Bug 1181753 (CVE-2021-26931)

Summary: VUL-0: CVE-2021-26931: kernel-source: Linux backends treating grant mapping errors as bugs (XSA-362 v3)
Product: [Novell Products] SUSE Security Incidents Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: IncidentsAssignee: Jan Beulich <jbeulich>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: carlos.lopez, carnold, gabriele.sonnu, jbeulich, kernel-bugs, meissner, mhocko, security-team, xen-bugs
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/277048/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-26931:6.5:(AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 3 Alexandros Toptsoglou 2021-02-15 16:21:06 UTC 
Tracked the following branches as affected: 

3.0,4.4,4.12 and SLE15-SP2
Comment 4 Alexandros Toptsoglou 2021-02-16 12:59:50 UTC 
now public through https://xenbits.xen.org/xsa/advisory-362.html


            Xen Security Advisory CVE-2021-26931 / XSA-362
                               version 3

         Linux: backends treating grant mapping errors as bugs

UPDATES IN VERSION 3
====================

Public release.

ISSUE DESCRIPTION
=================

Block, net, and SCSI backends consider certain errors a plain bug,
deliberately causing a kernel crash.  For errors potentially being at
least under the influence of guests, like out of memory conditions, it
isn't correct to assume so.  Memory allocations potentially causing
such crashes occur only when Linux is running in PV mode, though.

IMPACT
======

A malicious or buggy frontend driver may be able to crash the
corresponding backend driver, potentially affecting the entire domain
running the backend driver.

VULNERABLE SYSTEMS
==================

Linux versions from at least 2.6.39 onwards are vulnerable, when run in
PV mode.  Earlier versions differ significantly in behavior and may
therefore instead surface other issues under the same conditions.  Linux
run in HVM / PVH modes is not vulnerable.

MITIGATION
==========

For Linux, running the backends in HVM or PVH domains will avoid the
vulnerability.

For protocols where non-Linux-kernel based backends are available,
reconfiguring guests to use alternative (e.g. qemu-based) backends may
allow to avoid the vulnerability.

In all other cases there is no known mitigation.

CREDITS
=======

This issue was discovered by Jan Beulich of SUSE.

RESOLUTION
==========

Applying the appropriate attached patches resolves this issue.

Applying the attached patches resolves this issue.

xsa362-linux-1.patch           Linux 5.11-rc - 5.10
xsa362-linux-2.patch           Linux 5.11-rc - 3.16
xsa362-linux-3.patch           Linux 5.11-rc - 4.1

$ sha256sum xsa362*
d64334807f16ff9909503b3cc9b8b93fd42d2c36e1fb0e508b89a765a53071a8  xsa362-linux-1.patch
b6d02952e7fbede55b868cb2dc4d8853284996883dc72518a0cd5b14d6c7fdd4  xsa362-linux-2.patch
0a2661380d8f786fefe12e5a8b1528d4a79f1ad058c26b417c52449a7e16a302  xsa362-linux-3.patch
$
Comment 6 Jürgen Groß 2021-03-01 06:04:58 UTC 
In case something needs to be done for kernel-xen
Comment 12 OBSbugzilla Bot 2021-03-03 01:43:59 UTC 
This is an autogenerated message for OBS integration:
This bug (1181753) was mentioned in
https://build.opensuse.org/request/show/876318 15.2 / kernel-source
Comment 21 Swamp Workflow Management 2021-03-08 11:25:58 UTC 
openSUSE-SU-2021:0393-1: An update that solves 9 vulnerabilities and has 115 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182697,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.66.2, kernel-default-5.3.18-lp152.66.2, kernel-default-base-5.3.18-lp152.66.2.lp152.8.23.2, kernel-docs-5.3.18-lp152.66.2, kernel-kvmsmall-5.3.18-lp152.66.2, kernel-obs-build-5.3.18-lp152.66.2, kernel-obs-qa-5.3.18-lp152.66.2, kernel-preempt-5.3.18-lp152.66.2, kernel-source-5.3.18-lp152.66.2, kernel-syms-5.3.18-lp152.66.2
Comment 22 Swamp Workflow Management 2021-03-09 20:24:32 UTC 
SUSE-SU-2021:0738-1: An update that solves 9 vulnerabilities and has 114 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.38.1, kernel-source-azure-5.3.18-18.38.1, kernel-syms-azure-5.3.18-18.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2021-03-09 20:33:41 UTC 
SUSE-SU-2021:0744-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1178372,1181747,1181753,1181843,1182175
CVE References: CVE-2020-28374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.152.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2021-03-09 20:36:18 UTC 
SUSE-SU-2021:0743-1: An update that solves four vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1177440,1178372,1181747,1181753,1181843,1182175
CVE References: CVE-2020-28374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.141.2
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2021-03-09 20:53:20 UTC 
SUSE-SU-2021:0735-1: An update that solves 9 vulnerabilities and has 112 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180989,1181133,1181259,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856,1183022
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-28.1, kernel-rt_debug-5.3.18-28.1, kernel-source-rt-5.3.18-28.1, kernel-syms-rt-5.3.18-28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2021-03-09 21:10:21 UTC 
SUSE-SU-2021:0741-1: An update that solves 9 vulnerabilities and has 117 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182110,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182341,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182507,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.52.1, kernel-default-base-5.3.18-24.52.1.9.24.1
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-preempt-5.3.18-24.52.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-livepatch-SLE15-SP2_Update_11-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.52.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.52.1, kernel-obs-build-5.3.18-24.52.1, kernel-preempt-5.3.18-24.52.1, kernel-source-5.3.18-24.52.1, kernel-syms-5.3.18-24.52.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-default-base-5.3.18-24.52.1.9.24.1, kernel-preempt-5.3.18-24.52.1, kernel-source-5.3.18-24.52.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2021-03-09 21:22:55 UTC 
SUSE-SU-2021:0736-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1065600,1163592,1176831,1178401,1178762,1179014,1179015,1179045,1179082,1179428,1179660,1180058,1180906,1181441,1181747,1181753,1181843,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.71.1, kgraft-patch-SLE12-SP4_Update_19-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.71.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2021-03-09 21:26:58 UTC 
SUSE-SU-2021:0737-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1065600,1163617,1170442,1176855,1179082,1179428,1179660,1180058,1180262,1180964,1181671,1181747,1181753,1181843,1181854,1182047,1182130,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1, kernel-zfcpdump-4.12.14-197.86.1
SUSE Manager Retail Branch Server 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Manager Proxy 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1, kernel-zfcpdump-4.12.14-197.86.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.86.1, kernel-livepatch-SLE15-SP1_Update_23-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.86.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2021-03-09 21:32:41 UTC 
SUSE-SU-2021:0740-1: An update that solves 5 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1065600,1163592,1178401,1178762,1179014,1179015,1179045,1179082,1179428,1179660,1180058,1181747,1181753,1181843,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1, kernel-zfcpdump-4.12.14-150.69.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.69.1, kernel-livepatch-SLE15_Update_23-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.69.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Jan Beulich 2021-03-17 09:46:52 UTC 
I've checked the old kernel-xen sources, where the BUG() uses originally came from (afaict). There they (legitimately) sit only directly on return values from HYPERVISOR_grant_table_op(). "Legitimately" as far as guest control over this goes - using BUG() for error handling isn't great, but if these triggered they would truly identify a kernel bug.
Comment 35 Swamp Workflow Management 2021-04-13 19:30:44 UTC 
SUSE-SU-2021:1175-1: An update that solves 24 vulnerabilities and has 51 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.50.1, kernel-source-azure-4.12.14-16.50.1, kernel-syms-azure-4.12.14-16.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2021-04-13 19:39:28 UTC 
SUSE-SU-2021:1176-1: An update that solves 25 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1177411,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.37.1, kernel-rt_debug-4.12.14-10.37.1, kernel-source-rt-4.12.14-10.37.1, kernel-syms-rt-4.12.14-10.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2021-04-15 16:36:01 UTC 
SUSE-SU-2021:1210-1: An update that solves 33 vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113295,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1178181,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183405,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183755,1183775,1183861,1183871,1184114,1184120,1184167,1184168,1184170,1184192,1184193,1184196,1184198,1184391,1184393,1184397,1184494,1184511,1184583
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2020-36311,CVE-2021-20219,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.66.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.66.2, kernel-obs-build-4.12.14-122.66.2
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kernel-source-4.12.14-122.66.2, kernel-syms-4.12.14-122.66.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kgraft-patch-SLE12-SP5_Update_17-1-8.3.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.66.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Jan Beulich 2022-05-23 11:52:39 UTC 
While not as obvious as for XSA-392, I'm once again wondering on what basis the old forward-port kernel was determined as affected here. The problem for pvops originated from the way they handle the P2M, resulting in memory allocations potentially being involved, which in turn can fail. The BUG() / BUG_ON() at the call sites may have been inherited from XenoLinux, but there they check _only_ whether the hypercalls themselves were successful. While that's not a great way of dealing with errors, there's nothing a frontend can do to trigger these.