SUSE-SU-2020:0605-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20200605-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:0605-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:0605-1
Related
Published
2020-03-06T10:09:59Z
Modified
2020-03-06T10:09:59Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 real-time kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some Intel(R) Processors (bnc#1160195).
  • CVE-2019-14896: A heap overflow was found in the addierates() function of the Marvell Wifi Driver (bsc#1157157).
  • CVE-2019-14897: A stack overflow was found in the lbsibssjoin_existing() function of the Marvell Wifi Driver (bsc#1157155).
  • CVE-2019-16994: A memory leak existed in sitinitnet() in net/ipv6/sit.c which might have caused denial of service, aka CID-07f12b26e21a (bnc#1161523).
  • CVE-2019-19036: An issue discovered in btrfsrootnode in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).
  • CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).
  • CVE-2019-19054: A memory leak in the cx23888irprobe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b (bnc#1161518).
  • CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).
  • CVE-2019-19927: A slab-out-of-bounds read access could have been caused when mounting a crafted f2fs filesystem image and performing some operations on it, in drivers/gpu/drm/ttm/ttmpagealloc.c (bnc#1160147).
  • CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bnc#1159911).
  • CVE-2020-7053: There was a use-after-free (write) in the i915ppgttclose function in drivers/gpu/drm/i915/i915gemgtt.c, aka CID-7dc40713618c (bnc#1160966).

The following non-security bugs were fixed:

  • ALSA: hda - Apply sync-write workaround to old Intel platforms, too (bsc#1111666).
  • ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker (bsc#1111666).
  • ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).
  • ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen (bsc#1111666).
  • ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC (bsc#1111666).
  • ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).
  • ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).
  • ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 (bsc#1111666).
  • ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).
  • ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).
  • ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI (bsc#1111666).
  • Fix partial checked out tree build ... so that bisection does not break.
  • Fix the locking in dcache_readdir() and friends (bsc#1123328).
  • HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).
  • HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).
  • HID: uhid: Fix returning EPOLLOUT from uhidcharpoll (bsc#1051510).
  • IB/hfi1: Do not cancel unused work item (bsc#1114685 ).
  • NFC: pn533: fix bulk-message timeout (bsc#1051510).
  • RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).
  • Temporary workaround for bsc#1159096 should no longer be needed.
  • USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).
  • USB: serial: io_edgeport: add missing active-port sanity check (bsc#1051510).
  • USB: serial: keyspan: handle unbound ports (bsc#1051510).
  • USB: serial: opticon: fix control-message timeouts (bsc#1051510).
  • USB: serial: quatech2: handle unbound ports (bsc#1051510).
  • USB: serial: suppress driver bind attributes (bsc#1051510).
  • blk-mq: avoid sysfs buffer overflow with too many CPU cores (bsc#1159377).
  • blk-mq: make sure that line break can be printed (bsc#1159377).
  • bnxt: apply computed clamp value for coalece parameter (bsc#1104745).
  • bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).
  • bnxt_en: Return error if FW returns more data than dump length (bsc#1104745).
  • bpf/sockmap: Read psock ingressmsg before skreceive_queue (bsc#1083647).
  • bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).
  • bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).
  • bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).
  • bpf: Sanity check max value for var_off stack access (bco#1160618).
  • bpf: Support variable offset stack access from helpers (bco#1160618).
  • bpf: add self-check logic to liveness analysis (bsc#1160618).
  • bpf: add verifier stats and log_level bit 2 (bsc#1160618).
  • bpf: improve stacksafe state comparison (bco#1160618).
  • bpf: improve verification speed by droping states (bsc#1160618).
  • bpf: improve verification speed by not remarking live_read (bsc#1160618).
  • bpf: improve verifier branch analysis (bsc#1160618).
  • bpf: increase complexity limit and maximum program size (bsc#1160618).
  • bpf: increase verifier log limit (bsc#1160618).
  • bpf: speed up stacksafe check (bco#1160618).
  • bpf: verifier: teach the verifier to reason about the BPF_JSET instruction (bco#1160618).
  • btrfs: Move btrfscheckchunk_valid() to tree-check.[ch] and export it (dependency for bsc#1157692).
  • btrfs: fix block group remaining RO forever after error during device replace (bsc#1160442).
  • btrfs: fix infinite loop during nocow writeback due to race (bsc#1160804).
  • btrfs: fix integer overflow in calcreclaimitems_nr (bsc#1160433).
  • btrfs: fix negative subv_writers counter and data space leak after buffered write (bsc#1160802).
  • btrfs: fix removal logic of the tree mod log that leads to use-after-free issues (bsc#1160803).
  • btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Fix for dependency of bsc#1157692).
  • btrfs: inode: Verify inode mode to avoid NULL pointer dereference (dependency for bsc#1157692).
  • btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).
  • btrfs: tree-checker: Check chunk item at tree block read time (dependency for bsc#1157692).
  • btrfs: tree-checker: Check level for leaves and nodes (dependency for bsc#1157692).
  • btrfs: tree-checker: Enhance chunk checker to validate chunk profile (dependency for bsc#1157692).
  • btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency of bsc#1157692).
  • btrfs: tree-checker: Make btrfscheckchunk_valid() return EUCLEAN instead of EIO (dependency for bsc#1157692).
  • btrfs: tree-checker: Make chunk item checker messages more readable (dependency for bsc#1157692).
  • btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).
  • btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in blockgroup_err (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkblockgroupitem (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkcsum_item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkdev_item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkdir_item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkextentdataitem (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkinode_item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkleaf (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in checkleaf_item (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in chunkerr (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in devitem_err (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in diritem_err (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in fileextent_err (dependency for bsc#1157692).
  • btrfs: tree-checker: get fsinfo from eb in genericerr (dependency for bsc#1157692).
  • can: gsusb: gsusb_probe(): use descriptors of current altsetting (bsc#1051510).
  • can: mscan: mscanrxpoll(): fix rx path lockup when returning from polling to irq mode (bsc#1051510).
  • cfg80211/mac80211: make ieee80211sendlayer2_update a public function (bsc#1051510).
  • cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).
  • cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).
  • cifs: Close cached root handle only if it had a lease (bsc#1144333).
  • cifs: Close open handle after interrupted close (bsc#1144333).
  • cifs: Do not miss cancelled OPEN responses (bsc#1144333).
  • cifs: Fix NULL pointer dereference in mid callback (bsc#1144333).
  • cifs: Fix NULL-pointer dereference in smb2pushmandatory_locks (bsc#1144333).
  • cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).
  • cifs: Fix memory allocation in _smb2handlecancelledcmd() (bsc#1144333).
  • cifs: Fix mount options set in automount (bsc#1144333).
  • cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).
  • cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).
  • cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).
  • cifs: Properly process SMB3 lease breaks (bsc#1144333).
  • cifs: Respect OSYNC and ODIRECT flags during reconnect (bsc#1144333).
  • cifs: add support for flock (bsc#1144333).
  • cifs: close the shared root handle on tree disconnect (bsc#1144333).
  • cifs: remove set but not used variables 'cinode' and 'netfid' (bsc#1144333).
  • clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).
  • clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).
  • clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).
  • clk: rockchip: fix rk3188 sclkmaclbtest parameter ordering (bsc#1051510).
  • clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).
  • drm/dpmst: correct the shifting in DPREMOTEI2CREAD (bsc#1051510).
  • drm/fb-helper: Round up bitsperpixel if possible (bsc#1051510).
  • drm/i810: Prevent underflow in ioctl (bsc#1114279)
  • drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)
  • drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)
  • drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)
  • drm/i915: Add missing include file <linux/math64.h> (bsc#1051510).
  • drm/i915: Fix pid leak with banned clients (bsc#1114279)
  • drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
  • drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
  • drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)
  • drm/sun4i: hdmi: Remove duplicate cleanup calls (bsc#1113956)
  • drm: limit to INTMAX in createblob ioctl (bsc#1051510).
  • exit: panic before exit_mm() on global init exit (bsc#1161549).
  • extcon: max8997: Fix lack of path setting in USB device mode (bsc#1051510).
  • fjes: fix missed check in fjesacpiadd (bsc#1051510).
  • fs: cifs: Fix atime update check vs mtime (bsc#1144333).
  • ftrace: Avoid potential division by zero in function profiler (bsc#1160784).
  • gpio: Fix error message on out-of-range GPIO in lookup table (bsc#1051510).
  • hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).
  • iio: buffer: align the size of scan bytes to size of the largest element (bsc#1051510).
  • inet: protect against too small mtu values (networking-stable-191216).
  • init: add archcallrest_init to allow stack switching (jsc#SLE-11178).
  • iommu/iova: Init the struct iova to fix the possible memleak (bsc#1160469).
  • iommu/mediatek: Correct the flushiotlball callback (bsc#1160470).
  • iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).
  • iommu: Remove device link to group on failure (bsc#1160755).
  • iwlwifi: change monitor DMA to be coherent (bsc#1161243).
  • kABI fixup for allocdaxregion (bsc#1158071,bsc#1160678).
  • kABI: Protest new fields in BPF structs (bsc#1160618).
  • kABI: protect struct sctpepcommon (kabi).
  • kernel/trace: Fix do not unregister tracepoints when register schedmigratetask fail (bsc#1160787).
  • kvm: x86: Host feature SSBD does not imply guest feature SPECCTRLSSBD (bsc#1160476).
  • leds: Allow to call ledclassdevunregister() unconditionally (bsc#1161674).
  • leds: class: ensure workqueue is initialized before setting brightness (bsc#1161674).
  • livepatch: Simplify stack trace retrieval (jsc#SLE-11178).
  • mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1112374).
  • mm, debug_pagealloc: do not rely on static keys too early (VM debuging functionality, bsc#1159096).
  • mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock (bsc#1159394).
  • mmc: sdhci: Add a quirk for broken command queuing (git-fixes).
  • mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes).
  • net, sysctl: Fix compiler warning when only cBPF is present (bsc#1109837).
  • net/mlx4en: fix mlx4 ethtool -N insertion (networking-stable-1911_25).
  • net/mlx5e: Fix set vf link state error flow (networking-stable-191125).
  • net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).
  • net/sched: actpedit: fix WARN() in the traffic path (networking-stable-1911_25).
  • net: bridge: deny devsetmacaddress() when unregistering (networking-stable-1912_16).
  • net: ethernet: ti: cpsw: fix extra rx interrupt (networking-stable-191216).
  • net: psample: fix skboverpanic (networking-stable-191203).
  • net: rtnetlink: prevent underflows in dosetvfinfo() (networking-stable-1911_25).
  • net: sched: fix tc -s class show no bstats on class with nolock subqueues (networking-stable-191203).
  • net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).
  • net: usb: qmiwwan: add support for Foxconn T77W968 LTE modules (networking-stable-1911_18).
  • openvswitch: drop unneeded BUGON() in ovsflowcmdbuildinfo() (networking-stable-1912_03).
  • openvswitch: remove another BUGON() (networking-stable-1912_03).
  • openvswitch: support asymmetric conntrack (networking-stable-191216).
  • platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 (bsc#1051510).
  • powerpc/irq: fix stack overflow verification (bsc#1065729).
  • powerpc/livepatch: return -ERRNO values in savestacktracetskreliable() (bsc#1071995 bsc#1161875).
  • powerpc/mm: drop #ifdef CONFIGMMU in isioremap_addr() (bsc#1065729).
  • powerpc/pkeys: remove unused pkeyallowsreadwrite (bsc#1065729).
  • powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028 ltc#181740).
  • powerpc/pseries: Drop pointless static qualifier in vpadebugfsinit() (git-fixes).
  • powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).
  • powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).
  • powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts (bsc#1085030).
  • powerpc: Allow 64bit VDSO _kernelsync_dicache to work across ranges >4GB (bnc#1151927 5.3.17).
  • powerpc: Allow flushicacherange to work across ranges >4GB (bnc#1151927 5.3.17).
  • qede: Disable hardware gro when xdp prog is installed (bsc#1086314 bsc#1086313 bsc#1086301 ).
  • r8152: add missing endpoint sanity check (bsc#1051510).
  • s390/ftrace: save traced function caller (jsc#SLE-11178).
  • s390/ftrace: use HAVEFUNCTIONGRAPHRETADDR_PTR (jsc#SLE-11178).
  • s390/head64: correct init_task stack setup (jsc#SLE-11178).
  • s390/kasan: avoid false positives during stack unwind (jsc#SLE-11178).
  • s390/kasan: avoid report in get_wchan (jsc#SLE-11178).
  • s390/livepatch: Implement reliable stack tracing for the consistency model (jsc#SLE-11178).
  • s390/process: avoid custom stack unwinding in get_wchan (jsc#SLE-11178).
  • s390/stacktrace: use common archstackwalk infrastructure (jsc#SLE-11178).
  • s390/suspend: fix stack setup in swsusparchsuspend (jsc#SLE-11178).
  • s390/test_unwind: print verbose unwinding results (jsc#SLE-11178).
  • s390/unwind: add stack pointer alignment sanity checks (jsc#SLE-11178).
  • s390/unwind: always inline getstackpointer (jsc#SLE-11178).
  • s390/unwind: avoid int overflow in outsideofstack (jsc#SLE-11178).
  • s390/unwind: cleanup unused READONCETASK_STACK (jsc#SLE-11178).
  • s390/unwind: correct stack switching during unwind (jsc#SLE-11178).
  • s390/unwind: drop unnecessary code around calling ftracegraphret_addr() (jsc#SLE-11178).
  • s390/unwind: filter out unreliable bogus %r14 (jsc#SLE-11178).
  • s390/unwind: fix getstackpointer(NULL, NULL) (jsc#SLE-11178).
  • s390/unwind: fix mixing regs and sp (jsc#SLE-11178).
  • s390/unwind: introduce stack unwind API (jsc#SLE-11178).
  • s390/unwind: make reusesp default when unwinding ptregs (jsc#SLE-11178).
  • s390/unwind: remove stack recursion warning (jsc#SLE-11178).
  • s390/unwind: report an error if pt_regs are not on stack (jsc#SLE-11178).
  • s390/unwind: start unwinding from reliable state (jsc#SLE-11178).
  • s390/unwind: stop gracefully at task pt_regs (jsc#SLE-11178).
  • s390/unwind: stop gracefully at user mode pt_regs in irq stack (jsc#SLE-11178).
  • s390/unwind: unify task is current checks (jsc#SLE-11178).
  • s390: add stack switch helper (jsc#SLE-11178).
  • s390: add support for virtually mapped kernel stacks (jsc#SLE-11178).
  • s390: always inline currentstackpointer() (jsc#SLE-11178).
  • s390: always inline disabled_wait (jsc#SLE-11178).
  • s390: avoid misusing CALLONSTACK for task stack setup (jsc#SLE-11178).
  • s390: clean up stacks setup (jsc#SLE-11178).
  • s390: correct CALLONSTACK back_chain saving (jsc#SLE-11178).
  • s390: disable preemption when switching to nodat stack with CALLONSTACK (jsc#SLE-11178).
  • s390: fine-tune stack switch helper (jsc#SLE-11178).
  • s390: fix register clobbering in CALLONSTACK (jsc#SLE-11178).
  • s390: kabi workaround for ftraceretstack (jsc#SLE-11178).
  • s390: kabi workaround for lowcore changes due to vmap stack (jsc#SLE-11178).
  • s390: kabi workaround for reliable stack tracing (jsc#SLE-11178).
  • s390: preserve kabi for stack unwind API (jsc#SLE-11178).
  • s390: unify stack size definitions (jsc#SLE-11178).
  • scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1154601).
  • scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs (bsc#1158013).
  • scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (bsc#1158013).
  • scsi: qla2xxx: Cleanup unused asynclogoutdone (bsc#1158013).
  • scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).
  • scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).
  • scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).
  • scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).
  • scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).
  • scsi: qla2xxx: Fix stuck login session using prlipendtimer (bsc#1158013).
  • scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).
  • scsi: qla2xxx: Fix the endianness of the qla82xxgetfw_size() return type (bsc#1158013).
  • scsi: qla2xxx: Fix updatefcport for currenttopology (bsc#1158013).
  • scsi: qla2xxx: Improve readability of the code that handles qlafltheader (bsc#1158013).
  • scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (bsc#1158013).
  • scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).
  • scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).
  • scsi: qla2xxx: Use getunaligned*() instead of open-coding these functions (bsc#1158013).
  • sctp: cache netns in sctpepcommon (networking-stable-191203).
  • sfc: Only cancel the PPS workqueue if it exists (networking-stable-191125).
  • sfc: Remove 'PCIE error reporting unavailable' (bsc#1161472).
  • smb3: Fix crash in SMB2openinit due to uninitialized field in compounding path (bsc#1144333).
  • smb3: Fix persistent handles reconnect (bsc#1144333).
  • smb3: fix refcount underflow warning on unmount when no directory leases (bsc#1144333).
  • smb3: remove confusing dmesg when mounting with encryption ('seal') (bsc#1144333).
  • stacktrace: Do not skip first entry on noncurrent tasks (jsc#SLE-11178).
  • stacktrace: Force USERDS for stacktracesaveuser() (jsc#SLE-11178).
  • stacktrace: Get rid of unneeded '!!' pattern (jsc#SLE-11178).
  • stacktrace: Provide common infrastructure (jsc#SLE-11178).
  • stacktrace: Provide helpers for common stack trace operations (jsc#SLE-11178).
  • stacktrace: Unbreak stacktracesavetskreliable() (jsc#SLE-11178).
  • stacktrace: Use PF_KTHREAD to check for kernel threads (jsc#SLE-11178).
  • tcp: clear tp->packets_out when purging write queue (bsc#1160560).
  • tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable 4.14.159).
  • tcp: md5: fix potential overestimation of TCP option space (networking-stable-191216).
  • tracing: Cleanup stack trace code (jsc#SLE-11178).
  • tracing: Have the histogram compare functions convert to u64 first (bsc#1160210).
  • workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).
  • x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks (bsc#1114279).
  • x86/MCE/AMD: Do not use rdmsrsafeoncpu() in smcaconfigure() (bsc#1114279).
  • x86/kgbd: Use NMIVECTOR not APICDM_NMI (bsc#1114279).
  • x86/mce/AMD: Allow any CPU to initialize the smca_banks array (bsc#1114279).
  • x86/mce: Fix possibly incorrect severity calculation on AMD (bsc#1114279).
  • x86/resctrl: Fix an imbalance in domainremovecpu() (bsc#1114279).
  • x86/resctrl: Fix potential memory leak (bsc#1114279).
  • xen-blkfront: switch kcalloc to kvcalloc for large array allocation (bsc#1160917).
  • xen/blkfront: Adjust indentation in xlvbdallocgendisk (bsc#1065600).
  • xfs: Fix tail rounding in xfsallocfile_space() (bsc#1161087, bsc#1153917).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-6.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-6.3.1",
            "dlm-kmp-rt": "4.12.14-6.3.1",
            "gfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug": "4.12.14-6.3.1",
            "kernel-rt-devel": "4.12.14-6.3.1",
            "cluster-md-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug-devel": "4.12.14-6.3.1",
            "kernel-source-rt": "4.12.14-6.3.1",
            "kernel-rt": "4.12.14-6.3.1",
            "ocfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-syms-rt": "4.12.14-6.3.1",
            "kernel-rt-base": "4.12.14-6.3.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-6.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-6.3.1",
            "dlm-kmp-rt": "4.12.14-6.3.1",
            "gfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug": "4.12.14-6.3.1",
            "kernel-rt-devel": "4.12.14-6.3.1",
            "cluster-md-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug-devel": "4.12.14-6.3.1",
            "kernel-source-rt": "4.12.14-6.3.1",
            "kernel-rt": "4.12.14-6.3.1",
            "ocfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-syms-rt": "4.12.14-6.3.1",
            "kernel-rt-base": "4.12.14-6.3.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-6.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-6.3.1",
            "dlm-kmp-rt": "4.12.14-6.3.1",
            "gfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug": "4.12.14-6.3.1",
            "kernel-rt-devel": "4.12.14-6.3.1",
            "cluster-md-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug-devel": "4.12.14-6.3.1",
            "kernel-source-rt": "4.12.14-6.3.1",
            "kernel-rt": "4.12.14-6.3.1",
            "ocfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-syms-rt": "4.12.14-6.3.1",
            "kernel-rt-base": "4.12.14-6.3.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-6.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-6.3.1",
            "dlm-kmp-rt": "4.12.14-6.3.1",
            "gfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug": "4.12.14-6.3.1",
            "kernel-rt-devel": "4.12.14-6.3.1",
            "cluster-md-kmp-rt": "4.12.14-6.3.1",
            "kernel-rt_debug-devel": "4.12.14-6.3.1",
            "kernel-source-rt": "4.12.14-6.3.1",
            "kernel-rt": "4.12.14-6.3.1",
            "ocfs2-kmp-rt": "4.12.14-6.3.1",
            "kernel-syms-rt": "4.12.14-6.3.1",
            "kernel-rt-base": "4.12.14-6.3.1"
        }
    ]
}