SUSE-SU-2020:3748-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203748-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3748-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3748-1
Related
Published
2020-12-10T13:04:57Z
Modified
2020-12-10T13:04:57Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 kernel was updated to 3.12.31 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
  • CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
  • CVE-2020-25668: Fixed a concurrency use-after-free in confontop (bsc#1178123).
  • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
  • CVE-2020-25704: Fixed a leak in perfeventparseaddrfilter() (bsc#1178393).
  • CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
  • CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
  • CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589).
  • CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).
  • CVE-2020-25705: Fixed an issue which could have allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization (bsc#1175721).
  • CVE-2020-28941: Fixed an issue where local attackers on systems with the speakup driver could cause a local denial of service attack (bsc#1178740).
  • CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666).
  • CVE-2020-29369: Fixed a race condition between certain expand functions (expanddownwards and expandupwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 1179432).

The following non-security bugs were fixed:

  • 9P: Cast to loff_t before multiplying (git-fixes).
  • ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes).
  • ACPICA: Add NHLT table signature (bsc#1176200).
  • ACPI: dock: fix enum-conversion warning (git-fixes).
  • ACPI / extlog: Check for RDMSR failure (git-fixes).
  • ACPI: GED: fix -Wformat (git-fixes).
  • ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
  • ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
  • Add bug reference to two hv_netvsc patches (bsc#1178853).
  • ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
  • ALSA: firewire: Clean up a locking issue in copyrespto_buf() (git-fixes).
  • ALSA: fix kernel-doc markups (git-fixes).
  • ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes).
  • ALSA: hda: prevent undefined shift in sndhdacextbusget_link() (git-fixes).
  • ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
  • ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes).
  • ALSA: hda/realtek - Add supported mute Led for HP (git-fixes).
  • ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).
  • ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes).
  • ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes).
  • ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes).
  • ALSA: mixart: Fix mutex deadlock (git-fixes).
  • ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
  • ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).
  • arm64: bpf: Fix branch offset in JIT (git-fixes).
  • arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes).
  • arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes).
  • arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes).
  • arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes).
  • arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes).
  • arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes).
  • arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes).
  • arm64: Run ARCHWORKAROUND1 enabling code on all CPUs (git-fixes).
  • arm64: Run ARCHWORKAROUND2 enabling code on all CPUs (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes).
  • arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes).
  • arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes).
  • ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).
  • ASoC: cs42l51: manage mclk shutdown delay (git-fixes).
  • ASoC: Intel: kblrt5663max98927: Fix kabylakesspfixup function (git-fixes).
  • ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
  • ASoC: qcom: sdm845: set driver name correctly (git-fixes).
  • ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
  • ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
  • batman-adv: set .owner to THIS_MODULE (git-fixes).
  • bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274).
  • bnxten: Check abort error state in bnxtopen_nic() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Fix NULL ptr dereference crash in bnxtfwresettask() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Fix regression in workqueue cleanup logic in bnxtremove_one() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Invoke canceldelayedworksync() for PFs also (jsc#SLE-8371 bsc#1153274).
  • bnxten: return proper error codes in bnxtshow_temp (git-fixes).
  • bnxten: Send HWRMFUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274).
  • bpf: Do not rely on GCC attribute((optimize)) to disable GCSE (bsc#1155518).
  • bpf: Fix comment for helper bpfcurrenttaskundercgroup() (bsc#1155518).
  • bpf: Zero-fill re-used per-cpu map element (bsc#1155518).
  • btrfs: Account for merged patches upstream Move below patches to sorted section.
  • btrfs: cleanup cow block on error (bsc#1178584).
  • btrfs: fix bytesmayuse underflow in prealloc error condtition (bsc#1179217).
  • btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217).
  • btrfs: fix relocation failure due to race with fallocate (bsc#1179217).
  • btrfs: remove itemsize member of struct btrfscloneextentinfo (bsc#1179217).
  • btrfs: rename btrfsinsertclone_extent() to a more generic name (bsc#1179217).
  • btrfs: rename btrfspunchhole_range() to a more generic name (bsc#1179217).
  • btrfs: rename struct btrfscloneextent_info to a more generic name (bsc#1179217).
  • btrfs: reschedule if necessary when logging directory items (bsc#1178585).
  • btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).
  • btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).
  • can: afcan: prevent potential access of uninitialized member in canfdrcv() (git-fixes).
  • can: afcan: prevent potential access of uninitialized member in canrcv() (git-fixes).
  • can: cancreateechoskb(): fix echo skb generation: always use skbclone() (git-fixes).
  • can: dev: _cangetechoskb(): fix real payload length return value for RTR frames (git-fixes).
  • can: dev: cangetechoskb(): prevent call to kfreeskb() in hard IRQ context (git-fixes).
  • can: dev: can_restart(): post buffer from the right context (git-fixes).
  • can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).
  • can: flexcan: flexcansetupstopmode(): add missing 'reqbit' to stop mode property comment (git-fixes).
  • can: flexcan: remove FLEXCANQUIRKDISABLE_MECR quirk for LS1021A (git-fixes).
  • can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
  • can: kvaserusb: kvaserusb_hydra: Fix KCAN bittiming limits (git-fixes).
  • can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
  • can: mcan: mcanhandlestate_change(): fix state change (git-fixes).
  • can: mcan: mcan_stop(): set device to software init mode before closing (git-fixes).
  • can: mcbausb: mcbausbstartxmit(): first fill skb, then pass to canputecho_skb() (git-fixes).
  • can: peakcanfd: pucanhandlecanrx(): fix echo management when loopback is on (git-fixes).
  • can: peak_usb: add range checking in decode operations (git-fixes).
  • can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
  • can: peakusb: peakusbgetts_time(): fix timestamp wrapping (git-fixes).
  • can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
  • ceph: add checksessionstate() helper and make it global (bsc#1179012).
  • ceph: check session state after bumping session->s_seq (bsc#1179012).
  • ceph: check the sesion state and return false in case it is closed (bsc#1179012).
  • ceph: downgrade warning from mdsmap decode to debug (bsc#1178653).
  • ceph: fix race in concurrent _cephremove_cap invocations (bsc#1178635).
  • cfg80211: initialize wdev data earlier (git-fixes).
  • cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
  • cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
  • cifs: remove bogus debug code (bsc#1179427).
  • cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
  • clk: define toclkregmap() as inline function (git-fixes).
  • Convert trailing spaces and periods in path components (bsc#1179424).
  • cosa: Add missing kfree in error path of cosa_write (git-fixes).
  • dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073).
  • dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073).
  • Delete patches.suse/fs-select.c-batch-user-writes-in-dosyspoll.patch (bsc#1179419)
  • devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353).
  • docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
  • Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076).
  • Do not create null.i000.ipa-clones file (bsc#1178330) Kbuild cc-option compiles /dev/null file to test for an option availability. Filter out -fdump-ipa-clones so that null.i000.ipa-clones file is not generated in the process.
  • drbd: code cleanup by using sendpageok() to check page for kernelsendpage() (bsc#1172873).
  • drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397).
  • drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).
  • Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64.
  • EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001).
  • EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001).
  • EDAC/amd64: Gather hardware information early (bsc#1179001).
  • EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001).
  • EDAC/amd64: Make struct amd64familytype global (bsc#1179001).
  • EDAC/amd64: Save max number of controllers to family type (bsc#1179001).
  • EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001).
  • efi: add missed destroyworkqueue when efisubsysinit fails (git-fixes).
  • efi: efibc: check for efivars write capability (git-fixes).
  • efi: EFI_EARLYCON should depend on EFI (git-fixes).
  • efi/efivars: Set generic ops before loading SSDT (git-fixes).
  • efi/esrt: Fix reference count leak in esrecreatesysfs_entry (git-fixes).
  • efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes).
  • efi: provide empty efientervirtual_mode implementation (git-fixes).
  • efivarfs: fix memory leak in efivarfs_create() (git-fixes).
  • efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes).
  • efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes).
  • efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
  • efi/x86: Fix the deletion of variables in mixed mode (git-fixes).
  • efi/x86: Free efipgd with freepages() (git-fixes).
  • efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes).
  • efi/x86: Ignore the memory attributes table on i386 (git-fixes).
  • efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
  • exfat: fix name_hash computation on big endian systems (git-fixes).
  • exfat: fix overflow issue in exfatclusterto_sector() (git-fixes).
  • exfat: fix possible memory leak in exfat_find() (git-fixes).
  • exfat: fix use of uninitialized spinlock on error path (git-fixes).
  • exfat: fix wrong hintstat initialization in exfatfinddirentry() (git-fixes).
  • fbdev, newportcon: Move FONTEXTRA_WORDS macros into linux/font.h (git-fixes).
  • Fix wrongly set CONFIGSOUNDWIRE=y (bsc#1179201) CONFIGSOUNDWIRE was mistakenly set as built-in. Mark it as module.
  • ftrace: Fix recursion check for NMI test (git-fixes).
  • ftrace: Handle tracing when switching between context (git-fixes).
  • futex: Do not enable IRQs unconditionally in putpistate() (bsc#1149032).
  • futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1149032).
  • gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes).
  • gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes).
  • gpio: pcie-idio-24: Fix irq mask when masking (git-fixes).
  • HID: logitech-dj: Fix an error in msebluetoothdescriptor (git-fixes).
  • HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes).
  • HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes).
  • HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes).
  • hv_balloon: disable warning when floor reached (git-fixes).
  • hv: clocksource: Add notrace attribute to readhvschedclock*() functions (git-fixes).
  • hv_netvsc: Add XDP support (bsc#1177820).
  • hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820).
  • hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820).
  • hv_netvsc: record hardware hash in skb (bsc#1177820).
  • hwmon: (pwm-fan) Fix RPM calculation (git-fixes).
  • hypervfb: Update screeninfo after removing old framebuffer (bsc#1175306).
  • i2c: mediatek: move dma reset before i2c reset (git-fixes).
  • i2c: sh_mobile: implement atomic transfers (git-fixes).
  • igc: Fix not considering the TX delay for timestamps (bsc#1160634).
  • igc: Fix wrong timestamp latency numbers (bsc#1160634).
  • iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
  • iio: accel: kxcjk1013: Replace issmo8500device with an acpi_type enum (git-fixes).
  • iio: adc: mediatek: fix unset field (git-fixes).
  • iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes).
  • Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
  • Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes).
  • intel_idle: Customize IceLake server support (bsc#1178286).
  • ionic: check port ptr before use (bsc#1167773).
  • iwlwifi: mvm: write queuesyncstate only for sync (git-fixes).
  • kABI: revert use_mm name change (MM Functionality, bsc#1178426).
  • kABI workaround for HD-audio (git-fixes).
  • kernel: better document the usemm/unusemm API contract (MM Functionality, bsc#1178426).
  • kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
  • kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPMBUILDROOT is cleared before %%install. Do the unpack into RPMBUILDROOT in %%install
  • kernel/watchdog: fix watchdogallowedmask not used warning (git-fixes).
  • kgdb: Fix spurious true from indbgmaster() (git-fixes).
  • kthreadworker: prevent queuing delayed work from timerfn when it is being canceled (git-fixes).
  • KVM: arm64: ARMSMCCCARCHWORKAROUND1 does not return SMCCCRETNOT_REQUIRED (git-fixes).
  • lan743x: fix 'BUG: invalid wait context' when setting rx mode (git-fixes).
  • lan743x: fix issue causing intermittent kernel log warnings (git-fixes).
  • lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes).
  • leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
  • libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518).
  • libceph: use sendpageok() in cephtcp_sendpage() (bsc#1172873).
  • lib/crc32test: remove extra localirqdisable/enable (git-fixes).
  • libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • lib/strncpyfromuser.c: Mask out bytes after NUL terminator (bsc#1155518).
  • mac80211: always wind down STA state (git-fixes).
  • mac80211: fix use of skb payload instead of header (git-fixes).
  • mac80211: free sta in stainfoinsert_finish() on errors (git-fixes).
  • mac80211: minstrel: fix tx status processing corner case (git-fixes).
  • mac80211: minstrel: remove deferred sampling code (git-fixes).
  • media: imx274: fix frame interval handling (git-fixes).
  • media: platform: Improve queue set up flow for bug fixing (git-fixes).
  • media: tw5864: check status of tw5864frameintervalget (git-fixes).
  • media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).
  • media: uvcvideo: Fix uvcctrlfixupxuinfo() not having any effect (git-fixes).
  • mei: protect meiclmtu from null dereference (git-fixes).
  • memcg: fix NULL pointer dereference in _memcgroupusageunregister_event (bsc#1177703).
  • mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes).
  • mmc: renesassdhicore: Add missing tmiommchost_free() at remove (git-fixes).
  • mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
  • mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes).
  • mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426).
  • mm: fix kthreadusemm() vs TLB invalidate (MM Functionality, bsc#1178426).
  • mm/gup: allow FOLLFORCE for getuserpagesfast() (git fixes (mm/gup)).
  • mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235).
  • mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)).
  • mm, memcg: fix inconsistent oom event behavior (bsc#1178659).
  • mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
  • mm/memcontrol.c: add missed css_put() (bsc#1178661).
  • mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)).
  • mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).
  • mm: swap: make page_evictable() inline (git fixes (mm/vmscan)).
  • mm: swap: use smpmbafteratomic() to order LRU bit set (git fixes (mm/vmscan)).
  • mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755).
  • modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076).
  • net: add WARNONCE in kernelsendpage() for improper zero-copy send (bsc#1172873).
  • net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
  • net: ena: Change license into format to SPDX in all files (bsc#1177397).
  • net: ena: Change log message to netif/dev function (bsc#1177397).
  • net: ena: Change RSS related macros and variables names (bsc#1177397).
  • net: ena: ethtool: Add new device statistics (bsc#1177397).
  • net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
  • net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
  • net: ena: Fix all static chekers' warnings (bsc#1177397).
  • net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
  • net: ena: handle bad request id in ena_netdev (bsc#1174852).
  • net: ena: Remove redundant print of placement policy (bsc#1177397).
  • net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
  • net: fix pos incrementment in ipv6routeseq_next (bsc#1154353).
  • net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873).
  • net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464).
  • net/mlx5: E-Switch, Fail mlx5eswmodifyvportrate if qos disabled (jsc#SLE-8464).
  • net: mscc: ocelot: fix race condition with TX timestamping (bsc#1178461).
  • net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
  • nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
  • NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
  • NFSv4: Handle NFS4ERROLDSTATEID in CLOSE/OPEN_DOWNGRADE (bsc#1176180).
  • NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE (bsc#1176180).
  • NFSv4.x recover from pre-mature loss of openstateid (bsc#1176180).
  • nvme: do not update disk info for multipathed device (bsc#1171558).
  • nvme-tcp: check page by sendpageok() before calling kernelsendpage() (bsc#1172873).
  • p54: avoid accessing the data mapped to streaming DMA (git-fixes).
  • PCI/ACPI: Whitelist hotplug ports for D3 if power managed by ACPI (git-fixes).
  • pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
  • pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
  • pinctrl: aspeed: Fix GPI only function problem (git-fixes).
  • pinctrl: intel: Set default bias in case no particular value given (git-fixes).
  • platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes).
  • platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
  • PM: runtime: Drop runtime PM references to supplier on link removal (git-fixes).
  • powerpc/64s/radix: Fix mmcpumask trimming race vs kthreaduse_mm (MM Functionality, bsc#1178426).
  • powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915).
  • powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc/pseries: new lparcfg key/value pair: partitionaffinityscore (jsc#SLE-16360 jsc#SLE-16915).
  • powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc: select ARCHWANTIRQSOFFACTIVATE_MM (MM Functionality, bsc#1178426).
  • powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
  • power: supply: bq27xxx: report 'not charging' on all types (git-fixes).
  • power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes).
  • qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160).
  • RDMA/hns: Fix retrycnt and rnrcnt when querying QP (jsc#SLE-8449).
  • RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449).
  • RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449).
  • RDMA/hns: Solve the overflow of the calcpgsz() (jsc#SLE-8449).
  • RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464).
  • RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215).
  • RDMA/ucma: Add missing locking around rdmaleavemulticast() (git-fixes).
  • reboot: fix overflow parsing reboot cpu number (git-fixes).
  • Refresh patches.suse/vfs-add-superoperations-getinode_dev. (bsc#1176983)
  • regulator: avoid resolve_supply() infinite recursion (git-fixes).
  • regulator: defer probe when trying to get voltage from unresolved supply (git-fixes).
  • regulator: fix memory leak with repeated setmachineconstraints() (git-fixes).
  • regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes).
  • regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).
  • regulator: workaround self-referent regulators (git-fixes).
  • Restore the header of series.conf The header of series.conf was accidentally changed by abb50be8e6bc '(kABI: revert use_mm name change (MM Functionality, bsc#1178426))'.
  • Revert 'cdc-acm: hardening against malicious devices' (git-fixes).
  • Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (git-fixes).
  • Revert 'xfs: complain if anyone tries to create a too-large buffer' (bsc#1179425, bsc#1179550).
  • rfkill: Fix use-after-free in rfkill_resume() (git-fixes).
  • ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes).
  • rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger -dimstar@opensuse.org
  • rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two.
  • rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead.
  • rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
  • rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).
  • rpm/mkspec: do not build kernel-obs-build on x8632 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*.x8664.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly.
  • s390/bpf: Fix multiple tail calls (git-fixes).
  • s390/cpumcf,perf: change DFLTCCERROR counter name (bsc#1175918 LTC#187935).
  • s390/cpumsf.c: fix file permission for cpumsfb_size (git-fixes).
  • s390/dasd: fix null pointer dereference for ERP requests (git-fixes).
  • s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes).
  • s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341).
  • s390/zcrypt: Fix ZCRYPTPERDEVREQCNT ioctl (bsc#1177070 LTC#188342).
  • sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)).
  • sched/fair: Fix unthrottlecfsrq() for leafcfsrq list (git fixes (sched)).
  • sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227).
  • sched: Fix rq->nr_iowait ordering (git fixes (sched)).
  • scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
  • scsi: libiscsi: Fix NOP race condition (bsc#1176481).
  • scsi: libiscsi: use sendpageok() in iscsitcpsegmentmap() (bsc#1172873).
  • serial: 8250mtk: Fix uartgetbaudrate warning (git-fixes).
  • serial: txx9: add missing platformdriverunregister() on error in serialtxx9init (git-fixes).
  • spi: lpspi: Fix use-after-free on unbind (git-fixes).
  • staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes).
  • staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes).
  • staging: octeon: repair 'fixed-link' support (git-fixes).
  • staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).
  • SUNRPC: fix copying of multiple pages in gssreadproxy_verf() (bsc#1154353).
  • SUNRPC: Fix general protection fault in tracerpcxdr_overflow() (git-fixes).
  • svcrdma: fix bounce buffers for unaligned offsets and multiple pages (git-fixes).
  • tcp: use sendpage_ok() to detect misused .sendpage (bsc#1172873).
  • thunderbolt: Add the missed idasimpleremove() in ringrequestmsix() (git-fixes).
  • thunderbolt: Fix memory leak if idasimpleget() fails in enumerate_services() (git-fixes).
  • timer: Fix wheel index calculation on last level (git-fixes).
  • timer: Prevent base->clk from moving backward (git-fixes).
  • tpm: efi: Do not create binarybiosmeasurements file for an empty log (git-fixes).
  • tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes).
  • tracing: Fix out of bounds write in gettracebuf (git-fixes).
  • tty: serial: fsl_lpuart: add LS1028A support (git-fixes).
  • tty: serial: fsl_lpuart: LS1021A had a FIFO size of 16 words, like LS1028A (git-fixes).
  • tty: serial: imx: fix potential deadlock (git-fixes).
  • tty: serial: imx: keep console clocks always on (git-fixes).
  • uio: Fix use-after-free in uiounregisterdevice() (git-fixes).
  • uio: free uio id after uio file node is freed (git-fixes).
  • USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
  • USB: adutux: fix debugging (git-fixes).
  • USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
  • USB: cdc-acm: fix cooldown mechanism (git-fixes).
  • USB: core: Change %pK for __user pointers to %px (git-fixes).
  • USB: core: driver: fix stray tabs in error messages (git-fixes).
  • USB: core: Fix regression in Hercules audio card (git-fixes).
  • USB: gadget: Fix memleak in gadgetfsfillsuper (git-fixes).
  • USB: gadget: fmidi: Fix memleak in fmidi_alloc (git-fixes).
  • USB: gadget: goku_udc: fix potential crashes in probe (git-fixes).
  • USB: host: fsl-mph-dr-of: check return of dmasetmask() (git-fixes).
  • USB: mtu3: fix panic in mtu3gadgetstop() (git-fixes).
  • USB: serial: cyberjack: fix write-URB completion race (git-fixes).
  • USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes).
  • USB: serial: option: add Quectel EC200T module support (git-fixes).
  • USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
  • USB: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes).
  • USB: typec: tcpm: reset hardresetcount for any disconnect (git-fixes).
  • USB: xhci: omit duplicate actions when suspending a runtime suspended host (git-fixes).
  • video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
  • video: hyperv_fb: include vmalloc.h (git-fixes).
  • video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306).
  • video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306).
  • video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306).
  • virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes).
  • vt: Disable KDFONTOP_COPY (bsc#1178589).
  • x86/hyperv: Clarify comment on x2apic mode (git-fixes).
  • x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes).
  • x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306).
  • x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489).
  • x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489).
  • xfs: complain if anyone tries to create a too-large buffer log item (bsc#1166146).
  • xfs: do not update mtime on COW faults (bsc#1167030).
  • xfs: fix a missing unlock on error in xfsfsmap_blocks (git-fixes).
  • xfs: fix brainos in the refcount scrubber's rmap fragment processor (git-fixes).
  • xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
  • xfs: fix rmap key and record comparison functions (git-fixes).
  • xfs: fix scrub flagging rtinherit even if there is no rt device (git-fixes).
  • xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes).
  • xfs: introduce XFSMAXFILEOFF (bsc#1166166).
  • xfs: prohibit fs freezing when using empty transactions (bsc#1179442).
  • xfs: remove unused variable 'done' (bsc#1166166).
  • xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes).
  • xfs: set the unwritten bit in rmap lookup flags in xchkbmapget_rmapextents (git-fixes).
  • xfs: set xefi_discard when creating a deferred agfl free log intent item (git-fixes).
  • xfs: truncate should remove all blocks, not just to the end of the page cache (bsc#1166166).
  • xhci: Fix sizeof() mismatch (git-fixes).
  • xhci: hisilicon: fix refercence leak in xhcihistbprobe (git-fixes).

kernel-default-base fixes the following issues:

  • Add wireguard kernel module (bsc#1179225)
  • Create the list of crypto kernel modules dynamically, supersedes hardcoded list of crc32 implementations (bsc#1177577)
References

Affected packages

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.43.2",
            "kernel-devel": "5.3.18-24.43.2",
            "kernel-default-base": "5.3.18-24.43.2.9.17.3",
            "kernel-preempt": "5.3.18-24.43.2",
            "kernel-default-devel": "5.3.18-24.43.2",
            "kernel-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-default-base

Package

Name
kernel-default-base
Purl
pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2.9.17.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.43.2",
            "kernel-devel": "5.3.18-24.43.2",
            "kernel-default-base": "5.3.18-24.43.2.9.17.3",
            "kernel-preempt": "5.3.18-24.43.2",
            "kernel-default-devel": "5.3.18-24.43.2",
            "kernel-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-preempt

Package

Name
kernel-preempt
Purl
pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.43.2",
            "kernel-devel": "5.3.18-24.43.2",
            "kernel-default-base": "5.3.18-24.43.2.9.17.3",
            "kernel-preempt": "5.3.18-24.43.2",
            "kernel-default-devel": "5.3.18-24.43.2",
            "kernel-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP2 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "5.3.18-24.43.2",
            "kernel-devel": "5.3.18-24.43.2",
            "kernel-default-base": "5.3.18-24.43.2.9.17.3",
            "kernel-preempt": "5.3.18-24.43.2",
            "kernel-default-devel": "5.3.18-24.43.2",
            "kernel-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-docs

Package

Name
kernel-docs
Purl
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.43.2",
            "kernel-syms": "5.3.18-24.43.2",
            "kernel-preempt-devel": "5.3.18-24.43.2",
            "kernel-source": "5.3.18-24.43.2",
            "kernel-obs-build": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.43.2",
            "kernel-syms": "5.3.18-24.43.2",
            "kernel-preempt-devel": "5.3.18-24.43.2",
            "kernel-source": "5.3.18-24.43.2",
            "kernel-obs-build": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-preempt

Package

Name
kernel-preempt
Purl
pkg:rpm/suse/kernel-preempt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.43.2",
            "kernel-syms": "5.3.18-24.43.2",
            "kernel-preempt-devel": "5.3.18-24.43.2",
            "kernel-source": "5.3.18-24.43.2",
            "kernel-obs-build": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.43.2",
            "kernel-syms": "5.3.18-24.43.2",
            "kernel-preempt-devel": "5.3.18-24.43.2",
            "kernel-source": "5.3.18-24.43.2",
            "kernel-obs-build": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Development Tools 15 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "5.3.18-24.43.2",
            "kernel-syms": "5.3.18-24.43.2",
            "kernel-preempt-devel": "5.3.18-24.43.2",
            "kernel-source": "5.3.18-24.43.2",
            "kernel-obs-build": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Legacy 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "5.3.18-24.43.2",
            "kernel-livepatch-5_3_18-24_43-default": "1-5.3.3",
            "kernel-default-livepatch-devel": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 15 SP2 / kernel-livepatch-SLE15-SP2_Update_8

Package

Name
kernel-livepatch-SLE15-SP2_Update_8
Purl
pkg:rpm/suse/kernel-livepatch-SLE15-SP2_Update_8&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-5.3.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-livepatch": "5.3.18-24.43.2",
            "kernel-livepatch-5_3_18-24_43-default": "1-5.3.3",
            "kernel-default-livepatch-devel": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "5.3.18-24.43.2",
            "gfs2-kmp-default": "5.3.18-24.43.2",
            "ocfs2-kmp-default": "5.3.18-24.43.2",
            "cluster-md-kmp-default": "5.3.18-24.43.2"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 15 SP2 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-24.43.2

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "5.3.18-24.43.2"
        }
    ]
}