SUSE-SU-2022:1402-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20221402-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:1402-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:1402-1
Related
Published
2022-04-26T06:55:18Z
Modified
2022-04-26T06:55:18Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-28356: Fixed a refcount bug in llcuibind and llcuiautobind which could allow an unprivileged user to execute a DoS. (bnc#1197391)
  • CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)
  • CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)
  • CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)
  • CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)
  • CVE-2022-0812: Fixed an incorrect header size calculations which could lead to a memory leak. (bsc#1196639)
  • CVE-2022-1048: Fixed a race Condition in sndpcmhwfree leading to use-after-free due to the AB/BA lock with buffermutex and mmap_lock. (bsc#1197331)
  • CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)
  • CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device. (bsc#1196836)
  • CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
  • CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)
  • CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free. (bnc#1196973)
  • CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)
  • CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could crash the system or corrupt the system memory. (bsc#1196830)

The following non-security bugs were fixed:

  • asix: Add rx->axskb = NULL after usbnetskb_return() (git-fixes).
  • asix: Ensure asixrxfixup_info members are all reset (git-fixes).
  • asix: Fix small memory leak in ax88772_unbind() (git-fixes).
  • asix: fix uninit-value in asixmdioread() (git-fixes).
  • asix: fix wrong return value in asixcheckhost_enable() (git-fixes).
  • ax88179178a: Merge memcpy + le32tocpus to getunaligned_le32 (bsc#1196018).
  • block: bfq: fix bfqsetnextiopriodata() (bsc#1191451).
  • block: fix ioprioget(IOPRIOWHO_PGRP) vs setuid(2) (bsc#1194586).
  • can: dev: can_restart: fix use after free bug (git-fixes).
  • cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723).
  • cgroup: Allocate cgroupfilectx for kernfsopenfile->priv (bsc#1196723).
  • cgroup: Use open-time cgroup namespace for process migration perm checks (bsc#1196723).
  • dax: update to new mmu_notifier semantic (bsc#1184207).
  • EDAC: Fix calculation of returned address and next offset in edacalignptr() (bsc#1114648).
  • ena_netdev: use generic power management (bsc#1197099 jsc#SLE-24125).
  • ena: Remove rcureadlock() around XDP program invocation (bsc#1197099 jsc#SLE-24125).
  • ethernet: amazon: ena: A typo fix in the file ena_com.h (bsc#1197099 jsc#SLE-24125).
  • ext4: add check to prevent attempting to resize an fs with sparse_super2 (bsc#1197754).
  • ext4: check for inconsistent extents between index and leaf block (bsc#1194163 bsc#1196339).
  • ext4: check for out-of-order index extents in ext4validextent_entries() (bsc#1194163 bsc#1196339).
  • ext4: do not use the orphan list when migrating an inode (bsc#1197756).
  • ext4: fix an use-after-free issue about data=journal writeback mode (bsc#1195482).
  • ext4: Fix BUGON in ext4bread when write quota data (bsc#1197755).
  • ext4: fix error handling in ext4restoreinline_data() (bsc#1197757).
  • ext4: fix lazy initialization next schedule time computation in more granular unit (bsc#1194580).
  • ext4: make sure quota gets properly shutdown on error (bsc#1195480).
  • ext4: prevent partial update of the extent blocks (bsc#1194163 bsc#1196339).
  • ext4: update i_disksize if direct write past ondisk size (bsc#1197806).
  • genirq: Use rcu in kstatirqsusr() (bsc#1193738).
  • gtp: fix an use-before-init in gtp_newlink() (git-fixes).
  • IB/core: Fix ODP get user pages flow (git-fixes)
  • IB/hfi1: Acquire lock to release TID entries when user file is closed (git-fixes)
  • IB/hfi1: Adjust pkey entry in index 0 (git-fixes)
  • IB/hfi1: Correct guard on eager buffer deallocation (git-fixes)
  • IB/hfi1: Ensure pq is not left on waitlist (git-fixes)
  • IB/hfi1: Fix another case where pq is left on waitlist (git-fixes)
  • IB/hfi1: Fix error return code in parseplatformconfig() (git-fixes)
  • IB/hfi1: Fix leak of rcvhdrtaildummykvaddr (git-fixes)
  • IB/hfi1: Fix possible null-pointer dereference in extendsdmatxdescs() (git-fixes)
  • IB/hfi1: Insure use of smpprocessorid() is preempt disabled (git-fixes)
  • IB/hfi1: Use kzalloc() for mmurbhandler allocation (git-fixes)
  • IB/qib: Protect from buffer overflow in struct qibusersdma_pkt fields (git-fixes)
  • IB/qib: Use struct_size() helper (git-fixes)
  • IB/sa: Resolv use-after-free in ibnlmake_request() (git-fixes)
  • IB/umad: Return EIO in case of when device disassociated (git-fixes)
  • IB/umad: Return EPOLLERR in case of when device disassociated (git-fixes)
  • isofs: Fix out of bound access for corrupted isofs image (bsc#1194591).
  • kernel-binary.spec: Do not use the default certificate path (bsc#1194943). Using the the default path is broken since Linux 5.17
  • kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr directory (bsc#1195051).
  • llc: fix netdevice reference leaks in llcuibind() (git-fixes).
  • macros.kernel-source: Fix conditional expansion. Fixes: bb95fef3cf19 ('rpm: Use bash for %() expansion (jsc#SLE-18234).')
  • mdio: fix mdio-thunder.c dependency & build error (git-fixes).
  • mm: bdi: initialize bdiminratio when bdi is unregistered (bsc#1197763).
  • mm: drop NULL return check of pteoffsetmap_lock() (bsc#1184207).
  • mm/rmap: always do TTUIGNOREACCESS (bsc#1184207).
  • mm/rmap: update to new mmu_notifier semantic v2 (bsc#1184207).
  • net: arcemac: Fix memleak in arcmdio_probe (git-fixes).
  • net: asix: add proper error handling of usb read errors (git-fixes).
  • net: asix: fix uninit value bugs (git-fixes).
  • net: bcmgenet: Fix a resource leak in an error handling path in the probe functin (git-fixes).
  • net: dp83867: Fix OF_MDIO config check (git-fixes).
  • net: dsa: bcm_sf2: put device node before return (git-fixes).
  • net: ena: Add capabilities field with support for ENI stats capability (bsc#1197099 jsc#SLE-24125).
  • net: ena: Add debug prints for invalid req_id resets (bsc#1197099 jsc#SLE-24125).
  • net: ena: add device distinct log prefix to files (bsc#1197099 jsc#SLE-24125).
  • net: ena: add jiffies of last napi call to stats (bsc#1197099 jsc#SLE-24125).
  • net: ena: aggregate doorbell common operations into a function (bsc#1197099 jsc#SLE-24125).
  • net: ena: aggregate stats increase into a function (bsc#1197099 jsc#SLE-24125).
  • net: ena: Change ENI stats support check to use capabilities field (bsc#1197099 jsc#SLE-24125).
  • net: ena: Change return value of enacalcioqueuesize() to void (bsc#1197099 jsc#SLE-24125).
  • net: ena: Change the name of bad_csum variable (bsc#1197099 jsc#SLE-24125).
  • net: ena: Extract recurring driver reset code into a function (bsc#1197099 jsc#SLE-24125).
  • net: ena: fix coding style nits (bsc#1197099 jsc#SLE-24125).
  • net: ena: fix DMA mapping function issues in XDP (bsc#1197099 jsc#SLE-24125).
  • net: ena: fix inaccurate print type (bsc#1197099 jsc#SLE-24125).
  • net: ena: fix wrong rx request id by resetting device (bsc#1197099 jsc#SLE-24125).
  • net: ena: Improve error logging in driver (bsc#1197099 jsc#SLE-24125).
  • net: ena: introduce ndoxdpxmit() function for XDP_REDIRECT (bsc#1197099 jsc#SLE-24125).
  • net: ena: introduce XDP redirect implementation (bsc#1197099 jsc#SLE-24125).
  • net: ena: make symbol 'enaallocmap_page' static (bsc#1197099 jsc#SLE-24125).
  • net: ena: Move reset completion print to the reset function (bsc#1197099 jsc#SLE-24125).
  • net: ena: optimize data access in fast-path code (bsc#1197099 jsc#SLE-24125).
  • net: ena: re-organize code to improve readability (bsc#1197099 jsc#SLE-24125).
  • net: ena: Remove enacalcqueuesizectx struct (bsc#1197099 jsc#SLE-24125).
  • net: ena: remove extra words from comments (bsc#1197099 jsc#SLE-24125).
  • net: ena: Remove module param and change message severity (bsc#1197099 jsc#SLE-24125).
  • net: ena: Remove redundant return code check (bsc#1197099 jsc#SLE-24125).
  • net: ena: Remove unused code (bsc#1197099 jsc#SLE-24125).
  • net: ena: store values in their appropriate variables types (bsc#1197099 jsc#SLE-24125).
  • net: ena: Update XDP verdict upon failure (bsc#1197099 jsc#SLE-24125).
  • net: ena: use build_skb() in RX path (bsc#1197099 jsc#SLE-24125).
  • net: ena: use constant value for net_device allocation (bsc#1197099 jsc#SLE-24125).
  • net: ena: Use dev_alloc() in RX buffer allocation (bsc#1197099 jsc#SLE-24125).
  • net: ena: Use pcisriovconfigure_simple() to enable VFs (bsc#1197099 jsc#SLE-24125).
  • net: ena: use xdp_frame in XDP TX flow (bsc#1197099 jsc#SLE-24125).
  • net: ena: use xdpreturnframe() to free xdp frames (bsc#1197099 jsc#SLE-24125).
  • net: ethernet: Fix memleak in ethoc_probe (git-fixes).
  • net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered (git-fixes).
  • net: fec: only check queue 0 if RXF0/TXF0 interrupt is set (git-fixes).
  • net: hdlcppp: Fix issues when modtimer is called while timer is running (git-fixes).
  • net: hdlcraweth: Clear the IFFTXSKBSHARING flag after calling ethersetup (git-fixes).
  • net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device (git-fixes).
  • net: hns: fix return value check in _lbother_process() (git-fixes).
  • net: marvell: Fix OF_MDIO config check (git-fixes).
  • net: mcs7830: handle usb read errors properly (git-fixes).
  • net: usb: asix: add error handling for asixmdio* functions (git-fixes).
  • net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).
  • net: usb: ax88179_178a: fix packet alignment padding (bsc#1196018).
  • net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468).
  • netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
  • NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
  • NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
  • NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
  • NFS: Fix initialisation of nfsclient clflags field (git-fixes).
  • NFS: Return valid errors from nfs2/3decodedirent() (git-fixes).
  • NFSD: Clamp WRITE offsets (git-fixes).
  • NFSD: nfsd4setclientidconfirm mistakenly expires confirmed client (git-fixes).
  • NFSv4.1: do not retry BINDCONNTO_SESSION on session error (git-fixes).
  • NFSv4/pNFS: Fix another issue with a list iterator pointing to the head (git-fixes).
  • ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).
  • ocfs2: remove ocfs2iso2cb_active() (bsc#1197758).
  • powerpc/64: Fix kernel stack 16-byte alignment (bsc#1196999 ltc#196609S git-fixes).
  • powerpc/64: Interrupts save PPR on stack rather than thread_struct (bsc#1196999 ltc#196609).
  • powerpc/pseries: Fix use after free in removephbdynamic() (bsc#1065729).
  • powerpc/pseries: Fix use after free in removephbdynamic() (bsc#1065729).
  • powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).
  • powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
  • powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
  • powerpc/xive: fix return value of __setup handler (bsc#1065729).
  • printk: Add panicinprogress helper (bsc#1197894).
  • printk: disable optimistic spin during panic (bsc#1197894).
  • qed: select CONFIG_CRC32 (git-fixes).
  • quota: correct error number in free_dqentry() (bsc#1194590).
  • RDMA/addr: Be strict with gid size (git-fixes)
  • RDMA/bnxtre: Fix a double free in bnxtqpliballocres (git-fixes)
  • RDMA/bnxtre: Fix error return code in bnxtqplibcqprocess_terminal() (git-fixes)
  • RDMA/bnxt_re: Scan the whole bitmap when checking if 'disabling RCFW with pending cmd-bit' (git-fixes)
  • RDMA/bnxt_re: Set queue pair state when being queried (git-fixes)
  • RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (git-fixes)
  • RDMA/cma: Ensure rdmaaddrcancel() happens before issuing more requests (git-fixes)
  • RDMA/cma: Let cmaresolveib_dev() continue search even after empty entry (git-fixes)
  • RDMA/core: Do not infoleak GRH fields (git-fixes)
  • RDMA/core: Let ibfindgid() continue search even after empty entry (git-fixes)
  • RDMA/cxgb4: add missing qpid increment (git-fixes)
  • RDMA/cxgb4: check for ipv6 address properly while destroying listener (git-fixes)
  • RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (git-fixes)
  • RDMA/cxgb4: Fix the reported maxrecvsge value (git-fixes)
  • RDMA/cxgb4: Set queue pair state when being queried (git-fixes)
  • RDMA/cxgb4: Validate the number of CQEs (git-fixes)
  • RDMA/hns: Add a check for current state before modifying QP (git-fixes)
  • RDMA/hns: Encapsulate some lines for setting sq size in user mode (git-fixes)
  • RDMA/hns: Optimize hnsrocemodify_qp function (git-fixes)
  • RDMA/hns: Prevent undefined behavior in hnsrocesetusersq_size() (git-fixes)
  • RDMA/hns: Validate the pkey index (git-fixes)
  • RDMA/i40iw: Fix error unwinding when i40iwhmcsd_one fails (git-fixes)
  • RDMA/ib_srp: Fix a deadlock (git-fixes)
  • RDMA/iwcm: Release resources if iw_cm module initialization fails (git-fixes)
  • RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes)
  • RDMA/mlx4: Return missed an error if device does not support steering (git-fixes)
  • RDMA/mlx5: Do not allow rereg of a ODP MR (git-fixes)
  • RDMA/mlx5: Fix corruption of regpages in mlx5ibrereguser_mr() (git-fixes)
  • RDMA/mlx5: Fix potential race between destroy and CQE poll (git-fixes)
  • RDMA/mlx5: Fix udata response upon SRQ creation (git-fixes)
  • RDMA/mlx5: Put live in the correct place for ODP MRs (git-fixes)
  • RDMA/odp: Lift umemmutex out of ibumemodpunmapdmapages() (git-fixes)
  • RDMA/qedr: Fix NULL deref for query_qp on the GSI QP (git-fixes)
  • RDMA/qib: Remove superfluous fallthrough statements (git-fixes)
  • RDMA/rxe: Clear all QP fields if creation failed (git-fixes)
  • RDMA/rxe: Compute PSN windows correctly (git-fixes)
  • RDMA/rxe: Correct skb on loopback path (git-fixes)
  • RDMA/rxe: Do not overwrite errno from ibumemget() (git-fixes)
  • RDMA/rxe: Fix coding error in rxercvmcast_pkt (git-fixes)
  • RDMA/rxe: Fix coding error in rxe_recv.c (git-fixes)
  • RDMA/rxe: Fix extra copy in prepareackpacket (git-fixes)
  • RDMA/rxe: Fix failure during driver load (git-fixes)
  • RDMA/rxe: Fix missing kconfig dependency on CRYPTO (git-fixes)
  • RDMA/rxe: Fix over copying in getsrqwqe (git-fixes)
  • RDMA/rxe: Fix panic when calling kmemcachecreate() (git-fixes)
  • RDMA/rxe: Fix redundant call to ipsendcheck (git-fixes)
  • RDMA/rxe: Fix skb lifetime in rxercvmcast_pkt() (git-fixes)
  • RDMA/rxe: Fix wrong portcapflags (git-fixes)
  • RDMA/rxe: Handle skbclone() failure in rxerecv.c (git-fixes)
  • RDMA/rxe: Remove rxelinklayer() (git-fixes)
  • RDMA/rxe: Return CQE error if invalid lkey was supplied (git-fixes)
  • RDMA/ucma: Fix locking for ctx->events_reported (git-fixes)
  • RDMA/usnic: Fix memleak in findfreevfandcreateqpgrp (git-fixes)
  • RDMA/uverbs: Fix create WQ to use the given user handle (git-fixes)
  • RDMA/uverbs: Tidy input validation of ibuverbsrereg_mr() (git-fixes)
  • s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).
  • s390/disassembler: increase ebpf disasm buffer size (git-fixes).
  • scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
  • scsi: lpfc: Drop lpfcnohandler() (bsc#1197675).
  • scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
  • scsi: lpfc: Fix locking for lpfcsliiocbq_lookup() (bsc#1197675).
  • scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).
  • scsi: lpfc: Fix typos in comments (bsc#1197675).
  • scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).
  • scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).
  • scsi: lpfc: Kill lpfcbusreset_handler() (bsc#1197675).
  • scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
  • scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
  • scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).
  • scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
  • scsi: lpfc: SLI path split: Introduce lpfcprepwqe (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
  • scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).
  • scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
  • scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
  • scsi: lpfc: Use fcblockrport() (bsc#1197675).
  • scsi: lpfc: Use kcalloc() (bsc#1197675).
  • scsi: lpfc: Use rport as argument for lpfcchktgt_mapped() (bsc#1197675).
  • scsi: lpfc: Use rport as argument for lpfcsendtaskmgmt() (bsc#1197675).
  • scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
  • scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
  • scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
  • scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).
  • scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
  • scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).
  • scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
  • scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
  • scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
  • scsi: qla2xxx: Fix typos in comments (bsc#1197661).
  • scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
  • scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
  • scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
  • scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
  • scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).
  • scsi: qla2xxx: Use named initializers for portstatestr (bsc#1197661).
  • scsi: qla2xxx: Use named initializers for qdevstate (bsc#1197661).
  • sr9700: sanity check for packet length (bsc#1196836).
  • SUNRPC: avoid race between modtimer() and deltimer_sync() (bnc#1195403).
  • SUNRPC: change locking for xsswapenable/disable (bsc#1196367).
  • SUNRPC: Fix transport accounting when caller specifies an rpc_xprt (bsc#1197531).
  • tcp: add some entropy in _inethash_connect() (bsc#1180153).
  • tcp: change source port randomizarion at connect() time (bsc#1180153).
  • tcp: Export tcp{sendpage,sendmsg}locked() for ipv6 (bsc#1194541).
  • team: protect features update by RCU to avoid deadlock (git-fixes).
  • tracing: Fix return value of __setup handlers (git-fixes).
  • Update patches.suse/ibmvnic-don-t-stop-queue-in-xmit.patch (bsc#1192273 ltc#194629 bsc#1191428 ltc#193985).
  • usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (git-fixes).
  • usb: chipidea: fix interrupt deadlock (git-fixes).
  • usb: core: Fix hang in usbkillurb by adding memory barriers (git-fixes).
  • usb: ftdi-elan: fix memory leak on device disconnect (git-fixes).
  • usb: host: xen-hcd: add missing unlock in error path (git-fixes).
  • usb: host: xhci-rcar: Do not reload firmware after the completion (git-fixes).
  • usb: serial: ch341: add support for GW Instek USB2.0-Serial devices (git-fixes).
  • usb: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes).
  • usb: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (git-fixes).
  • usb: serial: option: add support for DW5829e (git-fixes).
  • usb: serial: option: add Telit LE910R1 compositions (git-fixes).
  • usb: serial: option: add ZTE MF286D modem (git-fixes).
  • usb: storage: ums-realtek: fix error code in rts51xreadmem() (git-fixes).
  • usb: zaurus: support another broken Zaurus (git-fixes).
  • virtionet: Fix recursive call to cpusread_lock() (git-fixes).
  • x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1114648).
  • x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1114648).
  • xen/gntdev: update to new mmu_notifier semantic (bsc#1184207).
  • xen/usb: do not use gnttabendforeignaccess() in xenhcdgnttab_done() (bsc#1196488, XSA-396).
  • xhci: Enable trust tx length quirk for Fresco FL11 USB controller (git-fixes).
  • xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set (git-fixes).
  • xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes).
  • xhci: re-initialize the HC during resume if HCE was set (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt

Package

Name
kernel-rt
Purl
pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.84.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.84.1",
            "dlm-kmp-rt": "4.12.14-10.84.1",
            "gfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug": "4.12.14-10.84.1",
            "kernel-rt-devel": "4.12.14-10.84.1",
            "cluster-md-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug-devel": "4.12.14-10.84.1",
            "kernel-source-rt": "4.12.14-10.84.1",
            "kernel-rt": "4.12.14-10.84.1",
            "ocfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-syms-rt": "4.12.14-10.84.1",
            "kernel-rt-base": "4.12.14-10.84.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.84.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.84.1",
            "dlm-kmp-rt": "4.12.14-10.84.1",
            "gfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug": "4.12.14-10.84.1",
            "kernel-rt-devel": "4.12.14-10.84.1",
            "cluster-md-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug-devel": "4.12.14-10.84.1",
            "kernel-source-rt": "4.12.14-10.84.1",
            "kernel-rt": "4.12.14-10.84.1",
            "ocfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-syms-rt": "4.12.14-10.84.1",
            "kernel-rt-base": "4.12.14-10.84.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.84.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.84.1",
            "dlm-kmp-rt": "4.12.14-10.84.1",
            "gfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug": "4.12.14-10.84.1",
            "kernel-rt-devel": "4.12.14-10.84.1",
            "cluster-md-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug-devel": "4.12.14-10.84.1",
            "kernel-source-rt": "4.12.14-10.84.1",
            "kernel-rt": "4.12.14-10.84.1",
            "ocfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-syms-rt": "4.12.14-10.84.1",
            "kernel-rt-base": "4.12.14-10.84.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 12 SP5 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-10.84.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "4.12.14-10.84.1",
            "dlm-kmp-rt": "4.12.14-10.84.1",
            "gfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug": "4.12.14-10.84.1",
            "kernel-rt-devel": "4.12.14-10.84.1",
            "cluster-md-kmp-rt": "4.12.14-10.84.1",
            "kernel-rt_debug-devel": "4.12.14-10.84.1",
            "kernel-source-rt": "4.12.14-10.84.1",
            "kernel-rt": "4.12.14-10.84.1",
            "ocfs2-kmp-rt": "4.12.14-10.84.1",
            "kernel-syms-rt": "4.12.14-10.84.1",
            "kernel-rt-base": "4.12.14-10.84.1"
        }
    ]
}