SUSE-SU-2020:3484-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203484-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3484-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3484-1
Related
Published
2020-11-23T11:49:49Z
Modified
2020-11-23T11:49:49Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive various security and bug fixes.

The following security bugs were fixed:

  • CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782).
  • CVE-2020-8694: Insufficient access control for some Intel(R) Processors may have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1170415).
  • CVE-2020-25668: Fixed a use-after-free in confontop() (bsc#1178123).
  • CVE-2020-25704: Fixed a memory leak in perfeventparseaddrfilter() (bsc#1178393).
  • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
  • CVE-2020-25656: Fixed a concurrency use-after-free in vtdokdgkb_ioctl (bnc#1177766).
  • CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485).
  • CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723).
  • CVE-2020-14351: Fixed a race in the perfmmapclose() function (bsc#1177086).
  • CVE-2020-16120: Fixed a permissions issue in ovlpathopen() (bsc#1177470).
  • CVE-2020-12351: Implemented a kABI workaround for bluetooth l2cap_ops filter addition (bsc#1177724).
  • CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' (bsc#1177725).
  • CVE-2020-25212: Fixed a TOCTOU mismatch in the NFS client code (bnc#1176381).
  • CVE-2020-25645: Fixed an an issue in IPsec that caused traffic between two Geneve endpoints to be unencrypted (bnc#1177511).

The following non-security bugs were fixed:

  • 9P: Cast to loff_t before multiplying (git-fixes).
  • acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
  • ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
  • ACPI: dock: fix enum-conversion warning (git-fixes).
  • ACPI / extlog: Check for RDMSR failure (git-fixes).
  • ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
  • ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
  • ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
  • ALSA: compress_offload: remove redundant initialization (git-fixes).
  • ALSA: core: init: use DECLARECOMPLETIONONSTACK() macro (git-fixes).
  • ALSA: core: pcm: simplify locking for timers (git-fixes).
  • ALSA: core: timer: clarify operator precedence (git-fixes).
  • ALSA: core: timer: remove redundant assignment (git-fixes).
  • ALSA: ctl: Workaround for lockdep warning wrt card->ctlfilesrwlock (git-fixes).
  • ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
  • ALSA: hda - Do not register a cb func if it is registered already (git-fixes).
  • ALSA: hda - Fix the return value if cb func is already registered (git-fixes).
  • ALSA: hda: prevent undefined shift in sndhdacextbusget_link() (git-fixes).
  • ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes).
  • ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes).
  • ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes).
  • ALSA: hda: use semicolons rather than commas to separate statements (git-fixes).
  • ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
  • ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
  • ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
  • ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
  • ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
  • ALSA: usb-audio: fix spelling mistake 'Frequence' -> 'Frequency' (git-fixes).
  • amd-xgbe: Add a check for an skb in the timestamp path (git-fixes).
  • amd-xgbe: Add additional dynamic debug messages (git-fixes).
  • amd-xgbe: Add additional ethtool statistics (git-fixes).
  • amd-xgbe: Add ethtool show/set channels support (git-fixes).
  • amd-xgbe: Add ethtool show/set ring parameter support (git-fixes).
  • amd-xgbe: Add ethtool support to retrieve SFP module info (git-fixes).
  • amd-xgbe: Add hardware features debug output (git-fixes).
  • amd-xgbe: Add NUMA affinity support for IRQ hints (git-fixes).
  • amd-xgbe: Add NUMA affinity support for memory allocations (git-fixes).
  • amd-xgbe: Add per queue Tx and Rx statistics (git-fixes).
  • amd-xgbe: Advertise FEC support with the KR re-driver (git-fixes).
  • amd-xgbe: Always attempt link training in KR mode (git-fixes).
  • amd-xgbe: Be sure driver shuts down cleanly on module removal (git-fixes).
  • amd-xgbe: Convert to generic power management (git-fixes).
  • amd-xgbe: Fix debug output of max channel counts (git-fixes).
  • amd-xgbe: Fix error path in xgbemodinit() (git-fixes).
  • amd-xgbe: Fixes for working with PHYs that support 2.5GbE (git-fixes).
  • amd-xgbe: Fix SFP PHY supported/advertised settings (git-fixes).
  • amd-xgbe: fix spelling mistake: 'avialable' -> 'available' (git-fixes).
  • amd-xgbe: Handle return code from software reset function (git-fixes).
  • amd-xgbe: Improve SFP 100Mbps auto-negotiation (git-fixes).
  • amd-xgbe: Interrupt summary bits are h/w version dependent (git-fixes).
  • amd-xgbe: Limit the I2C error messages that are output (git-fixes).
  • amd-xgbe: Mark expected switch fall-throughs (git-fixes).
  • amd-xgbe: Optimize DMA channel interrupt enablement (git-fixes).
  • amd-xgbe: Prepare for ethtool set-channel support (git-fixes).
  • amd-xgbe: Read and save the port property registers during probe (git-fixes).
  • amd-xgbe: Remove field that indicates SFP diagnostic support (git-fixes).
  • amd-xgbe: remove unnecessary conversion to bool (git-fixes).
  • amd-xgbe: Remove use of comm_owned field (git-fixes).
  • amd-xgbe: Set the MDIO mode for 10000Base-T configuration (git-fixes).
  • amd-xgbe: Simplify the burst length settings (git-fixes).
  • amd-xgbe: use devmplatformioremap_resource() to simplify code (git-fixes).
  • amd-xgbe: use dmamappingerror to check map errors (git-fixes).
  • amd-xgbe: Use _napischedule() in BH context (git-fixes).
  • amd-xgbe: Use the proper register during PTP initialization (git-fixes).
  • ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
  • ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
  • ata: sata_rcar: Fix DMA boundary mask (git-fixes).
  • ath10k: check idx validity in _ath10khttrxringfilln() (git-fixes).
  • ath10k: Fix the size used in a 'dmafreecoherent()' call in an error handling path (git-fixes).
  • ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
  • ath10k: provide survey info as accumulated data (git-fixes).
  • ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
  • ath6kl: prevent potential array overflow in ath6kladdnew_sta() (git-fixes).
  • ath9k: Fix potential out of bounds in ath9khtctxcompletion_cb() (git-fixes).
  • ath9k: hifusb: fix race condition between usbgeturb() and usbkillanchoredurbs() (git-fixes).
  • backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes).
  • blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750).
  • block: ensure bdi->io_pages is always initialized (bsc#1177749).
  • Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
  • Bluetooth: Only mark socket zapped after unlocking (git-fixes).
  • bnxt: do not enable NAPI until rings are ready (networking-stable-200911).
  • bnxten: Check for zero dir entries in NVRAM (networking-stable-2009_11).
  • bpf: Zero-fill re-used per-cpu map element (git-fixes).
  • brcm80211: fix possible memleak in brcmfprotomsgbuf_attach (git-fixes).
  • brcmfmac: check ndev pointer (git-fixes).
  • brcmsmac: fix memory leak in wlcphyattach_lcnphy (git-fixes).
  • btrfs: check the right error variable in btrfsdeldirentriesin_log (bsc#1177687).
  • btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
  • btrfs: do not set the full sync flag on the inode during page release (bsc#1177687).
  • btrfs: fix incorrect updating of log root tree (bsc#1177687).
  • btrfs: fix race between page release and a fast fsync (bsc#1177687).
  • btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687).
  • btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687).
  • btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856).
  • btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855).
  • btrfs: reduce contention on log trees when logging checksums (bsc#1177687).
  • btrfs: release old extent maps during page release (bsc#1177687).
  • btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687).
  • btrfs: remove root usage from can_overcommit (bsc#1131277).
  • btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687).
  • btrfs: take overcommit into account in incblockgroup_ro (bsc#1176560).
  • btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861).
  • bus/fslmc: Do not rely on caller to provide non NULL mcio (git-fixes).
  • can: cancreateechoskb(): fix echo skb generation: always use skbclone() (git-fixes).
  • can: ccan: regmap{c,d}can: mark as _maybeunused (git-fixes).
  • can: dev: _cangetechoskb(): fix real payload length return value for RTR frames (git-fixes).
  • can: dev: cangetechoskb(): prevent call to kfreeskb() in hard IRQ context (git-fixes).
  • can: flexcan: flexcanchipstop(): add error handling and propagate error value (git-fixes).
  • can: peakcanfd: pucanhandlecanrx(): fix echo management when loopback is on (git-fixes).
  • can: peak_usb: add range checking in decode operations (git-fixes).
  • can: peakusb: peakusbgetts_time(): fix timestamp wrapping (git-fixes).
  • can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
  • can: softing: softingcardshutdown(): add braces around empty body in an 'if' statement (git-fixes).
  • ceph: fix memory leak in cephcleanupsnapid_map() (bsc#1178234).
  • ceph: map snapid to anonymous bdev ID (bsc#1178234).
  • ceph: promote to unsigned long long before shifting (bsc#1178187).
  • clk: at91: clk-main: update key before writing AT91CKGRMOR (git-fixes).
  • clk: at91: remove the checking of parent_name (git-fixes).
  • clk: bcm2835: add missing release if devmclkhw_register fails (git-fixes).
  • clk: imx8mq: Fix usdhc parents order (git-fixes).
  • clk: ti: clockdomain: fix static checker warning (git-fixes).
  • coredump: fix crash when umh is disabled (bsc#1177753).
  • crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
  • crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
  • crypto: ccp - fix error handling (git-fixes).
  • crypto: ixp4xx - Fix the size used in a 'dmafreecoherent()' call (git-fixes).
  • crypto: mediatek - Fix wrong return value in mtkdescring_alloc() (git-fixes).
  • crypto: omap-sham - fix digcnt register handling with export/import (git-fixes).
  • cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
  • cypto: mediatek - fix leaks in mtkdescring_alloc (git-fixes).
  • device property: Do not clear secondary pointer for shared primary firmware node (git-fixes).
  • device property: Keep secondary firmware node secondary by type (git-fixes).
  • Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes
  • dmaengine: dma-jz4780: Fix race in jz4780dmatx_status (git-fixes).
  • docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
  • drbd: code cleanup by using sendpageok() to check page for kernelsendpage() (bsc#1172873).
  • drivers: net: add missing interrupt.h include (git-fixes).
  • drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (git-fixes).
  • drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes).
  • drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes).
  • drm/amdgpu: do not map BO in reserved region (git-fixes).
  • drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
  • drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes).
  • drm/brige/megachips: Add checking if geb850v3lvds_init() is working correctly (git-fixes).
  • drm/gma500: fix error check (git-fixes).
  • drm/i915: Break up error capture compression loops with cond_resched() (git-fixes).
  • drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
  • drm/imx: tve remove extraneous type qualifier (git-fixes).
  • drm/msm: Drop debug print in dpucrtcsetuplm_bounds() (git-fixes).
  • drm/nouveau/mem: guard against NULL pointer access in mem_del (git-fixes).
  • drm/sun4i: mixer: Extend regmap max_register (git-fixes).
  • drm/ttm: fix eviction valuable range check (git-fixes).
  • drm/vc4: drv: Add error handding for bind (git-fixes).
  • Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838).
  • ea43d9709f72 ('nvme: fix identify error status silent ignore')
  • EDAC/i5100: Fix error handling order in i5100initone() (bsc#1112178).
  • eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
  • efivarfs: Replace invalid slashes with exclamation marks in dentries (git-fixes).
  • Fix use after free in getcapsetinfo callback (git-fixes).
  • ftrace: Fix recursion check for NMI test (git-fixes).
  • ftrace: Handle tracing when switching between context (git-fixes).
  • gre6: Fix reception with IP6TNLFRCVDSCPCOPY (networking-stable-2008_24).
  • gtp: add GTPALINK info to msg sent to userspace (networking-stable-2009_11).
  • HID: roccat: add bounds checking in konesysfswrite_settings() (git-fixes).
  • HID: wacom: Avoid entering wacomwacpen_report for pad / battery (git-fixes).
  • hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
  • hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820).
  • hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820).
  • hypervfb: Update screeninfo after removing old framebuffer (bsc#1175306).
  • i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
  • i2c: meson: fix clock setting overwrite (git-fixes).
  • ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
  • ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
  • ibmvnic: fix ibmvnicsetmac (bsc#1066382 ltc#160943 git-fixes).
  • ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes).
  • icmp: randomize the global rate limiter (git-fixes).
  • iio:accel:bma180: Fix use of true when should be iiosharedby enum (git-fixes).
  • iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes).
  • iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
  • iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
  • iio:dac:ad5592r: Fix use of true for IIOSHAREDBY_TYPE (git-fixes).
  • iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio:magn:hmc5843: Fix passing true where iiosharedby enum required (git-fixes).
  • ima: Remove semicolon at the end of imagetbinaryruntimesize() (git-fixes).
  • include/linux/swapops.h: correct guards for nonswapentry() (git-fixes (mm/swap)).
  • Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
  • Input: ep93xxkeypad - fix handling of platformget_irq() error (git-fixes).
  • Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (git-fixes).
  • Input: imx6ultsc - clean up some errors in imx6ultsc_resume() (git-fixes).
  • Input: omap4-keypad - fix handling of platformgetirq() error (git-fixes).
  • Input: sun4i-ps2 - fix handling of platformgetirq() error (git-fixes).
  • Input: twl4030keypad - fix handling of platformget_irq() error (git-fixes).
  • iomap: Make sure iomapend is called after iomapbegin (bsc#1177754).
  • iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
  • ip: fix tos reflection in ack and reset packets (networking-stable-200924).
  • ipv4: Restore flowi4oif update before call to xfrmlookup_route (git-fixes).
  • iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
  • kbuild: enforce -Werror=return-type (bsc#1177281).
  • kernel-binary.spec.in: Package the objinstalldir as explicit filelist.
  • kthreadworker: prevent queuing delayed work from timerfn when it is being canceled (git-fixes).
  • leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
  • leds: mt6323: move period calculation (git-fixes).
  • libceph: clear con->outmsg on Policy::statefulserver faults (bsc#1178188).
  • libceph: use sendpageok() in cephtcp_sendpage() (bsc#1172873).
  • lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
  • livepatch: Test if -fdump-ipa-clones is really available
  • mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes).
  • mac80211: handle lack of sband->bitrates in rates (git-fixes).
  • macsec: avoid use-after-free in macsechandleframe() (git-fixes).
  • mailbox: avoid timer start from callback (git-fixes).
  • media: ati_remote: sanity check for both endpoints (git-fixes).
  • media: bdisp: Fix runtime PM imbalance on error (git-fixes).
  • media: exynos4-is: Fix a reference count leak due to pmruntimeget_sync (git-fixes).
  • media: exynos4-is: Fix a reference count leak (git-fixes).
  • media: exynos4-is: Fix several reference count leaks due to pmruntimeget_sync (git-fixes).
  • media: firewire: fix memory leak (git-fixes).
  • media: m5mols: Check function pointer in m5molssensorpower (git-fixes).
  • media: media/pci: prevent memory leak in bttv_probe (git-fixes).
  • media: omap3isp: Fix memleak in isp_probe (git-fixes).
  • media: platform: fcp: Fix a reference count leak (git-fixes).
  • media: platform: Improve queue set up flow for bug fixing (git-fixes).
  • media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes).
  • media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
  • media: Revert 'media: exynos4-is: Add missed check for pinctrllookupstate()' (git-fixes).
  • media: s5p-mfc: Fix a reference count leak (git-fixes).
  • media: saa7134: avoid a shift overflow (git-fixes).
  • media: st-delta: Fix reference count leak in deltarunwork (git-fixes).
  • media: sti: Fix reference count leaks (git-fixes).
  • media: tc358743: initialize variable (git-fixes).
  • media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
  • media: tuner-simple: fix regression in simplesetradio_freq (git-fixes).
  • media: tw5864: check status of tw5864frameintervalget (git-fixes).
  • media: usbtv: Fix refcounting mixup (git-fixes).
  • media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
  • media: vsp1: Fix runtime PM imbalance on error (git-fixes).
  • memcg: fix NULL pointer dereference in _memcgroupusageunregister_event (bsc#1177703).
  • memory: fsl-corenet-cf: Fix handling of platformgetirq() error (git-fixes).
  • memory: omap-gpmc: Fix a couple off by ones (git-fixes).
  • mfd: sm501: Fix leaks in probe() (git-fixes).
  • mic: vop: copy data to kernel space then write to io memory (git-fixes).
  • misc: mic: scif: Fix error handling path (git-fixes).
  • misc: rtsx: Fix memory leak in rtsxpciprobe (git-fixes).
  • misc: vop: add roundup(x,4) for vringsize to avoid kernel panic (git-fixes).
  • mlx5 PPC ringsize workaround (bsc#1173432).
  • mlx5: remove support for ibgetvector_affinity (bsc#1174748).
  • mmc: core: do not set limits.discard_granularity as 0 (git-fixes).
  • mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
  • mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
  • mmc: sdio: Check for CISTPLVERS1 buffer size (git-fixes).
  • mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
  • mm: hugetlb: switch to csstryget() in hugetlbcgroupchargecgroup() (git-fixes (mm/hugetlb)).
  • mm/ksm.c: do not WARN if page is still mapped in removestablenode() (git-fixes (mm/hugetlb)).
  • mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
  • mm: memcg: switch to csstryget() in getmemcgroupfrom_mm() (bsc#1177685).
  • mm/mempolicy.c: fix out of bounds write in mpolparsestr() (git-fixes (mm/mempolicy)).
  • mm/mempolicy.c: use match_string() helper to simplify the code (git-fixes (mm/mempolicy)).
  • mm, numa: fix bad pmd by atomically check for pmdtranshuge when marking page tables prot_numa (git-fixes (mm/numa)).
  • mm/pageowner.c: remove drainallpages from initearlyallocatedpages (git-fixes (mm/debug)).
  • mm/page-writeback.c: avoid potential division by zero in wbminmax_ratio() (git-fixes (mm/writeback)).
  • mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)).
  • mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide (git-fixes (mm/writeback)).
  • mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
  • mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes (mm/zsmalloc)).
  • mm/zsmalloc.c: fix race condition in zsdestroypool (git-fixes (mm/zsmalloc)).
  • mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)).
  • mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely (git-fixes (mm/zsmalloc)).
  • Move the upstreamed bluetooth fix into sorted section
  • Move the upstreamed powercap fix into sorted sectio
  • mtd: lpddr: Fix bad logic in printdrserror (git-fixes).
  • mtd: lpddr: fix excessive stack usage with clang (git-fixes).
  • mtd: mtdoops: Do not write panic data twice (git-fixes).
  • mwifiex: do not call deltimersync() on uninitialized timer (git-fixes).
  • mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
  • mwifiex: fix double free (git-fixes).
  • mwifiex: remove function pointer check (git-fixes).
  • mwifiex: Remove unnecessary braces from HostCmdSETSEQNOBSS_INFO (git-fixes).
  • net: 8390: Fix manufacturer name in Kconfig help text (git-fixes).
  • net: add WARNONCE in kernelsendpage() for improper zero-copy send (bsc#1172873).
  • net: amd: fix return type of ndostartxmit function (git-fixes).
  • net/amd: Remove useless driver version (git-fixes).
  • net: amd-xgbe: fix comparison to bitshift when dealing with a mask (git-fixes).
  • net: amd-xgbe: Get rid of custom hexdumpto_buffer() (git-fixes).
  • net: apple: Fix manufacturer name in Kconfig help text (git-fixes).
  • net: broadcom: Fix manufacturer name in Kconfig help text (git-fixes).
  • net: disable netpoll on fresh napis (networking-stable-200911).
  • net: fec: Fix phydevice lookup for phyresetafterclk_enable() (git-fixes).
  • net: fec: Fix PHY init after phyresetafterclkenable() (git-fixes).
  • netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
  • net: Fix potential wrong skb->protocol in skbvlanuntag() (networking-stable-200824).
  • net: hns: Fix memleak in hnsnicdevprobe (networking-stable-2009_11).
  • net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873).
  • net: ipv6: fix kconfig dependency warning for IPV6SEG6HMAC (networking-stable-200924).
  • netlabel: fix problems with mapping removal (networking-stable-200911).
  • net/mlx5e: Take common TIR context settings into a function (bsc#1177740).
  • net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740).
  • net: mvmdio: defer probe of orion-mdio if a clock is not ready (git-fixes).
  • net: phy: Avoid NPD upon phydetach() when driver is unbound (networking-stable-2009_24).
  • net: qrtr: fix usage of idr in port assignment to socket (networking-stable-200824).
  • net: systemport: Fix memleak in bcmsysportprobe (networking-stable-200911).
  • net: tc35815: Explicitly check NETIPALIGN is not zero in tc35815_rx (git-fixes).
  • net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-200911).
  • net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
  • net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
  • net: usb: rtl8150: set random MAC address when setethernetaddr() fails (git-fixes).
  • net: wireless: nl80211: fix out-of-bounds access in nl80211delkey() (git-fixes).
  • nfc: Ensure presence of NFCATTRFIRMWARENAME attribute in nfcgenlfwdownload() (git-fixes).
  • NFS: On fatal writeback errors, we need to call nfsinoderemove_request() (bsc#1177340).
  • NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).
  • NFSv4.1: fix handling of backchannel binding in BINDCONNTO_SESSION (bsc#1170630).
  • nl80211: fix non-split wiphy information (git-fixes).
  • NTB: hw: amd: fix an issue about leak system resources (git-fixes).
  • nvme: 59c7c3caaaf8 ('fix possible hang when ns scanning fails during error recovery')
  • nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748).
  • nvme: do not update disk info for multipathed device (bsc#1171558).
  • nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
  • nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
  • nvme: fix possible io failures when removing multipathed ns (bsc#1174748).
  • nvme: make nvmeidentifyns propagate errors back (bsc#1174748).
  • nvme: make nvmereportns_ids propagate error back (bsc#1174748).
  • nvme-multipath: do not reset on unknown status (bsc#1174748).
  • nvme: Namepace identification descriptor list is optional (bsc#1174748).
  • nvme: pass status to nvmeerrorstatus (bsc#1174748).
  • nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
  • nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
  • nvme-rdma: fix crash when connect rejected (bsc#1174748).
  • nvme: return error from nvmeallocns() (bsc#1174748).
  • nvme-tcp: check page by sendpageok() before calling kernelsendpage() (bsc#1172873).
  • p54: avoid accessing the data mapped to streaming DMA (git-fixes).
  • pinctrl: intel: Set default bias in case no particular value given (git-fixes).
  • platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes).
  • platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
  • platform/x86: thinkpadacpi: initialize tpnvram_state variable (git-fixes).
  • platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes).
  • powerpc/dma: Fix dmamapops::getrequiredmask (bsc#1065729).
  • powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729).
  • powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
  • powerpc/icp-hv: Fix missing ofnodeput() in success path (bsc#1065729).
  • powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
  • powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
  • powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
  • powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729).
  • powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968).
  • powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes).
  • powerpc/pseries: Fix missing ofnodeput() in rng_init() (bsc#1065729).
  • powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
  • powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
  • power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).
  • pty: do ttyflipbufferpush without port->lock in ptywrite (git-fixes).
  • pwm: lpss: Add range limit check for the base_unit register value (git-fixes).
  • pwm: lpss: Fix off by one error in baseunit math in pwmlpss_prepare() (git-fixes).
  • regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).
  • regulator: resolve supply after creating regulator (git-fixes).
  • Revert 'cdc-acm: hardening against malicious devices' (git-fixes).
  • ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).
  • ring-buffer: Return 0 on success from ringbufferresize() (git-fixes).
  • rpm/kernel-binary.spec.in: Fix compressed module handling for in-tree KMP (jsc#SLE-10886)
  • rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
  • rtl8xxxu: prevent potential memory leak (git-fixes).
  • scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675).
  • scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683).
  • scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
  • scsi: hisisas: Add missing seqprintf() call in hisisasshowrow32() (bsc#1140683).
  • scsi: hisisas: Change return variable type in phyupv3hw() (bsc#1140683).
  • scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683).
  • scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
  • scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683).
  • scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh:
  • scsi: hisisas: No need to check return value of debugfscreate functions (bsc#1140683). Update:
  • scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
  • scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
  • scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226).
  • scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258).
  • scsi: libiscsi: use sendpageok() in iscsitcpsegmentmap() (bsc#1172873).
  • scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Allow devlosstmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Make tgtportdatabase available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538).
  • scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).
  • sctp: not disable bh in the whole sctpgetportlocal() (networking-stable-2009_11).
  • spi: fsl-espi: Only process interrupts for expected events (git-fixes).
  • staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).
  • staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).
  • staging: octeon: repair 'fixed-link' support (git-fixes).
  • tg3: Fix soft lockup when tg3resettask() fails (networking-stable-200911).
  • thunderbolt: Add the missed idasimpleremove() in ringrequestmsix() (git-fixes).
  • time: Prevent undefined behaviour in timespec64tons() (git-fixes).
  • tipc: fix memory leak caused by tipcbufappend() (git-fixes).
  • tipc: fix shutdown() of connectionless socket (networking-stable-200911).
  • tipc: fix shutdown() of connection oriented socket (networking-stable-200924).
  • tipc: fix the skbunshare() in tipcbuf_append() (git-fixes).
  • tipc: fix uninit skb->data in tipcnlcompatdumpit() (networking-stable-2008_24).
  • tipc: use skbunshare() instead in tipcbufappend() (networking-stable-2009_24).
  • tty: ipwireless: fix error handling (git-fixes).
  • tty: serial: earlycon dependency (git-fixes).
  • tty: serial: fsllpuart: fix lpuart32pollgetchar (git-fixes).
  • Update patches.suse/vfs-add-superoperations-getinode_dev (bsc#927455 bsc#1176983).
  • USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
  • USB: adutux: fix debugging (git-fixes).
  • usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
  • USB: cdc-acm: fix cooldown mechanism (git-fixes).
  • usb: cdc-acm: handle broken union descriptors (git-fixes).
  • usb: cdc-wdm: Make wdmflush() interruptible and add wdmfsync() (git-fixes).
  • USB: core: driver: fix stray tabs in error messages (git-fixes).
  • usb: core: Solve race condition in anchor cleanup functions (git-fixes).
  • usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
  • usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
  • usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
  • usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes).
  • usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
  • usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes).
  • usb: gadget: fncm: fix ncmbitrate for SuperSpeed and above (git-fixes).
  • usb: gadget: function: printer: fix use-after-free in _lockacquire (git-fixes).
  • usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes).
  • USB: host: fsl-mph-dr-of: check return of dmasetmask() (git-fixes).
  • USB: mtu3: fix panic in mtu3gadgetstop() (git-fixes).
  • usb: ohci: Default to per-port over-current protection (git-fixes).
  • USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).
  • USB: serial: option: add Cellient MPL200 card (git-fixes).
  • USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).
  • USB: serial: option: add Quectel EC200T module support (git-fixes).
  • USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
  • USB: serial: option: Add Telit FT980-KS composition (git-fixes).
  • USB: serial: pl2303: add device-id for HP GC device (git-fixes).
  • usb: serial: qcserial: fix altsetting probing (git-fixes).
  • USB: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).
  • USB: typec: tcpm: reset hardresetcount for any disconnect (git-fixes).
  • vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202).
  • video: fbdev: pvr2fb: initialize variables (git-fixes).
  • video: fbdev: sis: fix null ptr dereference (git-fixes).
  • video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes).
  • video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
  • video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
  • video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
  • VMCI: check return value of getuserpages_fast() for errors (git-fixes).
  • vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).
  • vt: Disable KDFONTOP_COPY (bsc#1178589).
  • w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes).
  • watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101).
  • watchdog: iTCOwdt: Make ICHRESIOSMI optional (bsc#1177101).
  • wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes).
  • writeback: Avoid skipping inode writeback (bsc#1177755).
  • writeback: Fix sync livelock due to bdirtytime processing (bsc#1177755).
  • writeback: Protect inode->iiolist with inode->i_lock (bsc#1177755).
  • x86/apic: Unify duplicated local apic timer clockevent initialization (bsc#1112178).
  • x86, fakenuma: Fix invalid starting node ID (git-fixes (mm/x86/fakenuma)).
  • x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178).
  • x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
  • x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1058115 bsc#1176907).
  • x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713).
  • xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
  • xen/events: add a new 'late EOI' evtchn framework (XSA-332 bsc#1177411).
  • xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411).
  • xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410).
  • xen/events: block rogue events for some time (XSA-332 bsc#1177411).
  • xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411).
  • xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600).
  • xen/events: fix race in evtchnfifounmask() (XSA-332 bsc#1177411).
  • xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411).
  • xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411).
  • xen/gntdev.c: Mark pages as dirty (bsc#1065600).
  • xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
  • xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
  • xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
  • xen: XEN uses irqdesc::irqdatacommon::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600).
  • xfs: avoid infinite loop when cancelling CoW blocks after writeback failure (bsc#1178027).
  • xfs: do not update mtime on COW faults (bsc#1167030).
  • xfs: fix a missing unlock on error in xfsfsmap_blocks (git-fixes).
  • xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
  • xfs: fix rmap key and record comparison functions (git-fixes).
  • xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).
  • xfs: limit entries returned when counting fsmap records (git-fixes).
  • xgbe: no need to check return value of debugfs_create functions (git-fixes).
  • xgbe: switch to more generic VxLAN detection (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP1 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-8.52.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-8.52.1",
            "kernel-azure-devel": "4.12.14-8.52.1",
            "kernel-devel-azure": "4.12.14-8.52.1",
            "kernel-syms-azure": "4.12.14-8.52.1",
            "kernel-azure-base": "4.12.14-8.52.1",
            "kernel-source-azure": "4.12.14-8.52.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP1 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-8.52.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-8.52.1",
            "kernel-azure-devel": "4.12.14-8.52.1",
            "kernel-devel-azure": "4.12.14-8.52.1",
            "kernel-syms-azure": "4.12.14-8.52.1",
            "kernel-azure-base": "4.12.14-8.52.1",
            "kernel-source-azure": "4.12.14-8.52.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP1 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-8.52.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-8.52.1",
            "kernel-azure-devel": "4.12.14-8.52.1",
            "kernel-devel-azure": "4.12.14-8.52.1",
            "kernel-syms-azure": "4.12.14-8.52.1",
            "kernel-azure-base": "4.12.14-8.52.1",
            "kernel-source-azure": "4.12.14-8.52.1"
        }
    ]
}