SUSE-SU-2018:3659-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:3659-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:3659-1
Related
Published
2018-11-07T16:18:44Z
Modified
2018-11-07T16:18:44Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.162 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2018-7480: The blkcginitqueue function in block/blk-cgroup.c allowed local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure (bnc#1082863).
  • CVE-2018-7757: Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sasphy directory, as demonstrated by the /sys/class/sasphy/phy-1:0:12/invaliddword_count file (bnc#1084536).
  • CVE-2018-14613: There is an invalid pointer dereference in ioctlmappage() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in checkleaf_item in fs/btrfs/tree-checker.c (bnc#1102896).
  • CVE-2018-14617: There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory (bnc#1102870).
  • CVE-2018-14633: A security flaw was found in the chapservercompute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bnc#1107829).
  • CVE-2018-16276: Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges (bnc#1106095).
  • CVE-2018-16597: Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem (bnc#1106512).
  • CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).
  • CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
  • CVE-2018-9516: A lack of certain checks in the hiddebugevents_read() function in the drivers/hid/hid-debug.c file might have resulted in receiving userspace buffer overflow and an out-of-bounds write or to the infinite loop. (bnc#1108498).

The following non-security bugs were fixed:

  • 6lowpan: iphc: reset mac_header after decompress to fix panic (bnc#1012382).
  • alsa: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bnc#1012382).
  • alsa: emu10k1: fix possible info leak to userspace on SNDRVEMU10K1IOCTL_INFO (bnc#1012382).
  • alsa: hda: Add AZXDCAPSPM_RUNTIME for AMD Raven Ridge (bnc#1012382).
  • alsa: hda - Fix cancelworksync() stall from jackpoll work (bnc#1012382).
  • alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bnc#1012382).
  • alsa: msnd: Fix the default sample sizes (bnc#1012382).
  • alsa: pcm: Fix sndintervalrefine first/last with open min/max (bnc#1012382).
  • alsa: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bnc#1012382).
  • apparmor: remove no-op permission check in policy_unpack (git-fixes).
  • arc: build: Get rid of toolchain check (bnc#1012382).
  • arc: clone syscall to setp r25 as thread pointer (bnc#1012382).
  • arch/hexagon: fix kernel/dma.c build warning (bnc#1012382).
  • arc: [plat-axs*]: Enable SWAP (bnc#1012382).
  • arm64: bpf: jit JMPJSET{X,K} (bsc#1110613).
  • arm64: Correct type for PUD macros (bsc#1110600).
  • arm64: cpufeature: Track 32bit EL0 support (bnc#1012382).
  • arm64: dts: qcom: db410c: Fix Bluetooth LED trigger (bnc#1012382).
  • arm64: fix erroneous _rawreadsystemreg() cases (bsc#1110606).
  • arm64: Fix potential race with hardware DBM in ptepsetaccess_flags() (bsc#1110605).
  • arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1110603).
  • arm64: jumplabel.h: use asmvolatile_goto macro instead of 'asm goto' (bnc#1012382).
  • arm64: kasan: avoid bad virttopfn() (bsc#1110612).
  • arm64: kasan: avoid pfntonid() before page array is initialized (bsc#1110619).
  • arm64/kasan: do not allocate extra shadow memory (bsc#1110611).
  • arm64: kernel: Update kerneldoc for cpu_suspend() rename (bsc#1110602).
  • arm64: kgdb: handle read-only text / modules (bsc#1110604).
  • arm64: kvm: Sanitize PSTATE.M when being set from userspace (bnc#1012382).
  • arm64: kvm: Tighten guest core register access from userspace (bnc#1012382).
  • arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1110618).
  • arm64: ptrace: Avoid setting compat FP[SC]R to garbage if get_user fails (bsc#1110601).
  • arm64: supported.conf: mark armmmci as not supported
  • arm64 Update config files. (bsc#1110468) Set MMCQCOMDML to build-in and delete driver from supported.conf
  • arm64: vdso: fix clock_getres for 4GiB-aligned res (bsc#1110614).
  • arm: dts: at91: add new compatibility string for macb on sama5d3 (bnc#1012382).
  • arm: dts: dra7: fix DCAN node addresses (bnc#1012382).
  • arm: exynos: Clear global variable on init error path (bnc#1012382).
  • arm: hisi: check ofiomap and fix missing ofnode_put (bnc#1012382).
  • arm: hisi: fix error handling and missing ofnodeput (bnc#1012382).
  • arm: hisi: handle ofiomap and fix missing ofnode_put (bnc#1012382).
  • arm: mvebu: declare asm symbols as character arrays in pmsu.c (bnc#1012382).
  • asm/sections: add helpers to check for section data (bsc#1063026).
  • asoc: cs4265: fix MMTLR Data switch control (bnc#1012382).
  • asoc: dapm: Fix potential DAI widget pointer deref when linking DAIs (bnc#1012382).
  • asoc: sigmadsp: safeload should not have lower byte limit (bnc#1012382).
  • asoc: wm8804: Add ACPI support (bnc#1012382).
  • asoc: wm8994: Fix missing break in switch (bnc#1012382).
  • ata: libahci: Correct setting of DEVSLP register (bnc#1012382).
  • ath10k: disable bundle mgmt tx completion event support (bnc#1012382).
  • ath10k: fix scan crash due to incorrect length calculation (bnc#1012382).
  • ath10k: fix use-after-free in ath10kwmicmdsendnowait (bnc#1012382).
  • ath10k: prevent active scans on potential unusable channels (bnc#1012382).
  • ath10k: protect ath10khttrxringfree with rx_ring.lock (bnc#1012382).
  • audit: fix use-after-free in auditaddwatch (bnc#1012382).
  • autofs: fix autofs_sbi() does not check super block type (bnc#1012382).
  • binfmt_elf: Respect error return from `regset->active' (bnc#1012382).
  • block: bvecnrvecs() returns value for wrong slab (bsc#1082979).
  • bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bnc#1012382).
  • bluetooth: h5: Fix missing dependency on BTHCIUARTSERDEV (bnc#1012382).
  • bluetooth: hidp: Fix handling of strncpy for hid->name information (bnc#1012382).
  • bnxt_en: Fix TX timeout during netpoll (bnc#1012382).
  • bonding: avoid possible dead-lock (bnc#1012382).
  • bpf: fix cb access in socket filter programs on tail calls (bsc#1012382).
  • bpf: fix map not being uncharged during map creation failure (bsc#1012382).
  • bpf: fix overflow in prog accounting (bsc#1012382).
  • bpf, s390: fix potential memleak when later bpfjitprog fails (git-fixes).
  • bpf, s390x: do not reload skb pointers in non-skb context (git-fixes).
  • btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: add missing initialization in btrfscheckshared (Git-fixes bsc#1112262).
  • btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: fix error handling in btrfsdevreplace_start (bsc#1107535).
  • btrfs: fix missing error return in btrfsdropsnapshot (Git-fixes bsc#1109919).
  • btrfs: Fix race condition between delayed refs and blockgroup removal (Git-fixes bsc#1112263).
  • btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).
  • btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).
  • btrfs: scrub: Do not use inode page cache in scrubhandleerrored_block() (bsc#1108096).
  • btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Enhance btrfschecknode output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Enhance output for btrfscheckleaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Enhance output for checkcsumitem (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Enhance output for checkextentdata_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: tree-checker: Verify blockgroupitem (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • btrfs: use correct compare function of dirtymetadatabytes (bnc#1012382).
  • btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
  • ceph: avoid a use-after-free in cephdestroyoptions() (bsc#1112007).
  • cfg80211: fix a type issue in ieee80211chandeftooperatingclass() (bnc#1012382).
  • cfg80211: nl80211updatefties() to validate NL80211ATTR_IE (bnc#1012382).
  • cfq: Give a chance for arming slice idle timer in case of group_idle (bnc#1012382).
  • cgroup: Fix deadlock in cpu hotplug path (bnc#1012382).
  • cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).
  • cifs: connect to servername instead of IP for IPC$ share (bsc#1106359).
  • cifs: fix wrapping bugs in num_entries() (bnc#1012382).
  • cifs: integer overflow in in SMB2_ioctl() (bsc#1012382).
  • cifs: prevent integer overflow in nxtdirentry() (bnc#1012382).
  • cifs: read overflow in isvalidoplock_break() (bnc#1012382).
  • clk: imx6ul: fix missing ofnodeput() (bnc#1012382).
  • clocksource/drivers/ti-32k: Add CLOCKSOURCESUSPEND_NONSTOP flag for non-am43 SoCs (bnc#1012382).
  • config.sh: set BUGZILLA_PRODUCT for SLE12-SP3
  • coresight: Handle errors in finding input/output ports (bnc#1012382).
  • coresight: tpiu: Fix disabling timeouts (bnc#1012382).
  • cpu/hotplug: Fix SMT supported evaluation (bsc#1089343).
  • crypto: clarify licensing of OpenSSL asm code ().
  • crypto: mxs-dcp - Fix wait logic on chan threads (bnc#1012382).
  • crypto: sharah - Unregister correct algorithms for SAHARA 3 (bnc#1012382).
  • crypto: skcipher - Fix -Wstringop-truncation warnings (bnc#1012382).
  • crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
  • debugobjects: Make stack check warning more informative (bnc#1012382).
  • define earlyradixenabled() (bsc#1094244).
  • dmaengine: pl330: fix irq race with terminate_all (bnc#1012382).
  • dm cache: fix resize crash if user does not reload cache table (bnc#1012382).
  • dm kcopyd: avoid softlockup in runcompletejob (bnc#1012382).
  • dm-mpath: do not try to access NULL rq (bsc#1110337).
  • dm-mpath: finally fixup cmd_flags (bsc#1110930).
  • dm thin metadata: fix __udivdi3 undefined on 32-bit (bnc#1012382).
  • dm thin metadata: try to avoid ever aborting transactions (bnc#1012382).
  • drivers: net: cpsw: fix parsing of phy-handle DT property in dual_emac config (bnc#1012382).
  • drivers: net: cpsw: fix segfault in case of bad phy-handle (bnc#1012382).
  • drivers/tty: add error handling for pcmcialoopconfig (bnc#1012382).
  • drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bnc#1012382).
  • drm/amdkfd: Fix error codes in kfdgetprocess (bnc#1012382).
  • drm/nouveau/drm/nouveau: Use pmruntimegetnoresume() in connectordetect() (bnc#1012382).
  • drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bnc#1012382).
  • drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bnc#1012382).
  • e1000: check on netifrunning() before calling e1000up() (bnc#1012382).
  • e1000: ensure to free old tx/rx rings in set_ringparam() (bnc#1012382).
  • ebtables: arpreply: Add the standard target sanity check (bnc#1012382).
  • edac: Fix memleak in module init error path (bsc#1109441).
  • edac, i7core: Fix memleaks and use-after-free on probe and remove (1109441).
  • ethernet: ti: davinciemac: add missing ofnodeput after calling ofparse_phandle (bnc#1012382).
  • ethtool: Remove trailing semicolon for static inline (bnc#1012382).
  • ext4: avoid divide by zero fault when deleting corrupted inline directories (bnc#1012382).
  • ext4: do not mark mmp buffer head dirty (bnc#1012382).
  • ext4: fix online resize's handling of a too-small final block group (bnc#1012382).
  • ext4: fix online resizing for bigalloc file systems with a 1k block size (bnc#1012382).
  • ext4: recalucate superblock checksum after updating free blocks/inodes (bnc#1012382).
  • f2fs: do not set free of current section (bnc#1012382).
  • f2fs: fix to do sanity check with {sit,nat}verbitmap_bytesize (bnc#1012382).
  • fat: validate ->i_start before using (bnc#1012382).
  • fbdev: Distinguish between interlaced and progressive modes (bnc#1012382).
  • fbdev/omapfb: fix omapfbmemoryread infoleak (bnc#1012382).
  • fbdev/via: fix defined but not used warning (bnc#1012382).
  • fixes: Commit cdbf92675fad ('mm: numa: avoid waiting on freed migrated pages') (bnc#1012382).
  • floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bnc#1012382).
  • follow-up fix for patches.arch/01-jumplabel-reduce-the-size-of-struct-statickey-kabi.patch. (bsc#1108803)
  • fork: do not copy inconsistent signal handler state to child (bnc#1012382).
  • fs/cifs: do not translate SFM_SLASH (U+F026) to backslash (bnc#1012382).
  • fs/cifs: suppress a string overflow warning (bnc#1012382).
  • fs/dcache.c: fix kmemcheck splat at takedentryname_snapshot() (bnc#1012382).
  • fs/eventpoll: loosen irq-safety when possible (bsc#1096052).
  • genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382).
  • gfs2: Special-case rindex for gfs2_grow (bnc#1012382).
  • gpio: adp5588: Fix sleep-in-atomic-context bug (bnc#1012382).
  • gpiolib: Mark gpiosuffixes array with _maybe_unused (bnc#1012382).
  • gpio: ml-ioh: Fix buffer underwrite on probe error path (bnc#1012382).
  • gpio: tegra: Move driver registration to subsys_init level (bnc#1012382).
  • gsosegment: Reset skb->maclen after modifying network header (bnc#1012382).
  • hexagon: modify ffs() and fls() to return int (bnc#1012382).
  • hfsplus: do not return 0 when fill_super() failed (bnc#1012382).
  • hfs: prevent crash on exit from failed search (bnc#1012382).
  • hid: hid-ntrig: add error handling for sysfscreategroup (bnc#1012382).
  • hid: sony: Support DS4 dongle (bnc#1012382).
  • hid: sony: Update device ids (bnc#1012382).
  • hv: avoid crash in vmbus sysfs files (bnc#1108377).
  • hwmon: (adt7475) Make adt7475readword() return errors (bnc#1012382).
  • hwmon: (ina2xx) fix sysfs shunt resistor read access (bnc#1012382).
  • i2c: i2c-scmi: fix for i2csmbuswriteblockdata (bnc#1012382).
  • i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bnc#1012382).
  • i2c: i801: fix DNV's SMBCTRL register offset (bnc#1012382).
  • i2c: uniphier-f: issue STOP only for last message or I2CMSTOP (bnc#1012382).
  • i2c: uniphier: issue STOP only for last message or I2CMSTOP (bnc#1012382).
  • i2c: xiic: Make the start and the byte count write atomic (bnc#1012382).
  • i2c: xlp9xx: Add support for SMBAlert (bsc#1103308).
  • i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1103308).
  • i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1103308).
  • i2c: xlp9xx: Make sure the transfer size is not more than I2CSMBUSBLOCK_SIZE (bsc#1103308).
  • ib/ipoib: Avoid a race condition between startxmit and cmrep_handler (bnc#1012382).
  • ib/srp: Avoid that sgreset -d ${srpdevice} triggers an infinite loop (bnc#1012382).
  • ibsrp: Remove WARNON in srpterminateio() (bsc#1094562).
  • input: atakbd - fix Atari CapsLock behaviour (bnc#1012382).
  • input: atakbd - fix Atari keymap (bnc#1012382).
  • input: atmelmxtts - only use first T9 instance (bnc#1012382).
  • input: elantech - enable middle button of touchpad on ThinkPad P72 (bnc#1012382).
  • iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105).
  • iommu/arm-smmu-v3: sync the OVACKFLG to PRIQ consumer register (bnc#1012382).
  • iommu/ipmmu-vmsa: Fix allocation in atomic context (bnc#1012382).
  • ip6_tunnel: be careful when accessing the inner header (bnc#1012382).
  • ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
  • ip_tunnel: be careful when accessing the inner header (bnc#1012382).
  • ipv4: fix use-after-free in ipcmsgrecv_dstaddr() (bnc#1012382).
  • ipv6: fix possible use-after-free in ip6_xmit() (bnc#1012382).
  • ipvs: fix race between ipvsconnnew() and ipvsdeldest() (bnc#1012382).
  • irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).
  • irqchip/gic-v3: Add missing barrier to 32bit version of gicreadiar() (bnc#1012382).
  • iw_cxgb4: only allow 1 flush on user qps (bnc#1012382).
  • ixgbe: pcisetdrvdata must be called before register_netdev (Git-fixes bsc#1109923).
  • jffs2: return -ERANGE when xattr buffer is too small (bnc#1012382).
  • kabi: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).
  • kabi protect hnaeaeops (bsc#1107924).
  • kABI: protect struct hnaedesccb (kabi).
  • kbuild: add .DELETEONERROR special target (bnc#1012382).
  • kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).
  • kernel/params.c: downgrade warning for unsafe parameters (bsc#1050549).
  • kprobes/x86: Release insn_slot in failure path (bsc#1110006).
  • kthread: fix boot hang (regression) on MIPS/OpenRISC (bnc#1012382).
  • kthread: Fix use-after-free if kthread fork fails (bnc#1012382).
  • kvm: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
  • kvm: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).
  • kvm: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bnc#1012382).
  • kvm: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240).
  • kvm: x86: Do not use kvmx86ops->mpx_supported() directly (bsc#1106240).
  • kvm: x86: fix APIC page invalidation (bsc#1106240).
  • kvm: x86: remove eagerfpu field of struct kvmvcpu_arch (bnc#1012382).
  • kvm/x86: remove WARNON() for when vmmunmap() fails (bsc#1106240).
  • kvm: x86: SVM: Call x86specctrlsetguest/host() with interrupts disabled (bsc#1106240).
  • l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).
  • lib/test_hexdump.c: fix failure on big endian cpu (bsc#1106110).
  • locking/osqlock: Fix osqlock queue corruption (bnc#1012382).
  • locking/rwsem-xadd: Fix missed wakeup due to reordering of load (bnc#1012382).
  • lpfc: fixup crash in lpfcelsunsol_buffer() (bsc#1107318).
  • mac80211: correct use of IEEE80211VHTCAPRXSTBCX (bnc#1012382).
  • mac80211: fix a race between restart and CSA flows (bnc#1012382).
  • mac80211: fix setting IEEE80211KEYFLAGRXMGMT for AP mode keys (bnc#1012382).
  • mac80211: Fix station bandwidth setting after channel switch (bnc#1012382).
  • mac80211hwsim: correct use of IEEE80211VHTCAPRXSTBC_X (bnc#1012382).
  • mac80211: mesh: fix HWMP sequence numbering to follow standard (bnc#1012382).
  • mac80211: restrict delayed tailroom needed decrement (bnc#1012382).
  • mac80211: shorten the IBSS debug messages (bnc#1012382).
  • mach64: detect the dot clock divider correctly on sparc (bnc#1012382).
  • macintosh/via-pmu: Add missing mmio accessors (bnc#1012382).
  • md-cluster: clear another node's suspend_area after the copy is finished (bnc#1012382).
  • md/raid1: exit sync request if MDRECOVERYINTR is set (git-fixes).
  • md/raid5: fix data corruption of replacements after originals dropped (bnc#1012382).
  • media: af9035: prevent buffer overflow on write (bnc#1012382).
  • media: exynos4-is: Prevent NULL pointer dereference in _ispvideotryfmt() (bnc#1012382).
  • media: fsl-viu: fix error handling in viuofprobe() (bnc#1012382).
  • media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bnc#1012382).
  • media: omapvout: Fix a possible null pointer dereference in omapvout_open() (bsc#1050431).
  • media: s3c-camif: ignore -ENOIOCTLCMD from v4l2subdevcall for s_power (bnc#1012382).
  • media: soc_camera: ov772x: correct setting of banding filter (bnc#1012382).
  • media: tm6000: add error handling for dvbregisteradapter (bnc#1012382).
  • media: uvcvideo: Support realtek's UVC 1.5 device (bnc#1012382).
  • media: v4l: event: Prevent freeing event subscriptions while accessed (bnc#1012382).
  • media: videobuf2-core: check for q->error in vb2coreqbuf() (bnc#1012382).
  • media: videobuf-dma-sg: Fix dma{sync,unmap}sg() calls (bsc#1050431).
  • mei: bus: type promotion bug in meinfcif_version() (bnc#1012382).
  • mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).
  • mfd: omap-usb-host: Fix dts probe of children (bnc#1012382).
  • mfd: sm501: Set coherentdmamask when creating subdevices (bnc#1012382).
  • mfd: tiam335xtscadc: Fix struct clk memory leak (bnc#1012382).
  • misc: hmc6352: fix potential Spectre v1 (bnc#1012382).
  • misc: mic: SCIF Fix scifgetnew_port() error handling (bnc#1012382).
  • misc: ti-st: Fix memory leak in the error path of probe() (bnc#1012382).
  • mmc: mmci: stop building qcom dml as module (bsc#1110468).
  • mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).
  • mm: fix devmemisallowed() for sub-page System RAM intersections (bsc#1110006).
  • mm: get rid of vmacacheflushall() entirely (bnc#1012382).
  • mm: madvise(MADV_DODUMP): allow hugetlbfs pages (bnc#1012382).
  • mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
  • mm: shmem.c: Correctly annotate new inodes for lockdep (bnc#1012382).
  • mm/vmstat.c: fix outdated vmstat_text (bnc#1012382).
  • mm/vmstat.c: skip NRTLBREMOTE_FLUSH* properly (bnc#1012382).
  • mm/vmstat.c: skip NRTLBREMOTE_FLUSH* properly (git fixes).
  • module: exclude SHN_UNDEF symbols from kallsyms api (bnc#1012382).
  • mtdchar: fix overflows in adjustment of count (bnc#1012382).
  • mtd/maps: fix solutionengine.c printk format warnings (bnc#1012382).
  • neighbour: confirm neigh entries when ARP packet is received (bnc#1012382).
  • net/9p: fix error path of p9virtioprobe (bnc#1012382).
  • net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (bnc#1012382).
  • net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).
  • net: cadence: Fix a sleep-in-atomic-context bug in macbhalttx() (bnc#1012382).
  • net: dcb: For wild-card lookups, use priority -1, not 0 (bnc#1012382).
  • net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).
  • net: ena: fix device destruction to gracefully free resources (bsc#1108240).
  • net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).
  • net: ena: fix incorrect usage of memory barriers (bsc#1108240).
  • net: ena: fix missing calls to READ_ONCE (bsc#1108240).
  • net: ena: fix missing lock during device destruction (bsc#1108240).
  • net: ena: fix potential double enadestroydevice() (bsc#1108240).
  • net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).
  • net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (bsc#1110616).
  • net: ethernet: ti: cpsw: fix mdio device reference leak (bnc#1012382).
  • netfilter: xtables: avoid stack-out-of-bounds read in xtcopycountersfrom_user (bnc#1012382).
  • net: hns: add netifcarrieroff before change speed and duplex (bsc#1107924).
  • net: hns: add the code for cleaning pkt in chip (bsc#1107924).
  • net: hns: fix length and pageoffset overflow when CONFIGARM6464KPAGES (bnc#1012382).
  • net: hp100: fix always-true check for link up state (bnc#1012382).
  • net: ipv4: update fnhe_pmtu when first hop's MTU changes (bnc#1012382).
  • net/ipv6: Display all addresses in output of /proc/net/if_inet6 (bnc#1012382).
  • netlabel: check for IPV4MASK in addrinfo_get (bnc#1012382).
  • net: macb: disable scatter-gather for macb on sama5d3 (bnc#1012382).
  • net/mlx4: Use cpumaskavailable for eq->affinitymask (bnc#1012382).
  • net: mvneta: fix mtu change on port without link (bnc#1012382).
  • net: mvneta: fix mvnetaconfigrss on armada 3700 (bsc#1110615).
  • net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (bnc#1012382).
  • net: systemport: Fix wake-up interrupt race during resume (bnc#1012382).
  • net/usb: cancel pending work when unbinding smsc75xx (bnc#1012382).
  • nfc: Fix possible memory corruption when handling SHDLC I-Frame commands (bnc#1012382).
  • nfc: Fix the number of pipes (bnc#1012382).
  • nfs: add nostatflush mount option (bsc#1065726).
  • nfs: Avoid quadratic search when freeing delegations (bsc#1084760).
  • nfsd: fix corrupted reply to badly ordered compound (bnc#1012382).
  • nfs: Use an appropriate work queue for direct-write completion (bsc#1082519).
  • nfsv4.0 fix client reference leak in callback (bnc#1012382).
  • nvmefc: add 'nvmediscovery' sysfs attribute to fc transport device (bsc#1044189).
  • nvmet: fixup crash on NULL device path (bsc#1082979).
  • ocfs2: fix locking for res->tracking and dlm->tracking_list (bnc#1012382).
  • ocfs2: fix ocfs2 read block panic (bnc#1012382).
  • of: unittest: Disable interrupt node tests for old world MAC systems (bnc#1012382).
  • ovl: Copy inode attributes after setting xattr (bsc#1107299).
  • ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)
  • ovl: proper cleanup of workdir (bnc#1012382).
  • ovl: rename ismerge to islowest (bnc#1012382).
  • parport: sunbpp: fix error return code (bnc#1012382).
  • partitions/aix: append null character to print data from disk (bnc#1012382).
  • partitions/aix: fix usage of uninitialized lv_info and lvname structures (bnc#1012382).
  • pci: altera: Fix bool initialization in tlpreadpacket() (bsc#1109806).
  • pci: designware: Fix I/O space page leak (bsc#1109806).
  • pci: designware: Fix pciremapiospace() failure path (bsc#1109806).
  • pci: mvebu: Fix I/O space end address calculation (bnc#1012382).
  • pci: OF: Fix I/O space page leak (bsc#1109806).
  • pci: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1109806).
  • pci: Reprogram bridge prefetch registers on resume (bnc#1012382).
  • pci: shpchp: Fix AMD POGO identification (bsc#1109806).
  • pci: Supply CPU physical address (not bus address) to iomemisexclusive() (bsc#1109806).
  • pci: versatile: Fix I/O space page leak (bsc#1109806).
  • pci: versatile: Fix pciremapiospace() failure path (bsc#1109806).
  • pci: xgene: Fix I/O space page leak (bsc#1109806).
  • pci: xilinx: Add missing ofnodeput() (bsc#1109806).
  • perf powerpc: Fix callchain ip filtering (bnc#1012382).
  • perf powerpc: Fix callchain ip filtering when return address is in a register (bnc#1012382).
  • perf probe powerpc: Ignore SyS symbols irrespective of endianness (bnc#1012382).
  • perf script python: Fix export-to-postgresql.py occasional failure (bnc#1012382).
  • perf tools: Allow overriding MAXNRCPUS at compile time (bnc#1012382).
  • phy: qcom-ufs: add MODULE_LICENSE tag (bsc#1110468).
  • pinctrl: qcom: spmi-gpio: Fix pmicgpioconfig_get() to be compliant (bnc#1012382).
  • pipe: actually allow root to exceed the pipe buffer limit (git-fixes).
  • platform/x86: alienware-wmi: Correct a memory leak (bnc#1012382).
  • platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).
  • platform/x86: toshiba_acpi: Fix defined but not used build warnings (bnc#1012382).
  • pm / core: Clear the direct_complete flag on errors (bnc#1012382).
  • powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
  • powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
  • powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).
  • powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
  • powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
  • powerpc: Fix size calculation using resource_size() (bnc#1012382).
  • powerpc/kdump: Handle crashkernel memory reservation failure (bnc#1012382).
  • powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
  • powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).
  • powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
  • powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363).
  • powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).
  • powerpc/perf/hv-24x7: Fix passing of catalog version number (bsc#1053043).
  • powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).
  • powerpc/powernv: opalputchars partial write fix (bnc#1012382).
  • powerpc/powernv: Rename machinecheckpSeries_early() to powernv (bsc#1094244).
  • powerpc/pseries: Avoid using the size greater than RTASERRORLOG_MAX (bnc#1012382).
  • powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).
  • powerpc/pseries: Define MCE error event section (bsc#1094244).
  • powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).
  • powerpc/pseries: Display machine check error details (bsc#1094244).
  • powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).
  • powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
  • powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
  • powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).
  • powerpc/pseries/mm: call HBLOCKREMOVE (bsc#1109158).
  • powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
  • powerpc/pseries/mm: Introducing FWFEATUREBLOCK_REMOVE (bsc#1109158).
  • powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
  • powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).
  • powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
  • powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).
  • powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
  • power: vexpress: fix corruption in notifier registration (bnc#1012382).
  • printk: do not spin in printk when in nmi (bsc#1094244).
  • proc: restrict kernel stack dumps to root (bnc#1012382).
  • pstore: Fix incorrect persistent ram buffer mapping (bnc#1012382).
  • qlcnic: fix Tx descriptor corruption on 82xx devices (bnc#1012382).
  • r8169: Clear RTLFLAGTASK*PENDING when clearing RTLFLAGTASK_ENABLED (bnc#1012382).
  • raid10 BUGON in raisebarrier when force is true and conf->barrier is 0 (bnc#1012382).
  • rculist: add listforeachentryfrom_rcu() (bsc#1084760).
  • rculist: Improve documentation for listforeachentryfrom_rcu() (bsc#1084760).
  • rdma/cma: Do not ignore net namespace for unbound cm_id (bnc#1012382).
  • rdma/cma: Protect cma dev list with lock (bnc#1012382).
  • rdma/rw: Fix rdmarwctxsignatureinit() kernel-doc header (bsc#1082979).
  • rdma/ucma: check fd type in ucmamigrateid() (bnc#1012382).
  • reiserfs: add check to detect corrupted directory entry (bsc#1109818).
  • reiserfs: change jtimestamp type to time64t (bnc#1012382).
  • reiserfs: do not panic on bad directory entries (bsc#1109818).
  • Revert 'arm: imxv6v7_defconfig: Select ULPI support' (bnc#1012382).
  • Revert 'dma-buf/sync-file: Avoid enable fence signaling if poll(.timeout=0)' (bsc#1111363).
  • Revert 'drm: Do not pass negative delta to ktimesubns()' (bsc#1106929)
  • Revert 'drm/i915: Initialize HWS page address after GPU reset' (bsc#1106929)
  • Revert 'Drop kernel trampoline stack.' This reverts commit 85dead31706c1c1755adff90405ff9861c39c704.
  • Revert 'kabi/severities: Ignore missing cputsstramp (bsc#1099597)' This reverts commit edde1f21880e3bfe244c6f98a3733b05b13533dc.
  • Revert 'KVM: x86: remove eagerfpu field of struct kvmvcpu_arch' (kabi).
  • Revert 'media: v4l: event: Prevent freeing event subscriptions while accessed' (kabi).
  • Revert 'Skip intelcrtinit for Dell XPS 8700' (bsc#1106929)
  • Revert 'usb: cdc-wdm: Fix a sleep-in-atomic-context bug in serviceoutstandinginterrupt()' (bnc#1012382).
  • ring-buffer: Allow for rescheduling when removing pages (bnc#1012382).
  • rndiswlan: potential buffer overflow in rndiswlanauthindication() (bnc#1012382).
  • rtc: bq4802: add error handling for devm_ioremap (bnc#1012382).
  • rtnl: limit IFLANUMTXQUEUES and IFLANUMRXQUEUES to 4096 (bnc#1012382).
  • s390/chsc: Add exception handler for CHSC instruction (git-fixes).
  • s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).
  • s390/extmem: fix gcc 8 stringop-overflow warning (bnc#1012382).
  • s390/facilites: use stflefaclist array size for MAXFACILITYBIT (bnc#1108315, LTC#171326).
  • s390/kdump: Fix elfcorehdr size calculation (git-fixes).
  • s390/kdump: Make elfcorehdr size calculation ABI compliant (git-fixes).
  • s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).
  • s390/mm: correct allocatepgste prochandler callback (git-fixes).
  • s390/qeth: do not dump past end of unknown HW header (bnc#1012382).
  • s390/qeth: fix race in used-buffer accounting (bnc#1012382).
  • s390/qeth: handle failure on workqueue creation (git-fixes).
  • s390/qeth: reset layer2 attribute on layer switch (bnc#1012382).
  • s390/qeth: use vzalloc for QUERY OAT buffer (bnc#1108315, LTC#171527).
  • s390: revert ELFETDYN_BASE base changes (git-fixes).
  • s390/stacktrace: fix address ranges for asynchronous and panic stack (git-fixes).
  • sched/fair: Fix bandwidth timer clock drift condition (Git-fixes).
  • sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (Git-fixes).
  • sch_hhf: fix null pointer dereference on init failure (bnc#1012382).
  • sch_htb: fix crash on init failure (bnc#1012382).
  • sch_multiq: fix double free on init failure (bnc#1012382).
  • sch_netem: avoid null pointer deref on init failure (bnc#1012382).
  • sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).
  • scripts: modpost: check memory allocation results (bnc#1012382).
  • scsi: 3ware: fix return 0 on the error path of probe (bnc#1012382).
  • scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).
  • scsi: bnx2i: add error handling for ioremap_nocache (bnc#1012382).
  • scsi: ibmvscsi: Improve strings handling (bnc#1012382).
  • scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).
  • scsi: klist: Make it safe to use klists in atomic context (bnc#1012382).
  • scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
  • scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
  • scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).
  • scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).
  • scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).
  • scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).
  • scsi: qla2xxx: correctly shift host byte (bsc#1094555).
  • scsi: qla2xxx: Correct setting of SAMSTATCHECK_CONDITION (bsc#1094555).
  • scsi: qla2xxx: Delete session for nport id change (bsc#1094555).
  • scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
  • scsi: qla2xxx: Fix crash on qla2x00mailboxcommand (bsc#1094555).
  • scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).
  • scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).
  • scsi: qla2xxx: fix error message on <qla2400 (bsc#1094555).
  • scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).
  • scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).
  • scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).
  • scsi: qla2xxx: Fix issue reported by static checker for qla2x00elsdcmd2spdone() (bsc#1094555).
  • scsi: qla2xxx: Fix login retry count (bsc#1094555).
  • scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).
  • scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).
  • scsi: qla2xxx: Fix n2nae flag to prevent devloss on PDB change (bsc#1084427).
  • scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).
  • scsi: qla2xxx: Fix NPIV deletion by calling waitforsess_deletion (bsc#1094555).
  • scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).
  • scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).
  • scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).
  • scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).
  • scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).
  • scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).
  • scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).
  • scsi: qla2xxx: Fix stalled relogin (bsc#1094555).
  • scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).
  • scsi: qla2xxx: Fix unintended Logout (bsc#1094555).
  • scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).
  • scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).
  • scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).
  • scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).
  • scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).
  • scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).
  • scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).
  • scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).
  • scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).
  • scsi: qla2xxx: Remove nvmedonelist (bsc#1084427).
  • scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).
  • scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).
  • scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).
  • scsi: qla2xxx: Return busy if rport going away (bsc#1084427).
  • scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).
  • scsi: qla2xxx: Set IIDMA and fcport state before qlanvmeregister_remote() (bsc#1084427).
  • scsi: qla2xxx: Silent erroneous message (bsc#1094555).
  • scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).
  • scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).
  • scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).
  • scsi: qla2xxx: Use dmapoolzalloc() (bsc#1094555).
  • scsi: qla2xxx: Use predefined getdatalenfor_atio() inline function (bsc#1094555).
  • scsi: target: fix _transportregister_session locking (bnc#1012382).
  • scsi: target/iscsi: Make iscsittaauthentication() respect the output buffer size (bnc#1012382).
  • selftests/efivarfs: add required kernel configs (bnc#1012382).
  • selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).
  • selftest: timers: Tweak rawskew to SKIP when ADJOFFSET/other clock adjustments are in progress (bnc#1012382).
  • selinux: use GFPNOWAIT in the AVC kmemcaches (bnc#1012382).
  • serial: cpm_uart: return immediately from console poll (bnc#1012382).
  • serial: imx: restore handshaking irq for imx1 (bnc#1012382).
  • signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
  • slub: make ->cpu_partial unsigned int (bnc#1012382).
  • smb2: fix missing files in root share directory listing (bnc#1012382).
  • smb3: fix reset of bytes read and written stats (bnc#1012382).
  • smb3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).
  • sound: enable interrupt after dma buffer initialization (bnc#1012382).
  • spi: rspi: Fix interrupted DMA transfers (bnc#1012382).
  • spi: rspi: Fix invalid SPI use during system suspend (bnc#1012382).
  • spi: sh-msiof: Fix handling of write value for SISTR register (bnc#1012382).
  • spi: sh-msiof: Fix invalid SPI use during system suspend (bnc#1012382).
  • spi: tegra20-slink: explicitly enable/disable clock (bnc#1012382).
  • srcu: Allow use of Tiny/Tree SRCU from both process and interrupt context (bsc#1050549).
  • staging: android: ashmem: Fix mmap size validation (bnc#1012382).
  • staging: android: ion: fix IONIOC{MAP,SHARE} use-after-free (bnc#1012382).
  • staging: comedi: nimiocommon: fix subdevice flags for PFI subdevice (bnc#1012382).
  • staging: rt5208: Fix a sleep-in-atomic bug in xdcopypage (bnc#1012382).
  • staging: rts5208: fix missing error check on call to rtsxwriteregister (bnc#1012382).
  • staging/rts5208: Fix read overflow in memcpy (bnc#1012382).
  • stmmac: fix valid numbers of unicast filter entries (bnc#1012382).
  • stop_machine: Atomically queue and wake stopper threads (git-fixes).
  • target: log Data-Out timeouts as errors (bsc#1095805).
  • target: log NOP ping timeouts as errors (bsc#1095805).
  • target: split out helper for cxn timeout error stashing (bsc#1095805).
  • target: stash sesserrstats on Data-Out timeout (bsc#1095805).
  • target: use ISCSIIQNLEN in iscsitargetstat (bsc#1095805).
  • tcp: add tcpoootry_coalesce() helper (bnc#1012382).
  • tcp: call tcpdrop() from tcpdataqueueofo() (bnc#1012382).
  • tcp: do not restart timewait timer on rst reception (bnc#1012382).
  • tcp: fix a stale ooolastskb after a replace (bnc#1012382).
  • tcp: free batches of packets in tcppruneofo_queue() (bnc#1012382).
  • tcp: increment sk_drops for dropped rx packets (bnc#1012382).
  • tcp: use an RB tree for ooo receive queue (bnc#1012382).
  • team: Forbid enslaving team device to itself (bnc#1012382).
  • thermal: of-thermal: disable passive polling when thermal zone is disabled (bnc#1012382).
  • tools: hv: Fix a bug in the key delete code (bnc#1012382).
  • tools/vm/page-types.c: fix 'defined but not used' warning (bnc#1012382).
  • tools/vm/slabinfo.c: fix sign-compare warning (bnc#1012382).
  • tsl2550: fix lux1_input error in low light (bnc#1012382).
  • tty: Drop tty->count on tty_reopen() failure (bnc#1105428).
  • tty: rocket: Fix possible buffer overwrite on register_PCI (bnc#1012382).
  • tty: vt_ioctl: fix potential Spectre v1 (bnc#1012382).
  • ubifs: Check for name being NULL while mounting (bnc#1012382).
  • ucma: fix a use-after-free in ucmaresolveip() (bnc#1012382).
  • uio: potential double frees if _uioregister_device() fails (bnc#1012382).
  • Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).
  • usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bnc#1012382).
  • usb: Add quirk to support DJI CineSSD (bnc#1012382).
  • usb: Avoid use-after-free by flushing endpoints early in usbsetinterface() (bnc#1012382).
  • usb: cdc-wdm: Fix a sleep-in-atomic-context bug in serviceoutstandinginterrupt() (bnc#1012382).
  • usb: Do not die twice if PCI xhci host is not responding in resume (bnc#1012382).
  • usb: fix error handling in usbdriverclaim_interface() (bnc#1012382).
  • usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bnc#1012382).
  • usb: gadget: serial: fix oops when data rx'd after close (bnc#1012382).
  • usb: handle NULL config in usbfindalt_setting() (bnc#1012382).
  • usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132getframe() (bnc#1012382).
  • usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
  • usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bnc#1012382).
  • usb: net2280: Fix erroneous synchronization change (bnc#1012382).
  • usb: remove LPM management from usbdriverclaim_interface() (bnc#1012382).
  • usb: serial: io_ti: fix array underflow in completion handler (bnc#1012382).
  • usb: serial: kobil_sct: fix modem-status error handling (bnc#1012382).
  • usb: serial: simple: add Motorola Tetra MTP6550 id (bnc#1012382).
  • usb: serial: tiusb3410_5052: fix array underflow in completion handler (bnc#1012382).
  • usb: usbdevfs: restore warning for nonsensical flags (bnc#1012382).
  • usb: usbdevfs: sanitize flags more (bnc#1012382).
  • usb: wusbcore: security: cast sizeof to int for comparison (bnc#1012382).
  • usb: yurex: Check for truncation in yurex_read() (bnc#1012382).
  • usb: yurex: Fix buffer over-read in yurex_write() (bnc#1012382).
  • Use upstream version of pci-hyperv change 35a88a18d7
  • uwb: hwa-rc: fix memory leak at probe (bnc#1012382).
  • vfs: do not test owner for NFS in setposixacl() (bsc#1103405).
  • video: goldfishfb: fix memory leak on driver remove (bnc#1012382).
  • vmci: type promotion bug in qphostgetusermemory() (bnc#1012382).
  • vmw_balloon: include asm/io.h (bnc#1012382).
  • vti6: remove !skb->ignoredf check from vti6xmit() (bnc#1012382).
  • watchdog: w83627hf: Added NCT6102D support (bsc#1106434).
  • watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
  • wlcore: Add missing PM call for wlcorecmdwaitforeventortimeout() (bnc#1012382).
  • wlcore: Fix memory leak in wlcorecmdwaitforeventortimeout (git-fixes).
  • x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006).
  • x86/apic: Split disableIOAPIC() into two functions to fix CONFIGKEXECJUMP=y (bsc#1110006).
  • x86/apic: Split out restorebootirqmode() from disableIO_APIC() (bsc#1110006).
  • x86/boot: Fix 'run_size' calculation (bsc#1110006).
  • x86/cpufeature: deduplicate X86FEATUREL1TF_PTEINV (kabi).
  • x86/entry/64: Add two more instruction suffixes (bnc#1012382).
  • x86/entry/64: Clear registers for exceptions/interrupts, to reduce speculation attack surface (bsc#1105931).
  • x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
  • x86/entry/64: sanitize extra registers on syscall entry (bsc#1105931).
  • x86/fpu: Finish excising 'eagerfpu' (bnc#1012382).
  • x86/fpu: Remove second definition of fpu in fpurestore_sig() (bsc#1110006).
  • x86/fpu: Remove struct fpu::counter (bnc#1012382).
  • x86/fpu: Remove useeagerfpu() (bnc#1012382).
  • x86/kaiser: Avoid loosing NMIs when using trampoline stack (bsc#1106293 bsc#1099597).
  • x86/mm: Remove innmi() warning from vmallocfault() (bnc#1012382).
  • x86: msr-index.h: Correct SNBC1/C3AUTO_UNDEMOTE defines (bsc#1110006).
  • x86/numa_emulation: Fix emulated-to-physical node mapping (bnc#1012382).
  • x86/pae: use 64 bit atomic xchg function in nativeptepgetandclear (bnc#1012382).
  • x86/paravirt: Fix some warning messages (bnc#1065600).
  • x86/percpu: Fix thiscpuread() (bsc#1110006).
  • x86,sched: Allow topologies where NUMA nodes share an LLC (bsc#1091158, bsc#1101555).
  • x86/specctrl: Fix specctrl reporting (bsc#1106913, bsc#1111516).
  • x86/speculation: Apply IBPB more strictly to avoid cross-process data leak (bsc#1106913).
  • x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (bsc#1106913).
  • x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
  • x86/speculation: Propagate information about RSB filling mitigation to sysfs (bsc#1106913).
  • x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
  • x86/tsc: Add missing header to tsc_msr.c (bnc#1012382).
  • x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
  • x86/vdso: Fix vDSO build if a retpoline is emitted (bsc#1110006).
  • x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).
  • x86/vdso: Only enable vDSO retpolines when enabled and supported (bsc#1110006).
  • xen: avoid crash in disablehotplugcpu (bnc#1012382 bsc#1106594 bsc#1042422).
  • xen: avoid crash in disablehotplugcpu (bsc#1106594).
  • xen/blkfront: correct purging of persistent grants (bnc#1065600).
  • xen: fix GCC warning and remove duplicate EVTCHNROW/EVTCHNCOL usage (bnc#1012382).
  • xen: issue warning message when out of grant maptrack entries (bsc#1105795).
  • xen/manage: do not complain about an empty value in control/sysrq node (bnc#1012382).
  • xen/netfront: do not bug in case of too many frags (bnc#1012382).
  • xen-netfront: fix queue name setting (bnc#1012382).
  • xen/netfront: fix waiting for xenbus state change (bnc#1012382).
  • xen-netfront: fix warn message as irq device name has '/' (bnc#1012382).
  • xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bnc#1012382).
  • xfrm: fix 'passing zero to ERR_PTR()' warning (bnc#1012382).
  • xfs: add a new xfsiextlookupextentbefore helper (bsc#1095344).
  • xfs: add asserts for the mmap lock in xfs{insert,collapse}file_space (bsc#1095344).
  • xfs: add a xfsbmapforktostate helper (bsc#1095344).
  • xfs: add a xfsiextupdate_extent helper (bsc#1095344).
  • xfs: add comments documenting the rebalance algorithm (bsc#1095344).
  • xfs: add some comments to xfsiextinsert/xfsiextinsert_node (bsc#1095344).
  • xfs: add xfstrimextent (bsc#1095344).
  • xfs: allow unaligned extent records in xfsbmbtdisksetall (bsc#1095344).
  • xfs: borrow indirect blocks from freed extent when available (bsc#1095344).
  • xfs: cleanup xfsbmaplast_before (bsc#1095344).
  • xfs: do not create overlapping extents in xfsbmapaddextentdelay_real (bsc#1095344).
  • xfs: do not rely on extent indices in xfsbmapcollapse_extents (bsc#1095344).
  • xfs: do not rely on extent indices in xfsbmapinsert_extents (bsc#1095344).
  • xfs: do not set XFSBTCURBPRVWASDEL in xfsbunmapi (bsc#1095344).
  • xfs: during btree split, save new block key & ptr for future insertion (bsc#1095344).
  • xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).
  • xfs: fix memory leak in xfsiextfreelastleaf (bsc#1095344).
  • xfs: fix number of records handling in xfsiextsplit_leaf (bsc#1095344).
  • xfs: fix transaction allocation deadlock in IO path (bsc#1090535).
  • xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
  • xfs: handle zero entries case in xfsiextrebalance_leaf (bsc#1095344).
  • xfs: improve kmem_realloc (bsc#1095344).
  • xfs: inline xfsshiftfile_space into callers (bsc#1095344).
  • xfs: introduce the xfsiextcursor abstraction (bsc#1095344).
  • xfs: iterate over extents in xfsbmapextentstobtree (bsc#1095344).
  • xfs: iterate over extents in xfsiextentscopy (bsc#1095344).
  • xfs: make better use of the 'state' variable in xfsbmapdelextentreal (bsc#1095344).
  • xfs: merge xfsbmapreadextents into xfsiread_extents (bsc#1095344).
  • xfs: move pre/post-bmap tracing into xfsiextupdate_extent (bsc#1095344).
  • xfs: move some code around inside xfsbmapshift_extents (bsc#1095344).
  • xfs: move some more code into xfsbmapdelextentreal (bsc#1095344).
  • xfs: move xfsbmbtirec and xfsexntstt to xfs_types.h (bsc#1095344).
  • xfs: move xfsiextinsert tracepoint to report useful information (bsc#1095344).
  • xfs: new inode extent list lookup helpers (bsc#1095344).
  • xfs: only run torn log write detection on dirty logs (bsc#1095753).
  • xfs: pass an on-disk extent to xfsbmbtvalidate_extent (bsc#1095344).
  • xfs: pass a struct xfsbmbtirec to xfsbmbtlookup_eq (bsc#1095344).
  • xfs: pass a struct xfsbmbtirec to xfsbmbtupdate (bsc#1095344).
  • xfs: pass struct xfsbmbtirec to xfsbmbtvalidate_extent (bsc#1095344).
  • xfs: provide helper for counting extents from if_bytes (bsc#1095344).
  • xfs: refactor delalloc accounting in xfsbmapaddextentdelay_real (bsc#1095344).
  • xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).
  • xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
  • xfs: refactor in-core log state update to helper (bsc#1095753).
  • xfs: refactor unmount record detection into helper (bsc#1095753).
  • xfs: refactor xfsbmapaddextentdelay_real (bsc#1095344).
  • xfs: refactor xfsbmapaddextenthole_delay (bsc#1095344).
  • xfs: refactor xfsbmapaddextenthole_real (bsc#1095344).
  • xfs: refactor xfsbmapaddextentunwritten_real (bsc#1095344).
  • xfs: refactor xfsbunmapicow (bsc#1095344).
  • xfs: refactor xfsdelextent_real (bsc#1095344).
  • xfs: remove a duplicate assignment in xfsbmapaddextentdelay_real (bsc#1095344).
  • xfs: remove all xfsbmbtset* helpers except for xfsbmbtsetall (bsc#1095344).
  • xfs: remove a superflous assignment in xfsiextremove_node (bsc#1095344).
  • xfs: remove if_rdev (bsc#1095344).
  • xfs: remove prev argument to xfsbmapireserve_delalloc (bsc#1095344).
  • xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
  • xfs: remove the never fully implemented UUID fork format (bsc#1095344).
  • xfs: remove the nrextents argument to xfsiext_insert (bsc#1095344).
  • xfs: remove the nrextents argument to xfsiext_remove (bsc#1095344).
  • xfs: remove XFSBMAPMAXSHIFTEXTENTS (bsc#1095344).
  • xfs: remove XFSBMAPTRACE_EXLIST (bsc#1095344).
  • xfs: remove xfsbmbtget_state (bsc#1095344).
  • xfs: remove xfsbmseshift_one (bsc#1095344).
  • xfs: rename bno to end in _xfsbunmapi (bsc#1095344).
  • xfs: replace xfsbmbtlookupge with xfsbmbtlookupfirst (bsc#1095344).
  • xfs: replace xfsqmgetrtblks with a direct call to xfsbmapcountleaves (bsc#1095344).
  • xfs: rewrite getbmap using the xfsiext* helpers (bsc#1095344).
  • xfs: rewrite xfsbmapcountleaves using xfsiextgetextent (bsc#1095344).
  • xfs: rewrite xfsbmapfirstunused to make better use of xfsiextgetextent (bsc#1095344).
  • xfs: separate log head record discovery from verification (bsc#1095753).
  • xfs: simplify the xfs_getbmap interface (bsc#1095344).
  • xfs: simplify validation of the unwritten extent bit (bsc#1095344).
  • xfs: split indlen reservations fairly when under reserved (bsc#1095344).
  • xfs: split xfsbmapshift_extents (bsc#1095344).
  • xfs: switch xfsbmaplocaltoextents to use xfsiextinsert (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapaddextentdelay_real (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapaddextenthole_delay (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapaddextenthole_real (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapaddextentunwritten_real (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapcollapse_extents (bsc#1095344).
  • xfs: treat idx as a cursor in xfsbmapdelextent* (bsc#1095344).
  • xfs: update freeblocks counter after extent deletion (bsc#1095344).
  • xfs: update got in xfsbmapshiftupdateextent (bsc#1095344).
  • xfs: use a b+tree for the in-core extent list (bsc#1095344).
  • xfs: use correct state defines in xfsbmapdelextent{cow,delay} (bsc#1095344).
  • xfs: use new extent lookup helpers in xfsbmapiread (bsc#1095344).
  • xfs: use new extent lookup helpers in xfsbmapiwrite (bsc#1095344).
  • xfs: use new extent lookup helpers in _xfsbunmapi (bsc#1095344).
  • xfs: use the state defines in xfsbmapdelextentreal (bsc#1095344).
  • xfs: use xfsbmapdelextentdelay for the data fork as well (bsc#1095344).
  • xfs: use xfsiext*extent helpers in xfsbmapshiftextents (bsc#1095344).
  • xfs: use xfsiext*extent helpers in xfsbmapsplitextent_at (bsc#1095344).
  • xfs: use xfsiextget_extent instead of open coding it (bsc#1095344).
  • xfs: use xfsiextgetextent in xfsbmapfirstunused (bsc#1095344).
  • xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bnc#1012382).
  • xhci: Do not print a warning when setting link state for disabled ports (bnc#1012382).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.162-3.26.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.162-3.26.1",
            "dlm-kmp-rt": "4.4.162-3.26.1",
            "gfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-rt-devel": "4.4.162-3.26.1",
            "kernel-rt_debug-devel": "4.4.162-3.26.1",
            "cluster-md-kmp-rt": "4.4.162-3.26.1",
            "kernel-source-rt": "4.4.162-3.26.1",
            "kernel-rt": "4.4.162-3.26.1",
            "ocfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-syms-rt": "4.4.162-3.26.1",
            "kernel-rt-base": "4.4.162-3.26.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.162-3.26.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.162-3.26.1",
            "dlm-kmp-rt": "4.4.162-3.26.1",
            "gfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-rt-devel": "4.4.162-3.26.1",
            "kernel-rt_debug-devel": "4.4.162-3.26.1",
            "cluster-md-kmp-rt": "4.4.162-3.26.1",
            "kernel-source-rt": "4.4.162-3.26.1",
            "kernel-rt": "4.4.162-3.26.1",
            "ocfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-syms-rt": "4.4.162-3.26.1",
            "kernel-rt-base": "4.4.162-3.26.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.162-3.26.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.162-3.26.1",
            "dlm-kmp-rt": "4.4.162-3.26.1",
            "gfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-rt-devel": "4.4.162-3.26.1",
            "kernel-rt_debug-devel": "4.4.162-3.26.1",
            "cluster-md-kmp-rt": "4.4.162-3.26.1",
            "kernel-source-rt": "4.4.162-3.26.1",
            "kernel-rt": "4.4.162-3.26.1",
            "ocfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-syms-rt": "4.4.162-3.26.1",
            "kernel-rt-base": "4.4.162-3.26.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP3 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.162-3.26.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.4.162-3.26.1",
            "dlm-kmp-rt": "4.4.162-3.26.1",
            "gfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-rt-devel": "4.4.162-3.26.1",
            "kernel-rt_debug-devel": "4.4.162-3.26.1",
            "cluster-md-kmp-rt": "4.4.162-3.26.1",
            "kernel-source-rt": "4.4.162-3.26.1",
            "kernel-rt": "4.4.162-3.26.1",
            "ocfs2-kmp-rt": "4.4.162-3.26.1",
            "kernel-syms-rt": "4.4.162-3.26.1",
            "kernel-rt-base": "4.4.162-3.26.1"
        }
    ]
}