SUSE-SU-2020:2905-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2020/suse-su-20202905-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2905-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2020:2905-1

Related

Published

2020-10-13T13:49:03Z

Modified

2020-10-13T13:49:03Z

Summary

Security update for the Linux Kernel

Details

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990).
CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721).
CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725).
CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011).
CVE-2019-25643: Fixed an improper input validation in pppcpparse_cr function which could have led to memory corruption and read overflow (bsc#1177206).
CVE-2020-25641: Fixed ann issue where length bvec was causing softlockups (bsc#1177121).

The following non-security bugs were fixed:

9p: Fix memory leak in v9fs_mount (git-fixes).
ACPI: EC: Reference count query handlers under lock (git-fixes).
airo: Add missing CAPNETADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes).
airo: Fix read overflows sending packets (git-fixes).
ALSA: asihpi: fix iounmap in error handler (git-fixes).
ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes).
ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes).
ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes).
altera-stapl: alteragetnote: prevent write beyond end of 'key' (git-fixes).
ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes).
arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#SLE-4084).
arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084).
asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178).
ASoC: kirkwood: fix IRQ error handling (git-fixes).
ASoC: tegra: Fix reference count leaks (git-fixes).
ath10k: fix array out-of-bounds access (git-fixes).
ath10k: fix memory leak for tpcstatsfinal (git-fixes).
ath10k: use kzalloc to read for ath10ksdiohifdiagread (git-fixes).
batman-adv: Add missing include for in_interrupt() (git-fixes).
batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
batman-adv: bla: use netifrxni when not in interrupt context (git-fixes).
batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes).
batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
bcache: Convert pr_<level> uses to a more typical style (git fixes (block drivers)).
bcache: fix overflow in offsettostripe() (git fixes (block drivers)).
bcm63xx_enet: correct clock usage (git-fixes).
bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes).
bitfield.h: do not compile-time validate val in FIELDFIT (git fixes (bitfield)).
blktrace: fix debugfs use after free (git fixes (block drivers)).
block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)).
block: revert back to synchronous request_queue removal (git fixes (block drivers)).
block: Use non rcu version of list functions for tagset_list (git-fixes).
Bluetooth: Fix refcount use-after-free issue (git-fixes).
Bluetooth: guard against controllers sending zero'd events (git-fixes).
Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes).
Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes).
Bluetooth: prefetch channel before killing sock (git-fixes).
bnxten: Fix completion ring sizing with TPA enabled (networking-stable-2007_29).
bonding: use nlagetu64 to extract the value for IFLABONDADACTORSYSTEM (git-fixes).
btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789).
btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
ceph: do not allow setlease on cephfs (bsc#1177041).
ceph: fix potential mdsc use-after-free crash (bsc#1177042).
ceph: fix use-after-free for fsc->mdsc (bsc#1177043).
ceph: handle zero-length feature mask in session messages (bsc#1177044).
cfg80211: regulatory: reject invalid hints (bsc#1176699).
cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
clk: Add (devm)clkget_optional() functions (git-fixes).
clk: rockchip: Fix initialization of muxpllsrc4pllsp (git-fixes).
clk: samsung: exynos4: mark 'chipid' clock as CLKIGNOREUNUSED (git-fixes).
clk/ti/adpll: allocate room for terminating null (git-fixes).
clocksource/drivers/h8300timer8: Fix wrong return value in h83008timer_init() (git-fixes).
cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#1176966).
dmaengine: athdmac: check return value of offinddevicebynode() in atdma_xlate() (git-fixes).
dmaengine: of-dma: Fix ofdmarouterxlate's ofdma_xlate handling (git-fixes).
dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes).
dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes).
dmaengine: zynqmp_dma: fix burst length configuration (git-fixes).
dm crypt: avoid truncating the logical block size (git fixes (block drivers)).
dm: fix redundant IO accounting for bios that need splitting (git fixes (block drivers)).
dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block drivers)).
dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)).
dm: report suspended device during destroy (git fixes (block drivers)).
dm rq: do not call blkmqqueuestopped() in dmstop_queue() (git fixes (block drivers)).
dm: use noio when sending kobject event (git fixes (block drivers)).
dm writecache: add condresched to loop in persistentmemory_claim() (git fixes (block drivers)).
dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)).
dm zoned: assign maxiolen correctly (git fixes (block drivers)).
drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes).
Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877).
Drivers: hv: vmbus: Add timeout to vmbuswaitfor_unload (git-fixes).
drivers/net/wan/x25asy: Fix to make it work (networking-stable-2007_29).
drm/amd/display: dalddci2cpayloadscreate can fail causing panic (git-fixes).
drm/amd/display: fix ref count leak in amdgpudrmioctl (git-fixes).
drm/amdgpu/display: fix ref count leak when pmruntimeget_sync fails (git-fixes).
drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes).
drm/amdgpu: fix ref count leak in amdgpudriveropen_kms (git-fixes).
drm/amdgpu: increase atombios cmd timeout (git-fixes).
drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table (git-fixes).
drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table (git-fixes).
drm/amdkfd: fix a memory leak issue (git-fixes).
drm/amdkfd: Fix reference count leaks (git-fixes).
drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context changes
drm/mediatek: Add exception handing in mtkdrmprobe() if component init fail (git-fixes).
drm/mediatek: Add missing putdevice() call in mtkhdmidtparse_pdata() (git-fixes).
drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes).
drm/msm: add shutdown support for display platform_driver (git-fixes).
drm/msm: Disable preemption on all 5xx targets (git-fixes).
drm/msm: fix leaks if initialization fails (git-fixes).
drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes
drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes).
drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes).
drm/nouveau/drm/noveau: fix reference count leak in nouveaufbconopen (git-fixes).
drm/nouveau: Fix reference count leak in nouveauconnectordetect (git-fixes).
drm/nouveau: fix reference count leak in nv50dispatomic_commit (git-fixes).
drm/nouveau: fix runtime pm imbalance on error (git-fixes).
drm/omap: fix possible object reference leak (git-fixes).
drm/radeon: fix multiple reference count leak (git-fixes).
drm/radeon: Prefer lower feedback dividers (git-fixes).
drm/radeon: revert 'Prefer lower feedback dividers' (git-fixes).
drm/sun4i: Fix dsi dcs long write function (git-fixes).
drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes).
drm/tve200: Stabilize enable/disable (git-fixes).
drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes).
e1000: Do not perform reset in reset_task if we are already down (git-fixes).
EDAC: Fix reference count leaks (bsc#1112178).
fbcon: prevent user font height or width change from causing (bsc#1112178)
Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950).
ftrace: Move RCU is watching check after recursion check (git-fixes).
ftrace: Setup correct FTRACEFLREGS flags for module (git-fixes).
gma/gma500: fix a memory disclosure bug due to uninitialized bytes (git-fixes).
gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes).
gtp: add missing gtpencapdisablesock() in gtpencap_enable() (git-fixes).
gtp: fix Illegal context switch in RCU read-side critical section (git-fixes).
gtp: fix use-after-free in gtp_newlink() (git-fixes).
Hide e21a4f3a930c as of its duplication
HID: hiddev: Fix slab-out-of-bounds write in hiddevioctlusage() (git-fixes).
hsr: use netdeverr() instead of WARNONCE() (bsc#1176659).
hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
hv_utils: return error if host timesysnc update is stale (bsc#1176877).
hwmon: (applesmc) check status earlier (git-fixes).
i2c: core: Do not fail PRP0001 enumeration when no ID table exist (git-fixes).
i2c: cpm: Fix i2c_ram structure (git-fixes).
ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
ieee802154/adf7242: check status of adf7242readreg (git-fixes).
ieee802154: fix one possible memleak in ca8210devcom_init (git-fixes).
iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes).
iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes).
iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
iio: adc: mcp3422: fix locking on error path (git-fixes).
iio: adc: mcp3422: fix locking scope (git-fixes).
iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
iio: improve IIO_CONCENTRATION channel type description (git-fixes).
iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes).
iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
include: add additional sizes (bsc#1094244 ltc#168122).
iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177293).
iommu/amd: Fix potential @entry null deref (bsc#1177294).
iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176316).
iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291).
iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317).
iommu/amd: Restore IRTE.RemapEn bit for amdiommuactivateguestmode (bsc#1177295).
iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318).
iommu/exynos: add missing putdevice() call in exynosiommuofxlate() (bsc#1177296).
iommu/omap: Check for failure of a call to omapiommudump_ctx (bsc#1176319).
iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320).
kernel-syms.spec.in: Also use bz compression (boo#1175882).
KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).
KVM: arm64: Cleanup _activatetraps and _deactivetraps for VHE and non-VHE (jsc#SLE-4084).
KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put for VHE (jsc#SLE-4084).
KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#SLE-4084).
KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE (jsc#SLE-4084).
KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#SLE-4084).
KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).
KVM: arm64: Do not save the host ELREL2 and SPSREL2 on VHE systems (jsc#SLE-4084).
KVM: arm64: Factor out fault info population and gic workarounds (jsc#SLE-4084).
KVM: arm64: Fix order of vcpuwritesys_reg() arguments (jsc#SLE-4084).
KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).
KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).
KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#SLE-4084).
KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions (jsc#SLE-4084).
KVM: arm64: Introduce VHE-specific kvmvcpurun (jsc#SLE-4084).
KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#SLE-4084).
KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#SLE-4084).
KVM: arm64: Move HCRINTOVERRIDE to default HCR_EL2 guest flag (jsc#SLE-4084).
KVM: arm64: Move userspace system registers into separate function (jsc#SLE-4084).
KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers (jsc#SLE-4084).
KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#SLE-4084).
KVM: arm64: Remove kernhypva() use in VHE switch function (jsc#SLE-4084).
KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#SLE-4084).
KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).
KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).
KVM: arm64: Rewrite system register accessors to read/write functions (jsc#SLE-4084).
KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).
KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc#SLE-4084).
KVM: arm64: Write arch.mdcrel2 changes since last vcpuload on VHE (jsc#SLE-4084).
KVM: arm/arm64: Avoid vcpuload for other vcpu ioctls than KVMRUN (jsc#SLE-4084).
KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#SLE-4084).
KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).
KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE (jsc#SLE-4084).
KVM: arm/arm64: Move vcpuload call after kvmvcpufirstrun_init (jsc#SLE-4084).
KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084).
KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#SLE-4084).
KVM: arm/arm64: Remove leftover comment from kvmvcpurun_vhe (jsc#SLE-4084).
KVM: introduce kvmarchvcpuasyncioctl (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlgetfpu (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlgetmpstate (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlgetregs (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctl (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctl_run (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlsetfpu (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlsetguest_debug (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlsetmpstate (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlsetregs (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctlsetsregs (jsc#SLE-4084).
KVM: Move vcpuload to arch-specific kvmarchvcpuioctl_translate (jsc#SLE-4084).
KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#SLE-4084).
KVM: Prepare for moving vcpuload/vcpuput into arch specific code (jsc#SLE-4084).
KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).
KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM (bsc#1176321).
KVM: SVM: fix svnpinmemory()'s use of getuserpages_fast() (bsc#1112178).
KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).
libceph: allow setting abortonfull for rbd (bsc#1169972).
libnvdimm: cover up nvdimmsecurityops changes (bsc#1171742).
libnvdimm: cover up struct nvdimm changes (bsc#1171742).
libnvdimm/security, acpi/nfit: unify zero-key for all security commands (bsc#1171742).
libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
lib/raid6: use vdupqnu8 to avoid endianness warnings (git fixes (block drivers)).
mac802154: tx: fix use-after-free (git-fixes).
md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)).
media: davinci: vpif_capture: fix potential double free (git-fixes).
media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes).
media: smiapp: Fix error handling at NVM reading (git-fixes).
media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).
mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes).
mm: Avoid calling buildallzonelists_init under hotplug context (bsc#1154366).
mmc: cqhci: Add cqhci_deactivate() (git-fixes).
mmc: sdhci-msm: Add retries when all tuning phases are found valid (git-fixes).
mmc: sdhci-pci: Fix SDHCIRESETALL for CQHCI for Intel GLK-based controllers (git-fixes).
mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes).
mm/pagealloc.c: fix a crash in freepages_prepare() (git fixes (mm/pgalloc)).
mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/vmalloc)).
mtd: cficmdset0002: do not free cfi->cfiq in error path of cfiamdstdsetup() (git-fixes).
mtd: lpddr: Fix a double free in probe() (git-fixes).
mtd: phram: fix a double free issue in error path (git-fixes).
mtd: properly check all write ioctls for permissions (git-fixes).
net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).
net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).
net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).
net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).
net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).
net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185g1vtu_loadpurge() (git-fixes).
net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).
net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).
net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).
net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).
net: ethernet: mlx4: Fix memory allocation in mlx4buddyinit() (git-fixes).
net: fsenet: do not call phystop() in interrupts (git-fixes).
net: initialize fastreuse on inetinheritport (networking-stable-200815).
net: lan78xx: Bail out if lan78xxgetendpoints fails (git-fixes).
net: lan78xx: replace bogus endpoint lookup (networking-stable-200808).
net: lio_core: fix potential sign-extension overflow on large shift (git-fixes).
net/mlx5: Add meaningful return codes to statustoerr function (git-fixes).
net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).
net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded (git-fixes).
net: mvneta: fix mtu change on port without link (git-fixes).
net-next: ax88796: Do not free IRQ in axremove() (already freed in axclose()) (git-fixes).
net/nfc/rawsock.c: add CAPNETRAW check (networking-stable-200815).
net: qca_spi: Avoid packet drop during initial sync (git-fixes).
net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).
net: refactor bindbucket fastreuse into helper (networking-stable-2008_15).
net/smc: fix dmb buffer shortage (git-fixes).
net/smc: fix restoring of fallback changes (git-fixes).
net/smc: fix sock refcounting in case of termination (git-fixes).
net/smc: improve close of terminated socket (git-fixes).
net/smc: Prevent kernel-infoleak in _smcdiag_dump() (git-fixes).
net/smc: remove freed buffer from list (git-fixes).
net/smc: reset sndbuf_desc if freed (git-fixes).
net/smc: set rx_off for SMCR explicitly (git-fixes).
net/smc: switch smcddevlist spinlock to mutex (git-fixes).
net/smc: tolerate future SMCD versions (git-fixes).
net: stmmac: call correct function in stmmacmacconfigrxqueues_routing() (git-fixes).
net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).
net: stmmac: do not stop NAPI processing when dropping a packet (git-fixes).
net: stmmac: dwmac4: fix flow control issue (git-fixes).
net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset function (git-fixes).
net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array (git-fixes).
net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration (git-fixes).
net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b (git-fixes).
net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs (git-fixes).
net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode (git-fixes).
net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock (git-fixes).
net: stmmac: Fix error handling path in 'allocdmarxdescresources()' (git-fixes).
net: stmmac: Fix error handling path in 'allocdmatxdescresources()' (git-fixes).
net: stmmac: rename dwmac4txqueue_routing() to match reality (git-fixes).
net: stmmac: set MSS for each tx DMA channel (git-fixes).
net: stmmac: Use correct values in TQS/RQS fields (git-fixes).
net-sysfs: add a newline when printing 'txtimeout' by sysfs (networking-stable-2007_29).
net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).
net: systemport: Fix sparse warnings in bcmsysportinsert_tsb() (git-fixes).
net: tulip: de4x5: Drop redundant MODULEDEVICETABLE() (git-fixes).
net: ucc_geth - fix Oops when changing number of buffers in the ring (git-fixes).
NFSv4: do not mark all open state for recovery when handling recallable state revoked flag (bsc#1176935).
nvme-fc: set max_segments to lldd max value (bsc#1176038).
nvme-pci: override the value of the controller's numa node (bsc#1176507).
ocfs2: give applications more IO opportunities during fstrim (bsc#1175228).
omapfb: fix multiple reference count leaks due to pmruntimeget_sync (git-fixes).
PCI/ASPM: Allow re-enabling Clock PM (git-fixes).
PCI: Fix pcicreateslot() reference count leak (git-fixes).
PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).
PCI: qcom: Add missing reset for ipq806x (git-fixes).
PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).
PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).
PCI: rcar: Fix incorrect programming of OB windows (git-fixes).
phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).
pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).
powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#168122).
powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244 ltc#168122).
powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244 ltc#168122).
powerpc/64s: Include <asm/nmi.h> header file to fix a warning (bsc#1094244 ltc#168122).
powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#168122).
powerpc/64s: sreset panic if there is no debugger or crash dump handlers (bsc#1094244 ltc#168122).
powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#168122).
powerpc: Add cputimetonsecs() (bsc#1065729).
powerpc/book3s64/radix: Add kernel command line option to disable radix GTSE (bsc#1055186 ltc#153436).
powerpc/book3s64/radix: Fix boot failure with large amount of guest memory (bsc#1176022 ltc#187208).
powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
powerpc/init: Do not advertise radix during client-architecture-support (bsc#1055186 ltc#153436 ).
powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
powerpc/kernel: Enables memory hot-remove after reboot on pseries guests (bsc#1177030 ltc#187588).
powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).
powerpc/mm: Limit resizehptfor_hotplug() call to hash guests only (bsc#1177030 ltc#187588).
powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#1176022 ltc#187208).
powerpc/powernv: Remove real mode access limit for early allocations (bsc#1176022 ltc#187208).
powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436).
powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122).
powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).
powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
powerpc/pseries: Machine check use rtascallunlocked() with args on stack (bsc#1094244 ltc#168122).
powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022 ltc#187208).
powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244 ltc#168122).
powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244 ltc#168122).
powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#168122).
powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
powerpc/traps: fix recoverability of machine check handling on book3s/32 (bsc#1094244 ltc#168122).
powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244 ltc#168122).
powerpc/xmon: Use dcbf inplace of dcbi instruction for 64bit Book3S (bsc#1065729).
power: supply: max17040: Correct voltage reading (git-fixes).
rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes (rcu)).
regulator: push allocation in setconsumerdevice_supply() out of lock (git-fixes).
rpadlpario: Add MODULEDESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243).
rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#SLE-13618).
rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To avoid the unnecessary key enrollment, when enrolling the signing key of the kernel package, '--ca-check' is added to mokutil so that mokutil will ignore the request if the CA of the signing key already exists in MokList or UEFI db. Since the macro, %susekernelmodulesubpackage, is only defined in a kernel module package (KMP), it's used to determine whether the %post script is running in a kernel package, or a kernel module package.
rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#1176698) The '-c' option wasn't passed down to %kernelmodule_package so the ueficert subpackage wasn't generated even if the certificate is specified in the spec file.
rtc: ds1374: fix possible race condition (git-fixes).
rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
rxrpc: Fix race between recvmsg and sendmsg on immediate call failure (networking-stable-200808).
rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA (networking-stable-200729).
s390/mm: fix huge pte soft dirty copying (git-fixes).
s390/qeth: do not process empty bridge port events (git-fixes).
s390/qeth: integrate RX refill worker with NAPI (git-fixes).
s390/qeth: tolerate pre-filled RX buffer (git-fixes).
scsi: fcoe: Memory leak fix in fcoesysfsfcf_del() (bsc#1174899).
scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675).
scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#188304).
scsi: ibmvfc: Use compiler attribute defines instead of attribute() (bsc#1176962 ltc#188304).
scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
scsi: libfc: Fix for double free() (bsc#1174899).
scsi: libfc: free response frame from GPN_ID (bsc#1174899).
scsi: libfc: Free skb in fcdiscgpnidresp() for valid cases (bsc#1174899).
scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
scsi: qla2xxx: Fix the return value (bsc#1171688).
scsi: qla2xxx: Fix the size used in a 'dmafreecoherent()' call (bsc#1171688).
scsi: qla2xxx: Fix wrong return value in qlanvmeregister_hba() (bsc#1171688).
scsi: qla2xxx: Fix wrong return value in qltchkunresolv_exchg() (bsc#1171688).
scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
scsi: qla2xxx: Log calling function name in qla2x00getspfromhandle() (bsc#1171688).
scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
scsi: qla2xxx: Simplify return value logic in qla2x00getspfromhandle() (bsc#1171688).
scsi: qla2xxx: Suppress two recently introduced compiler warnings (git-fixes).
scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1171688).
sdhci: tegra: Remove SDHCIQUIRKDATATIMEOUTUSES_SDCLK for Tegra186 (git-fixes).
sdhci: tegra: Remove SDHCIQUIRKDATATIMEOUTUSES_SDCLK for Tegra210 (git-fixes).
serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes).
serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes).
serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).
Set CONFIGHAVEKVMVCPUASYNC_IOCTL=y (jsc#SLE-4084).
SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546).
SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
stmmac: Do not access txq->dirtytx before netiftxlock (git-fixes).
tcp: apply a floor of 1 for RTT samples from TCP timestamps (networking-stable-200808).
thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 (git-fixes).
tools/power/cpupower: Fix initializer override in hswextcstates (bsc#1112178).
USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
USB: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes).
USB: EHCI: ehci-mv: fix error handling in mvehciprobe() (git-fixes).
USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes).
USB: Fix out of sync data toggle if a configured device is reconfigured (git-fixes).
USB: gadget: fncm: add bounds checks to ncmunwrap_ntb() (git-fixes).
USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).
USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
USB: hso: check for return value in hsoserialcommoncreate() (networking-stable-2008_08).
usblp: fix race between disconnect() and read() (git-fixes).
USB: lvtest: return proper error code in probe (git-fixes).
usbnet: ipheth: fix potential null pointer dereference in iphethcarrierset (git-fixes).
USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).
USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
USB: quirks: Add USBQUIRKIGNOREREMOTEWAKEUP quirk for BYD zhaoxin notebook (git-fixes).
USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D (git-fixes).
USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules (git-fixes).
USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
USB: sisusbvga: Fix a potential UB casued by left shifting a negative value (git-fixes).
USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
USB: uas: Add quirk for PNY Pro Elite (git-fixes).
USB: UAS: fix disconnect by unplugging a hub (git-fixes).
USB: yurex: Fix bad gfp argument (git-fixes).
vgacon: remove software scrollback support (bsc#1176278).
video: fbdev: fix OOB read in vga8planesimageblit() (git-fixes).
virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes (block drivers)).
vrf: prevent adding upper devices (git-fixes).
vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes).
x86/fsgsbase/64: Fix NULL deref in 86fsgsbaseread_task (bsc#1112178).
xen: do not reschedule in preemption off sections (bsc#1175749).
xen/events: do not use chip_data for legacy IRQs (bsc#1065600).
xen uses irqdesc::irqdatacommon::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (bsc#1065600).
xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
yam: fix possible memory leak in yaminitdriver (git-fixes).

References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-197.61.1",
            "kernel-devel": "4.12.14-197.61.1",
            "kernel-default-base": "4.12.14-197.61.1",
            "kernel-default-man": "4.12.14-197.61.1",
            "kernel-default-devel": "4.12.14-197.61.1",
            "kernel-default": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-197.61.1",
            "kernel-devel": "4.12.14-197.61.1",
            "kernel-default-base": "4.12.14-197.61.1",
            "kernel-default-man": "4.12.14-197.61.1",
            "kernel-default-devel": "4.12.14-197.61.1",
            "kernel-default": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP1 / kernel-zfcpdump

Package

Name: kernel-zfcpdump
Purl: purl:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-197.61.1",
            "kernel-devel": "4.12.14-197.61.1",
            "kernel-default-base": "4.12.14-197.61.1",
            "kernel-default-man": "4.12.14-197.61.1",
            "kernel-default-devel": "4.12.14-197.61.1",
            "kernel-default": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP1 / kernel-docs

Package

Name: kernel-docs
Purl: purl:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-197.61.1",
            "kernel-syms": "4.12.14-197.61.1",
            "kernel-source": "4.12.14-197.61.1",
            "kernel-obs-build": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP1 / kernel-obs-build

Package

Name: kernel-obs-build
Purl: purl:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-197.61.1",
            "kernel-syms": "4.12.14-197.61.1",
            "kernel-source": "4.12.14-197.61.1",
            "kernel-obs-build": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP1 / kernel-source

Package

Name: kernel-source
Purl: purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-197.61.1",
            "kernel-syms": "4.12.14-197.61.1",
            "kernel-source": "4.12.14-197.61.1",
            "kernel-obs-build": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP1 / kernel-syms

Package

Name: kernel-syms
Purl: purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-197.61.1",
            "kernel-syms": "4.12.14-197.61.1",
            "kernel-source": "4.12.14-197.61.1",
            "kernel-obs-build": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Legacy 15 SP1 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-default": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP1 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "4.12.14-197.61.1",
            "kernel-default-livepatch-devel": "4.12.14-197.61.1",
            "kernel-livepatch-4_12_14-197_61-default": "1-3.5.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP1 / kernel-livepatch-SLE15-SP1_Update_16

Package

Name: kernel-livepatch-SLE15-SP1_Update_16
Purl: purl:rpm/suse/kernel-livepatch-SLE15-SP1_Update_16&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1-3.5.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "4.12.14-197.61.1",
            "kernel-default-livepatch-devel": "4.12.14-197.61.1",
            "kernel-livepatch-4_12_14-197_61-default": "1-3.5.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 15 SP1 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.12.14-197.61.1",
            "gfs2-kmp-default": "4.12.14-197.61.1",
            "ocfs2-kmp-default": "4.12.14-197.61.1",
            "cluster-md-kmp-default": "4.12.14-197.61.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 15 SP1 / kernel-default

Package

Name: kernel-default
Purl: purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.12.14-197.61.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.12.14-197.61.1"
        }
    ]
}