SUSE-SU-2022:4505-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20224505-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:4505-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:4505-1
Related
Published
2022-12-16T12:29:50Z
Modified
2022-12-16T12:29:50Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4378: Fixed stack overflow in _doproc_dointvec (bsc#1206207).
  • CVE-2022-42328: Guests could trigger denial of service via the netback driver (bnc#1206114).
  • CVE-2022-42329: Guests could trigger denial of service via the netback driver (bnc#1206113).
  • CVE-2022-3643: Guests could trigger NIC interface reset/abort/crash via netback driver (bnc#1206113).
  • CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c (bsc#1204631).
  • CVE-2022-41850: Fixed a race condition in roccatreportevent() in drivers/hid/hid-roccat.c (bsc#1203960).
  • CVE-2022-45934: Fixed a integer wraparound via L2CAPCONFREQ packets in l2capconfigreq in net/bluetooth/l2cap_core.c (bsc#1205796).
  • CVE-2022-3628: Fixed potential buffer overflow in brcmffwehevent_worker() in wifi/brcmfmac (bsc#1204868).
  • CVE-2022-3567: Fixed a to race condition in inet6streamops()/inet6dgramops() (bsc#1204414).
  • CVE-2022-41858: Fixed a denial of service in sltxtimeout() in drivers/net/slip (bsc#1205671).
  • CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
  • CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
  • CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
  • CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2capcore.c's l2capparseconfreq() which can be used to leak kernel pointers remotely (bsc#1205705).
  • CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2capcore.c's l2capconnect() and l2capleconnect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).

The following non-security bugs were fixed:

  • Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
  • Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening (bsc#1204017, bsc#1205617).
  • Drivers: hv: vmbus: Drop error message when 'No request id available' (bsc#1204017).
  • Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero (bsc#1204017).
  • Drivers: hv: vmbus: Fix potential crash on module unload (git-fixes).
  • Drivers: hv: vmbus: Introduce vmbusrequestaddr_match() (bsc#1204017, bsc#1205617).
  • Drivers: hv: vmbus: Introduce vmbussendpacketgetid() (bsc#1204017, bsc#1205617).
  • Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017, bsc#1205617).
  • Drivers: hv: vmbus: Move _vmbusopen() (bsc#1204017).
  • Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer (git-fixes).
  • Drivers: hv: vmbus: fix double free in the error path of vmbusaddchannel_work() (git-fixes).
  • Drivers: hv: vmbus: fix possible memory leak in vmbusdeviceregister() (git-fixes).
  • FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (git-fixes).
  • FDDI: defxx: Make MMIO the configuration default except for EISA (git-fixes).
  • KVM: s390: Add a routine for setting userspace CPU state (git-fixes).
  • KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
  • KVM: s390: Fix handle_sske page fault handling (git-fixes).
  • KVM: s390: Simplify SIGP Set Arch handling (git-fixes).
  • KVM: s390: fix memory slot handling for KVMSETUSERMEMORYREGION (git-fixes).
  • KVM: s390: reduce number of IO pins to 1 (git-fixes).
  • KVM: s390: split kvms390logicaltoeffective (git-fixes).
  • KVM: s390: split kvms390realtoabs (git-fixes).
  • KVM: s390x: fix SCK locking (git-fixes).
  • NIU: fix incorrect error return, missed in previous revert (git-fixes).
  • PCI: hv: Add check for hypervinitialized in inithvpcidrv() (bsc#1204446).
  • PCI: hv: Add validation for untrusted Hyper-V values (bsc#1204017).
  • PCI: hv: Drop msi_controller structure (bsc#1204446).
  • PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA topology (bsc#1199365).
  • PCI: hv: Fix a race condition when removing the device (bsc#1204446).
  • PCI: hv: Fix hvarchirq_unmask() for multi-MSI (bsc#1200845).
  • PCI: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
  • PCI: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
  • PCI: hv: Fix sleep while in non-sleep context when removing child devices from the bus (bsc#1204446).
  • PCI: hv: Fix synchronization between channel callback and hvcomposemsi_msg() (bsc#1204017, bsc#1203860, bsc#1205617).
  • PCI: hv: Fix synchronization between channel callback and hvpcibus_exit() (bsc#1204017, bsc#1205617).
  • PCI: hv: Fix the definition of vector in hvcomposemsi_msg() (bsc#1200845).
  • PCI: hv: Make the code arch neutral by adding arch specific interfaces (bsc#1200845).
  • PCI: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
  • PCI: hv: Remove bus device removal unused refcount/functions (bsc#1204446).
  • PCI: hv: Remove unnecessary use of %hx (bsc#1204446).
  • PCI: hv: Reuse existing IRTE allocation in composemsimsg() (bsc#1200845).
  • PCI: hv: Support for create interrupt v3 (git-fixes).
  • PCI: hv: Use struct_size() helper (bsc#1204446).
  • PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (bsc#1204017).
  • PM: hibernate: fix sparse warnings (git-fixes).
  • Xen/gntdev: do not ignore kernel unmapping error (git-fixes).
  • add missing bug reference to a hv_netvsc patch file (bsc#1204850).
  • always clear the X2APIC_ENABLE bit for PV guest (git-fixes).
  • arm/xen: Do not probe xenbus as part of an early initcall (git-fixes).
  • ath5k: fix OOB in ath5keepromreadpcalinfo_5111 (git-fixes).
  • bfq: Update cgroup information before merging bio (git-fixes).
  • blk-mq: add callback of .cleanup_rq (git-fixes).
  • blktrace: Trace remapped requests correctly (git-fixes).
  • block/bfq: fix ifdef for CONFIGBFQGROUP_IOSCHED=y (git-fixes).
  • block: Add a helper to validate the block size (git-fixes).
  • block: blkqueueenter() / _bioqueue_enter() must return -EAGAIN for nowait (git-fixes).
  • block: do not delete queue kobject before its children (git-fixes).
  • block: respect queue limit of max discard segment (git-fixes).
  • block: rsxx: select CONFIG_CRC32 (git-fixes).
  • block: use 'unsigned long' for blkvalidateblock_size() (git-fixes).
  • bnxt_en: Clean up completion ring page arrays completely (git-fixes).
  • bnxt_en: Do not use static arrays for completion ring pages (git-fixes).
  • bnxt_en: Fix Priority Bytes and Packets counters in ethtool -S (git-fixes).
  • bnxt_en: Fix TX timeout when TX ring size is set to the smallest (git-fixes).
  • bnxt_en: Free context memory after disabling PCI in probe error path (git-fixes).
  • bnxt_en: Increase maximum RX ring size if jumbo ring is not used (git-fixes).
  • brd: re-enable _GFPHIGHMEM in brdinsertpage() (git-fixes).
  • can: peakpci: peakpci_remove(): fix UAF (git-fixes).
  • can: peakusb: pcanusbfddecodestatus(): fix back to ERRORACTIVE state notification (git-fixes).
  • can: rcar_can: fix suspend/resume (git-fixes).
  • ceph: check availability of mds cluster on mount after wait timeout (bsc#1205903).
  • ceph: do not skip updating wanted caps when cap is stale (bsc#1205905).
  • ceph: fix fscache invalidation (bsc#1205907).
  • ceph: fix potential race in cephcheckcaps (bsc#1205906).
  • ceph: lockdep annotations for trynonblockinginvalidate (bsc#1205908).
  • ceph: return -EINVAL if given fsc mount option on kernel w/o support (bsc#1205902).
  • ceph: return -ERANGE if virtual xattr value didn't fit in buffer (bsc#1205901).
  • ceph: return cephmdscdorequest() errors from _get_parent() (bsc#1205904).
  • cuse: prevent clone (bsc#1206120).
  • cxgb4: dont touch blocked freelist bitmap after free (git-fixes).
  • dm era: commit metadata in postsuspend after worker stops (git-fixes).
  • dm mirror log: clear log bits up to BITSPERLONG boundary (git-fixes).
  • dm mpath: remove harmful bio-based optimization (git-fixes).
  • dm raid: fix accesses beyond end of raid member array (git-fixes).
  • dm raid: fix address sanitizer warning in raid_resume (git-fixes).
  • dm raid: fix address sanitizer warning in raid_status (git-fixes).
  • dm thin: fix use-after-free crash in dmsmregisterthresholdcallback (git-fixes).
  • dm: return early from dmprcall() if DM device is suspended (git-fixes).
  • e100: fix buffer overrun in e100getregs (git-fixes).
  • e100: fix length calculation in e100getregs_len (git-fixes).
  • floppy: Fix hang in watchdog when disk is ejected (git-fixes).
  • ftrace: Fix char print issue in printipins() (git-fixes).
  • ftrace: Fix the possible incorrect kernel message (git-fixes).
  • ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
  • ftrace: Optimize the allocation for mcount entries (git-fixes).
  • fuse: do not check refcount after stealing page (bsc#1206119).
  • fuse: retrieve: cap requested size to negotiated max_write (bsc#1206118).
  • fuse: use READONCE on congestionthreshold and max_background (bsc#1206117).
  • gianfar: Disable EEE autoneg by default (git-fixes).
  • hvnetvsc: Add check for kvmallocarray (git-fixes).
  • hv_netvsc: Add error handling while switching data path (bsc#1204850).
  • hv_netvsc: Add validation for untrusted Hyper-V values (bsc#1204017).
  • hv_netvsc: Cache the current data path to avoid duplicate call and message (bsc#1204017).
  • hv_netvsc: Check VF datapath when sending traffic to VF (bsc#1204017).
  • hvnetvsc: Fix error handling in netvscset_features() (git-fixes).
  • hv_netvsc: Fix race between VF offering and VF association message from host (git-fixes).
  • hvnetvsc: Print value of invalid ID in netvscsend{completion,txcomplete}() (bsc#1204017).
  • hvnetvsc: Process NETDEVGOING_DOWN on VF hot remove (bsc#1204850).
  • hvnetvsc: Remove unnecessary roundup for recvcompletioncnt (bsc#1204017).
  • hvnetvsc: Reset the RSC count if NVSPSTATFAIL in netvscreceive() (bsc#1204017).
  • hv_netvsc: Sync offloading features to VF NIC (git-fixes).
  • hvnetvsc: Use vmbusrequestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • hvnetvsc: Wait for completion on request SWITCHDATA_PATH (bsc#1204017).
  • hvnetvsc: use netifisbondmaster() instead of open code (git-fixes).
  • i40e: Fix kernel crash during module removal (git-fixes).
  • i40e: Fix reset path while removing the driver (git-fixes).
  • i40e: fix endless loop under rtnl (git-fixes).
  • ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533 git-fixes).
  • ice: Increase control queue timeout (git-fixes).
  • igb: Fix position of assignment to *ring (git-fixes).
  • igc: Fix use-after-free error during reset (git-fixes).
  • igc: change default return of igcreadphy_reg() (git-fixes).
  • ipv6: ping: fix wrong checksum for large frames (bsc#1203183).
  • ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
  • kABI: Fix after adding traceiterator.waitindex (git-fixes).
  • kexec: turn all kexec_mutex acquisitions into trylocks (git-fixes).
  • kprobes/x86/xen: blacklist non-attachable xen interrupt functions (git-fixes).
  • macsec: check return value of skbtosgvec always (git-fixes).
  • macsec: fix memory leaks when skbtosgvec fails (git-fixes).
  • md/raid5: Ensure stripe_fill happens on non-read IO with journal (git-fixes).
  • md: Replace snprintf with scnprintf (git-fixes, bsc#1164051).
  • media: em28xx-input: fix refcount bug in em28xxusbdisconnect (git-fixes).
  • media: ite-cir: IR receiver stop working after receive overflow (git-fixes).
  • media: mceusb: RX -EPIPE (urb status = -32) lockup failure fix (git-fixes).
  • media: mceusb: TX -EPIPE (urb status = -32) lockup fix (git-fixes).
  • media: mceusb: do not read data parameters unless required (git-fixes).
  • media: mceusb: fix inaccurate debug buffer dumps, and misleading debug messages (git-fixes).
  • media: mceusb: sanity check for prescaler value (git-fixes).
  • media: mceusb: sporadic RX truncation corruption fix (git-fixes).
  • mm, swap, frontswap: fix THP swap if frontswap enabled (git-fixes).
  • module: change to print useful messages from elfvaliditycheck() (git-fixes).
  • module: fix [eshstrndx].shsize=0 OOB access (git-fixes).
  • module: harden ELF info handling (git-fixes).
  • natsemi: sonic: stop calling netdevbootsetup_check (git-fixes).
  • nbd: do not update block size after device is started (git-fixes).
  • net/mlx5: E-Switch, Hold mutex when querying drop counter in legacy mode (git-fixes).
  • net/mlx5: Fix flow table chaining (git-fixes).
  • net/mlx5e: Fix endianness handling in pedit mask (git-fixes).
  • net/mlx5e: Fix nullptr in mlx5ehairpinget_mdev() (git-fixes).
  • net: aquantia: Fix actual speed capabilities reporting (git-fixes).
  • net: bcmgenet: Ensure all TX/RX queues DMAs are disabled (git-fixes).
  • net: ethernet: arc: fix error handling in emacrockchipprobe (git-fixes).
  • net: ethernet: ti: ale: fix seeing unreg mcast packets with promisc and allmulti disabled (git-fixes).
  • net: ethernet: xilinx: Mark XILINXLLTEMAC broken on 64-bit (git-fixes).
  • net: hns3: add limit ets dwrr bandwidth cannot be 0 (git-fixes).
  • net: hns3: check vlan id before using it (git-fixes).
  • net: hns3: disable sriov before unload hclge layer (git-fixes).
  • net: hns3: do not allow call hns3nicnet_open repeatedly (git-fixes).
  • net: hns3: fix change RSS 'hfunc' ineffective issue (git-fixes).
  • net: hns3: fix kernel crash when unload VF while it is being reset (git-fixes).
  • net: hns3: reset DWRR of unused tc to zero (git-fixes).
  • net: hyperv: remove use of bpfopt (git-fixes).
  • net: ieee802154: adf7242: Fix bug if defined DEBUG (git-fixes).
  • net: ieee802154: at86rf230: Stop leaking skb's (git-fixes).
  • net: ieee802154: ca8210: Stop leaking skb's (git-fixes).
  • net: mdiobus: Fix memory leak in _mdiobusregister (git-fixes).
  • net: moxa: fix UAF in moxartmacprobe (git-fixes).
  • net: natsemi: Fix missing pcidisabledevice() in probe and remove (git-fixes).
  • net: netvsc: remove break after return (git-fixes).
  • net: nxp: lpc_eth.c: avoid hang when bringing interface down (git-fixes).
  • net: qcom/emac: fix UAF in emac_remove (git-fixes).
  • net: smsc911x: Fix unload crash when link is up (git-fixes).
  • net: ti: fix UAF in tlanremoveone (git-fixes).
  • net: xen-netback: fix return type of ndostartxmit function (git-fixes).
  • nfsd: set the server_scope during service startup (bsc#1203746).
  • nullblk: Fix the nulladd_dev() error path (git-fixes).
  • nullblk: fix ida error handling in nulladd_dev() (git-fixes).
  • nullblk: fix passing of REQFUA flag in nullhandlerq (git-fixes).
  • panic, kexec: make _crashkexec() NMI safe (git-fixes).
  • phy: mdio: fix memory leak (git-fixes).
  • ptp: dp83640: do not define PAGE0 (git-fixes).
  • qed: Fix missing error code in qedslowpathstart() (git-fixes).
  • rbd: fix possible memory leak in rbdsysfsinit() (git-fixes).
  • ring-buffer: Add ringbufferwake_waiters() (git-fixes).
  • ring-buffer: Allow splice to read previous partially read pages (git-fixes).
  • ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters() (git-fixes).
  • ring-buffer: Check pending waiters when doing wake ups as well (git-fixes).
  • ring-buffer: Fix race between reset page and reading page (git-fixes).
  • ring_buffer: Do not deactivate non-existant pages (git-fixes).
  • s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
  • s390/cio: Fix the 'type' field in s390ciotpi tracepoint (git-fixes).
  • s390/cio: dont call csswaitforslowpath() inside a lock (git-fixes).
  • s390/cpcmd: fix inline assembly register clobbering (git-fixes).
  • s390/crash: fix incorrect number of bytes to copy to user space (git-fixes).
  • s390/crash: make copyoldmempage() return number of bytes copied (git-fixes).
  • s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).
  • s390/ctcm: fix potential memory leak (git-fixes).
  • s390/ctcm: fix variable dereferenced before check (git-fixes).
  • s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup (git-fixes).
  • s390/futex: add missing EXTABLE entry to _futexatomicop() (git-fixes).
  • s390/lcs: fix variable dereferenced before check (git-fixes).
  • s390/mcck: fix invalid KVM guest condition check (git-fixes).
  • s390/mcck: isolate SIE instruction when setting CIFMCCKGUEST flag (git-fixes).
  • s390/mm: use non-quiescing sske for KVM switch to keyed guest (git-fixes).
  • s390/module: fix loading modules with a lot of relocations (git-fixes).
  • s390/nmi: handle guarded storage validity failures for KVM guests (git-fixes).
  • s390/nmi: handle vector validity failures for KVM guests (git-fixes).
  • s390/pci: add missing EXTABLE entries to pcistgmioinuser()/pcilgmio_inuser() (git-fixes).
  • s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes).
  • s390/pv: fix the forcing of the swiotlb (git-fixes).
  • s390/qdio: cancel the ESTABLISH ccw after timeout (git-fixes).
  • s390/qdio: fix roll-back after timeout on ESTABLISH ccw (git-fixes).
  • s390/qeth: Fix deadlock in remove_discipline (bsc#1206213 LTC#200742).
  • s390/qeth: Fix error handling during VNICC initialization (git-fixes).
  • s390/qeth: Fix initialization of vnicc cmd masks during set online (git-fixes).
  • s390/qeth: Fix vniccisinuse if rxbcast not set (git-fixes).
  • s390/qeth: do not defer close_dev work during recovery (bsc#1206213 LTC#200742).
  • s390/qeth: fix NULL deref in qethclearworkingpoollist() (git-fixes).
  • s390/qeth: fix deadlock during failing recovery (bsc#1206213 LTC#200742).
  • s390/qeth: fix false reporting of VNIC CHAR config failure (git-fixes).
  • s390/qeth: fix memory leak after failed TX Buffer allocation (git-fixes).
  • s390/qeth: fix notification for pending buffers during teardown (git-fixes).
  • s390/qeth: remove driver-wide workqueue (bsc#1206213 LTC#200742).
  • s390/qeth: vnicc Fix EOPNOTSUPP precedence (git-fixes).
  • s390/qeth: vnicc Fix init to default (git-fixes).
  • s390/uaccess: add missing EXTABLE entries to _clearuser(), copyinusermvcos(), copyinusermvc(), clearuserxc() and _strnlen_user() (git-fixes).
  • s390/zcore: fix race when reading from hardware system area (git-fixes).
  • s390: Remove archhasrandom, archhasrandom_seed (git-fixes).
  • s390: appldata depends on PROC_SYSCTL (git-fixes).
  • s390: define get_cycles macro for arch-override (git-fixes).
  • s390: fix nospec table alignments (git-fixes).
  • sbitmap: fix possible io hung due to lost wakeup (git-fixes).
  • scsi: bsg: Remove support for SCSIIOCTLSEND_COMMAND (git-fixes).
  • scsi: ibmvfc: Avoid path failures during live migration (bsc#1065729).
  • scsi: ibmvscsis: Increase INITIALSRPLIMIT to 1024 (bsc#1156395).
  • scsi: libsas: Fix use-after-free bug in smpexecutetask_sg() (git-fixes).
  • scsi: lpfc: Rework MIB Rx Monitor debug info logic (git-fixes).
  • scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
  • scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
  • scsi: qla2xxx: Use transport-defined speed mask for supported_speeds (bsc#1204963).
  • scsi: storvsc: Drop DIDTARGETFAILURE use (git-fixes).
  • scsi: storvsc: Fix maxoutstandingreqperchannel for Win8 and newer (bsc#1204017).
  • scsi: storvsc: Fix validation for unsolicited incoming packets (bsc#1204017).
  • scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq (git-fixes).
  • scsi: storvsc: Resolve data race in storvsc_probe() (bsc#1204017).
  • scsi: storvsc: Use blkmqunique_tag() to generate requestIDs (bsc#1204017).
  • scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • scsi: storvsc: Validate length of incoming packet in storvsconchannel_callback() (bsc#1204017).
  • scsi: zfcp: Fix double free of FSF request when qdio send fails (git-fixes).
  • scsi: zfcp: Fix missing auto port scan and thus missing target ports (git-fixes).
  • sfp: fix RX_LOS signal handling (git-fixes).
  • sis900: Fix missing pcidisabledevice() in probe and remove (git-fixes).
  • sunrpc: Re-purpose tracesvcprocess (bsc#1205006).
  • tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
  • tracing: Disable interrupt or preemption before acquiring archspinlockt (git-fixes).
  • tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
  • tracing: Simplify conditional compilation code in tracingsettracer() (git-fixes).
  • tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
  • tracing: Wake up waiters when tracing is disabled (git-fixes).
  • tulip: windbond-840: Fix missing pcidisabledevice() in probe and remove (git-fixes).
  • usb: chipidea: udc: check request status before setting device address (git-fixes).
  • usb: musb: Fix suspend with devices connected for a64 (git-fixes).
  • vfio/ccw: Do not change FSM state in subchannel event (git-fixes).
  • vfio: ccw: fix error return in vfioccwsch_event (git-fixes).
  • virtio-blk: Use blkvalidateblock_size() to validate block size (git-fixes).
  • virtio/s390: implement virtio-ccw revision 2 correctly (git-fixes).
  • virtioblk: eliminate anonymous moduleinit & module_exit (git-fixes).
  • virtio_net: move tx vq operation under tx queue lock (git-fixes).
  • vxlan: add missing rcureadlock() in neigh_reduce() (git-fixes).
  • x86/bugs: Make sure MSRSPECCTRL is updated properly upon resume from S3 (bsc#1206037).
  • x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
  • x86/hyperv: Output host build info as normal Windows version number (git-fixes).
  • x86/hyperv: Set pv_info.name to 'Hyper-V' (git-fixes).
  • x86/microcode/AMD: Apply the patch early on every logical thread (bsc#1205264).
  • x86/xen: Distribute switch variables for initialization (git-fixes).
  • x86/xen: Return from panic notifier (git-fixes).
  • x86/xen: do not unbind uninitialized lockkickerirq (git-fixes).
  • xen-blkback: prevent premature module unload (git-fixes).
  • xen-netback: correct success/error reporting for the SKB-with-fraglist case (git-fixes).
  • xen-netfront: remove warning when unloading module (git-fixes).
  • xen/balloon: fix balloon initialization for PVH Dom0 (git-fixes).
  • xen/balloon: fix balloon kthread freezing (git-fixes).
  • xen/balloon: fix ballooned page accounting without hotplug enabled (git-fixes).
  • xen/balloon: fix cancelled balloon action (git-fixes).
  • xen/balloon: use a kernel thread instead a workqueue (git-fixes).
  • xen/blkback: fix memory leaks (git-fixes).
  • xen/efi: Set nonblocking callbacks (git-fixes).
  • xen/gntdev: Avoid blocking in unmapgrantpages() (git-fixes).
  • xen/gntdev: Fix off-by-one error when unmapping with holes (git-fixes).
  • xen/gntdev: Fix partial gntdev_mmap() cleanup (git-fixes).
  • xen/gntdev: Ignore failure to unmap INVALIDGRANTHANDLE (git-fixes).
  • xen/gntdev: Prevent leaking grants (git-fixes).
  • xen/grant-table: Use putpage instead of freepage (git-fixes).
  • xen/pciback: Check dev_data before using it (git-fixes).
  • xen/pciback: remove set but not used variable 'old_state' (git-fixes).
  • xen/pcpu: fix possible memory leak in register_pcpu() (git-fixes).
  • xen/scsiback: add error handling for xenbus_printf (git-fixes).
  • xen/xenbus: Fix granting of vmalloc'd memory (git-fixes).
  • xen/xenbus: ensure xenbusmapring_valloc() returns proper grant status (git-fixes).
  • xen: Fix XenStore initialisation for XS_LOCAL (git-fixes).
  • xen: Fix event channel callback via INTX/GSI (git-fixes).
  • xen: XENACPIPROCESSOR is Dom0-only (git-fixes).
  • xen: add error handling for xenbus_printf (git-fixes).
  • xen: avoid crash in disablehotplugcpu (bsc#1106594).
  • xen: fix GCC warning and remove duplicate EVTCHNROW/EVTCHNCOL usage (git-fixes).
  • xen: xenbus: use put_device() instead of kfree() (git-fixes).
  • xenbus: req->body should be updated before req->state (git-fixes).
  • xenbus: req->err should be updated before req->state (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-16.120.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "4.12.14-16.120.1",
            "kernel-azure-devel": "4.12.14-16.120.1",
            "kernel-devel-azure": "4.12.14-16.120.1",
            "kernel-syms-azure": "4.12.14-16.120.1",
            "kernel-azure-base": "4.12.14-16.120.1",
            "kernel-source-azure": "4.12.14-16.120.1"
        }
    ]
}