling device stats
     (git-fixes).
   - USB: cdc-acm: downgrade message to debug (git-fixes).
   - USB: cdc-acm: untangle a circular dependency between callback and
     softint (git-fixes).
   - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
     (git-fixes).
   - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
     (git-fixes).
   - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
     (bsc#1152489).
   - x86/ioapic: Ignore IRQ2 again (bsc#1152489).
   - x86/mem_encrypt: Correct physical address calculation in
     __set_clr_pte_enc() (bsc#1152489).
   - xen/events: fix setting irq affinity (bsc#1184583).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:

      zypper in -t patch openSUSE-2021-579=1



Package List:

   - openSUSE Leap 15.2 (x86_64):

      kernel-debug-5.3.18-lp152.72.1
      kernel-debug-debuginfo-5.3.18-lp152.72.1
      kernel-debug-debugsource-5.3.18-lp152.72.1
      kernel-debug-devel-5.3.18-lp152.72.1
      kernel-debug-devel-debuginfo-5.3.18-lp152.72.1
      kernel-default-5.3.18-lp152.72.1
      kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1
      kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1
      kernel-default-debuginfo-5.3.18-lp152.72.1
      kernel-default-debugsource-5.3.18-lp152.72.1
      kernel-default-devel-5.3.18-lp152.72.1
      kernel-default-devel-debuginfo-5.3.18-lp152.72.1
      kernel-kvmsmall-5.3.18-lp152.72.1
      kernel-kvmsmall-debuginfo-5.3.18-lp152.72.1
      kernel-kvmsmall-debugsource-5.3.18-lp152.72.1
      kernel-kvmsmall-devel-5.3.18-lp152.72.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.72.1
      kernel-obs-build-5.3.18-lp152.72.1
      kernel-obs-build-debugsource-5.3.18-lp152.72.1
      kernel-obs-qa-5.3.18-lp152.72.1
      kernel-preempt-5.3.18-lp152.72.1
      kernel-preempt-debuginfo-5.3.18-lp152.72.1
      kernel-preempt-debugsource-5.3.18-lp152.72.1
      kernel-preempt-devel-5.3.18-lp152.72.1
      kernel-preempt-devel-debuginfo-5.3.18-lp152.72.1
      kernel-syms-5.3.18-lp152.72.1

   - openSUSE Leap 15.2 (noarch):

      kernel-devel-5.3.18-lp152.72.1
      kernel-docs-5.3.18-lp152.72.1
      kernel-docs-html-5.3.18-lp152.72.1
      kernel-macros-5.3.18-lp152.72.1
      kernel-source-5.3.18-lp152.72.1
      kernel-source-vanilla-5.3.18-lp152.72.1


References:

   https://www.suse.com/security/cve/CVE-2020-25670.html
   https://www.suse.com/security/cve/CVE-2020-25671.html
   https://www.suse.com/security/cve/CVE-2020-25672.html
   https://www.suse.com/security/cve/CVE-2020-25673.html
   https://www.suse.com/security/cve/CVE-2020-36310.html
   https://www.suse.com/security/cve/CVE-2020-36311.html
   https://www.suse.com/security/cve/CVE-2020-36312.html
   https://www.suse.com/security/cve/CVE-2020-36322.html
   https://www.suse.com/security/cve/CVE-2021-28950.html
   https://www.suse.com/security/cve/CVE-2021-29154.html
   https://www.suse.com/security/cve/CVE-2021-30002.html
   https://www.suse.com/security/cve/CVE-2021-3483.html
   https://bugzilla.suse.com/1047233
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1113295
   https://bugzilla.suse.com/1152489
   https://bugzilla.suse.com/1154353
   https://bugzilla.suse.com/1155518
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1167574
   https://bugzilla.suse.com/1175995
   https://bugzilla.suse.com/1178181
   https://bugzilla.suse.com/1181507
   https://bugzilla.suse.com/1183405
   https://bugzilla.suse.com/1184074
   https://bugzilla.suse.com/1184120
   https://bugzilla.suse.com/1184194
   https://bugzilla.suse.com/1184211
   https://bugzilla.suse.com/1184388
   https://bugzilla.suse.com/1184391
   https://bugzilla.suse.com/1184393
   https://bugzilla.suse.com/1184485
   https://bugzilla.suse.com/1184509
   https://bugzilla.suse.com/1184511
   https://bugzilla.suse.com/1184512
   https://bugzilla.suse.com/1184514
   https://bugzilla.suse.com/1184583
   https://bugzilla.suse.com/1184585
   https://bugzilla.suse.com/1184647

Warning: getimagesize(/images/distros-large/opensuse-large.png): failed to open stream: No such file or directory in /var/www/webstage.linuxsecurity.com-443/html/templates/newsberg/html/com_content/article/default.php on line 107

Warning: Division by zero in /var/www/webstage.linuxsecurity.com-443/html/templates/newsberg/html/com_content/article/default.php on line 110

openSUSE: 2021:0579-1 important: the Linux Kernel

An update that solves 12 vulnerabilities and has 15 fixes is now available.

   openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2021:0579-1
Rating:             important
References:         #1047233 #1065729 #1113295 #1152489 #1154353 
                    #1155518 #1156395 #1167574 #1175995 #1178181 
                    #1181507 #1183405 #1184074 #1184120 #1184194 
                    #1184211 #1184388 #1184391 #1184393 #1184485 
                    #1184509 #1184511 #1184512 #1184514 #1184583 
                    #1184585 #1184647 
Cross-References:   CVE-2020-25670 CVE-2020-25671 CVE-2020-25672
                    CVE-2020-25673 CVE-2020-36310 CVE-2020-36311
                    CVE-2020-36312 CVE-2020-36322 CVE-2021-28950
                    CVE-2021-29154 CVE-2021-30002 CVE-2021-3483
                   
CVSS scores:
                    CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
                    CVE-2020-36310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
                    CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    openSUSE Leap 15.2
______________________________________________________________________________

   An update that solves 12 vulnerabilities and has 15 fixes
   is now available.

Description:

   The openSUSE Linux Leap 15.2 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
   - CVE-2021-30002: Fixed a memory leak for large arguments in
     video_usercopy (bsc#1184120).
   - CVE-2021-29154: Fixed incorrect computation of branch displacements,
     allowing arbitrary code execution (bsc#1184391).
   - CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop
     continually was finding the same bad inode (bsc#1184194).
   - CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509
     ).
   - CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
     destruction of a large SEV VM (bsc#1184511).
   - CVE-2020-36310: Fixed infinite loop for certain nested page faults
     (bsc#1184512).
   - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
     multiple bugs in NFC subsytem (bsc#1178181).
   - CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem
     implementation which could have caused a system crash (bsc#1184211).

   The following non-security bugs were fixed:

   - ALSA: aloop: Fix initialization of controls (git-fixes).
   - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
   - appletalk: Fix skb allocation size in loopback case (git-fixes).
   - ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
   - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
   - ASoC: intel: atom: Remove 44100 sample-rate from the media and
     deep-buffer DAI descriptions (git-fixes).
   - ASoC: intel: atom: Stop advertising non working S24LE support
     (git-fixes).
   - ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
   - ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
   - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
     (git-fixes).
   - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
     (git-fixes).
   - atl1c: fix error return code in atl1c_probe() (git-fixes).
   - atl1e: fix error return code in atl1e_probe() (git-fixes).
   - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
     (git-fixes).
   - bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).
   - bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
   - bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518).
   - brcmfmac: clear EAP/association status bits on linkdown events
     (git-fixes).
   - bus: ti-sysc: Fix warning on unbind if reset is not deasserted
     (git-fixes).
   - cifs: change noisy error message to FYI (bsc#1181507).
   - cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
   - cifs: do not send close in compound create+close requests (bsc#1181507).
   - cifs: New optype for session operations (bsc#1181507).
   - cifs: print MIDs in decimal notation (bsc#1181507).
   - cifs: return proper error code in statfs(2) (bsc#1181507).
   - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
   - clk: fix invalid usage of list cursor in register (git-fixes).
   - clk: fix invalid usage of list cursor in unregister (git-fixes).
   - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
   - dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574,
     bsc#1175995, bsc#1184485).
   - drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
     (git-fixes).
   - drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
   - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
     (git-fixes).
   - drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
   - drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs
     (git-fixes).
   - drm/msm: Ratelimit invalid-fence message (git-fixes).
   - drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
   - enetc: Fix reporting of h/w packet counters (git-fixes).
   - fix Patch-mainline:
     patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch
   - fix patch metadata
   - fuse: fix bad inode (bsc#1184211).
   - fuse: fix live lock in fuse_iget() (bsc#1184211).
   - gianfar: Handle error code at MAC address change (git-fixes).
   - i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
   - i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
   - ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
   - iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).
   - kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
   - libbpf: Fix INSTALL flag order (bsc#1155518).
   - libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).
   - locking/mutex: Fix non debug version of mutex_lock_io_nested()
     (git-fixes).
   - mac80211: choose first enabled channel for monitor (git-fixes).
   - mac80211: fix TXQ AC confusion (git-fixes).
   - mISDN: fix crash in fritzpci (git-fixes).
   - net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
   - net: b44: fix error return code in b44_init_one() (git-fixes).
   - net: ethernet: ti: cpsw: fix error return code in cpsw_probe()
     (git-fixes).
   - net: hns3: Remove the left over redundant check & assignment
     (bsc#1154353).
   - net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
   - net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
   - net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
   - net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
   - net: qualcomm: rmnet: Fix incorrect receive packet handling during
     cleanup (git-fixes).
   - net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
   - net: wan/lmc: unregister device when no matching device is found
     (git-fixes).
   - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
     (git-fixes).
   - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
     (git-fixes).
   - PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
   - post.sh: Return an error when module update fails (bsc#1047233
     bsc#1184388).
   - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
     (bsc#1065729).
   - powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
   - powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
   - powerpc/sstep: Check instruction validity against ISA version before
     emulation (bsc#1156395).
   - powerpc/sstep: Fix darn emulation (bsc#1156395).
   - powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
   - powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
   - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
   - RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
   - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).
   - rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12.
   - rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package
     (bsc#1184514) The devel package requires the kernel binary package
     itself for building modules externally.
   - samples/bpf: Fix possible hang in xdpsock with multiple threads
     (bsc#1155518).
   - scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647
     ltc#191231).
   - smb3: add dynamic trace point to trace when credits obtained
     (bsc#1181507).
   - smb3: fix crediting for compounding when only one request in flight
     (bsc#1181507).
   - soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
   - staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).
   - staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).
   - thermal/core: Add NULL pointer check before using cooling device stats
     (git-fixes).
   - USB: cdc-acm: downgrade message to debug (git-fixes).
   - USB: cdc-acm: untangle a circular dependency between callback and
     softint (git-fixes).
   - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
     (git-fixes).
   - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
     (git-fixes).
   - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
     (bsc#1152489).
   - x86/ioapic: Ignore IRQ2 again (bsc#1152489).
   - x86/mem_encrypt: Correct physical address calculation in
     __set_clr_pte_enc() (bsc#1152489).
   - xen/events: fix setting irq affinity (bsc#1184583).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:

      zypper in -t patch openSUSE-2021-579=1



Package List:

   - openSUSE Leap 15.2 (x86_64):

      kernel-debug-5.3.18-lp152.72.1
      kernel-debug-debuginfo-5.3.18-lp152.72.1
      kernel-debug-debugsource-5.3.18-lp152.72.1
      kernel-debug-devel-5.3.18-lp152.72.1
      kernel-debug-devel-debuginfo-5.3.18-lp152.72.1
      kernel-default-5.3.18-lp152.72.1
      kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1
      kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1
      kernel-default-debuginfo-5.3.18-lp152.72.1
      kernel-default-debugsource-5.3.18-lp152.72.1
      kernel-default-devel-5.3.18-lp152.72.1
      kernel-default-devel-debuginfo-5.3.18-lp152.72.1
      kernel-kvmsmall-5.3.18-lp152.72.1
      kernel-kvmsmall-debuginfo-5.3.18-lp152.72.1
      kernel-kvmsmall-debugsource-5.3.18-lp152.72.1
      kernel-kvmsmall-devel-5.3.18-lp152.72.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.72.1
      kernel-obs-build-5.3.18-lp152.72.1
      kernel-obs-build-debugsource-5.3.18-lp152.72.1
      kernel-obs-qa-5.3.18-lp152.72.1
      kernel-preempt-5.3.18-lp152.72.1
      kernel-preempt-debuginfo-5.3.18-lp152.72.1
      kernel-preempt-debugsource-5.3.18-lp152.72.1
      kernel-preempt-devel-5.3.18-lp152.72.1
      kernel-preempt-devel-debuginfo-5.3.18-lp152.72.1
      kernel-syms-5.3.18-lp152.72.1

   - openSUSE Leap 15.2 (noarch):

      kernel-devel-5.3.18-lp152.72.1
      kernel-docs-5.3.18-lp152.72.1
      kernel-docs-html-5.3.18-lp152.72.1
      kernel-macros-5.3.18-lp152.72.1
      kernel-source-5.3.18-lp152.72.1
      kernel-source-vanilla-5.3.18-lp152.72.1


References:

   https://www.suse.com/security/cve/CVE-2020-25670.html
   https://www.suse.com/security/cve/CVE-2020-25671.html
   https://www.suse.com/security/cve/CVE-2020-25672.html
   https://www.suse.com/security/cve/CVE-2020-25673.html
   https://www.suse.com/security/cve/CVE-2020-36310.html
   https://www.suse.com/security/cve/CVE-2020-36311.html
   https://www.suse.com/security/cve/CVE-2020-36312.html
   https://www.suse.com/security/cve/CVE-2020-36322.html
   https://www.suse.com/security/cve/CVE-2021-28950.html
   https://www.suse.com/security/cve/CVE-2021-29154.html
   https://www.suse.com/security/cve/CVE-2021-30002.html
   https://www.suse.com/security/cve/CVE-2021-3483.html
   https://bugzilla.suse.com/1047233
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1113295
   https://bugzilla.suse.com/1152489
   https://bugzilla.suse.com/1154353
   https://bugzilla.suse.com/1155518
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1167574
   https://bugzilla.suse.com/1175995
   https://bugzilla.suse.com/1178181
   https://bugzilla.suse.com/1181507
   https://bugzilla.suse.com/1183405
   https://bugzilla.suse.com/1184074
   https://bugzilla.suse.com/1184120
   https://bugzilla.suse.com/1184194
   https://bugzilla.suse.com/1184211
   https://bugzilla.suse.com/1184388
   https://bugzilla.suse.com/1184391
   https://bugzilla.suse.com/1184393
   https://bugzilla.suse.com/1184485
   https://bugzilla.suse.com/1184509
   https://bugzilla.suse.com/1184511
   https://bugzilla.suse.com/1184512
   https://bugzilla.suse.com/1184514
   https://bugzilla.suse.com/1184583
   https://bugzilla.suse.com/1184585
   https://bugzilla.suse.com/1184647

Print  

openSUSE: 2021:0579-1 important: the Linux Kernel

April 19, 2021
An update that solves 12 vulnerabilities and has 15 fixes is now available.

Summary

security and bugfixes. The following security bugs were fixed: - CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393). - CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120). - CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391). - CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194). - CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ). - CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511). - CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512). - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181). - CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem implementation which could have caused a system crash (bsc#1184211). The following non-security bugs were fixed: - ALSA: aloop: Fix initialization of controls (git-fixes). - ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes). - appletalk: Fix skb allocation size in loopback case (git-fixes). - ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes). - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes). - ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer DAI descriptions (git-fixes). - ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes). - ASoC: max98373: Added 30ms turn on/off time delay (git-fixes). - ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes). - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes). - ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (git-fixes). - atl1c: fix error return code in atl1c_probe() (git-fixes). - atl1e: fix error return code in atl1e_probe() (git-fixes). - batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field (git-fixes). - bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518). - bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518). - bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518). - brcmfmac: clear EAP/association status bits on linkdown events (git-fixes). - bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes). - cifs: change noisy error message to FYI (bsc#1181507). - cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507). - cifs: do not send close in compound create+close requests (bsc#1181507). - cifs: New optype for session operations (bsc#1181507). - cifs: print MIDs in decimal notation (bsc#1181507). - cifs: return proper error code in statfs(2) (bsc#1181507). - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507). - clk: fix invalid usage of list cursor in register (git-fixes). - clk: fix invalid usage of list cursor in unregister (git-fixes). - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes). - dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574, bsc#1175995, bsc#1184485). - drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes). - drm/amdgpu: check alignment on CPU page for bo map (git-fixes). - drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (git-fixes). - drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074). - drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs (git-fixes). - drm/msm: Ratelimit invalid-fence message (git-fixes). - drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes). - enetc: Fix reporting of h/w packet counters (git-fixes). - fix Patch-mainline: patches.suse/cifs_debug-use-pd-instead-of-messing-with-d_name.patch - fix patch metadata - fuse: fix bad inode (bsc#1184211). - fuse: fix live lock in fuse_iget() (bsc#1184211). - gianfar: Handle error code at MAC address change (git-fixes). - i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025). - i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025). - ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926). - iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585). - kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes). - libbpf: Fix INSTALL flag order (bsc#1155518). - libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518). - locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes). - mac80211: choose first enabled channel for monitor (git-fixes). - mac80211: fix TXQ AC confusion (git-fixes). - mISDN: fix crash in fritzpci (git-fixes). - net: atheros: switch from 'pci_' to 'dma_' API (git-fixes). - net: b44: fix error return code in b44_init_one() (git-fixes). - net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes). - net: hns3: Remove the left over redundant check & assignment (bsc#1154353). - net: lantiq: Wait for the GPHY firmware to be ready (git-fixes). - net/mlx5: Fix PPLM register mapping (jsc#SLE-8464). - net: pasemi: fix error return code in pasemi_mac_open() (git-fixes). - net: phy: broadcom: Only advertise EEE for supported modes (git-fixes). - net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup (git-fixes). - net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405) - net: wan/lmc: unregister device when no matching device is found (git-fixes). - platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (git-fixes). - platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (git-fixes). - PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes). - post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388). - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729). - powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes). - powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729). - powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1156395). - powerpc/sstep: Fix darn emulation (bsc#1156395). - powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395). - powerpc/sstep: Fix load-store and update emulation (bsc#1156395). - qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes). - RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489). - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes). - rpm/check-for-config-changes: Also ignore AS_VERSION added in 5.12. - rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514) The devel package requires the kernel binary package itself for building modules externally. - samples/bpf: Fix possible hang in xdpsock with multiple threads (bsc#1155518). - scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231). - smb3: add dynamic trace point to trace when credits obtained (bsc#1181507). - smb3: fix crediting for compounding when only one request in flight (bsc#1181507). - soc/fsl: qbman: fix conflicting alignment attributes (git-fixes). - staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes). - staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes). - thermal/core: Add NULL pointer check before using cooling device stats (git-fixes). - USB: cdc-acm: downgrade message to debug (git-fixes). - USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes). - usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (git-fixes). - USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes). - x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#1152489). - x86/ioapic: Ignore IRQ2 again (bsc#1152489). - x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (bsc#1152489). - xen/events: fix setting irq affinity (bsc#1184583). Special Instructions and Notes: Please reboot the system after installing this update.

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-579=1

List

Package List: - openSUSE Leap 15.2 (x86_64): kernel-debug-5.3.18-lp152.72.1 kernel-debug-debuginfo-5.3.18-lp152.72.1 kernel-debug-debugsource-5.3.18-lp152.72.1 kernel-debug-devel-5.3.18-lp152.72.1 kernel-debug-devel-debuginfo-5.3.18-lp152.72.1 kernel-default-5.3.18-lp152.72.1 kernel-default-base-5.3.18-lp152.72.1.lp152.8.30.1 kernel-default-base-rebuild-5.3.18-lp152.72.1.lp152.8.30.1 kernel-default-debuginfo-5.3.18-lp152.72.1 kernel-default-debugsource-5.3.18-lp152.72.1 kernel-default-devel-5.3.18-lp152.72.1 kernel-default-devel-debuginfo-5.3.18-lp152.72.1 kernel-kvmsmall-5.3.18-lp152.72.1 kernel-kvmsmall-debuginfo-5.3.18-lp152.72.1 kernel-kvmsmall-debugsource-5.3.18-lp152.72.1 kernel-kvmsmall-devel-5.3.18-lp152.72.1 kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.72.1 kernel-obs-build-5.3.18-lp152.72.1 kernel-obs-build-debugsource-5.3.18-lp152.72.1 kernel-obs-qa-5.3.18-lp152.72.1 kernel-preempt-5.3.18-lp152.72.1 kernel-preempt-debuginfo-5.3.18-lp152.72.1 kernel-preempt-debugsource-5.3.18-lp152.72.1 kernel-preempt-devel-5.3.18-lp152.72.1 kernel-preempt-devel-debuginfo-5.3.18-lp152.72.1 kernel-syms-5.3.18-lp152.72.1 - openSUSE Leap 15.2 (noarch): kernel-devel-5.3.18-lp152.72.1 kernel-docs-5.3.18-lp152.72.1 kernel-docs-html-5.3.18-lp152.72.1 kernel-macros-5.3.18-lp152.72.1 kernel-source-5.3.18-lp152.72.1 kernel-source-vanilla-5.3.18-lp152.72.1
Severity
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:0579-1
Rating: important
References: #1047233 #1065729 #1113295 #1152489 #1154353
#1155518 #1156395 #1167574 #1175995 #1178181
#1181507 #1183405 #1184074 #1184120 #1184194
#1184211 #1184388 #1184391 #1184393 #1184485
#1184509 #1184511 #1184512 #1184514 #1184583
#1184585 #1184647

References

Cross-References: CVE-2020-25670 CVE-2020-25671 CVE-2020-25672 CVE-2020-25673 CVE-2020-36310 CVE-2020-36311 CVE-2020-36312 CVE-2020-36322 CVE-2021-28950 CVE-2021-29154 CVE-2021-30002 CVE-2021-3483 CVSS scores: CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2020-36310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 References: https://www.suse.com/security/cve/CVE-2020-25670.html https://www.suse.com/security/cve/CVE-2020-25671.html https://www.suse.com/security/cve/CVE-2020-25672.html https://www.suse.com/security/cve/CVE-2020-25673.html https://www.suse.com/security/cve/CVE-2020-36310.html https://www.suse.com/security/cve/CVE-2020-36311.html https://www.suse.com/security/cve/CVE-2020-36312.html https://www.suse.com/security/cve/CVE-2020-36322.html https://www.suse.com/security/cve/CVE-2021-28950.html https://www.suse.com/security/cve/CVE-2021-29154.html https://www.suse.com/security/cve/CVE-2021-30002.html https://www.suse.com/security/cve/CVE-2021-3483.html https://bugzilla.suse.com/1047233 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1113295 https://bugzilla.suse.com/1152489 https://bugzilla.suse.com/1154353 https://bugzilla.suse.com/1155518 https://bugzilla.suse.com/1156395 https://bugzilla.suse.com/1167574 https://bugzilla.suse.com/1175995 https://bugzilla.suse.com/1178181 https://bugzilla.suse.com/1181507 https://bugzilla.suse.com/1183405 https://bugzilla.suse.com/1184074 https://bugzilla.suse.com/1184120 https://bugzilla.suse.com/1184194 https://bugzilla.suse.com/1184211 https://bugzilla.suse.com/1184388 https://bugzilla.suse.com/1184391 https://bugzilla.suse.com/1184393 https://bugzilla.suse.com/1184485 https://bugzilla.suse.com/1184509 https://bugzilla.suse.com/1184511 https://bugzilla.suse.com/1184512 https://bugzilla.suse.com/1184514 https://bugzilla.suse.com/1184583 https://bugzilla.suse.com/1184585 https://bugzilla.suse.com/1184647

Related News

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.