SUSE-SU-2023:2822-1

Source
https://www.suse.com/support/update/announcement/2023/suse-su-20232822-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:2822-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2023:2822-1
Related
Published
2023-07-14T07:33:01Z
Modified
2023-07-14T07:33:01Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212842).
  • CVE-2023-3111: Fixed a use-after-free vulnerability in preparetorelocate in fs/btrfs/relocation.c (bsc#1212051).
  • CVE-2023-3358: Fixed a NULL pointer dereference flaw in the Integrated Sensor Hub (ISH) driver (bsc#1212606).
  • CVE-2023-1249: Fixed a use-after-free flaw in the core dump subsystem that allowed a local user to crash the system (bsc#1209039).
  • CVE-2023-3268: Fixed an out of bounds (OOB) memory access flaw in relayfilereadstartpos in kernel/relay.c (bsc#1212502).
  • CVE-2023-2002: Fixed a flaw that allowed an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication (bsc#1210533).
  • CVE-2023-35824: Fixed a use-after-free in dm1105_remove in drivers/media/pci/dm1105/dm1105.c (bsc#1212501).
  • CVE-2023-3161: Fixed shift-out-of-bounds in fbconsetfont() (bsc#1212154).
  • CVE-2023-3141: Fixed a use-after-free flaw in r592_remove in drivers/memstick/host/r592.c, that allowed local attackers to crash the system at device disconnect (bsc#1212129).
  • CVE-2023-3159: Fixed use-after-free issue in driver/firewire in outboundphypacket_callback (bsc#1212128).
  • CVE-2023-1077: Fixed a type confusion in picknextrt_entity(), that could cause memory corruption (bsc#1208600).
  • CVE-2023-1637: Fixed vulnerability that could lead to unauthorized access to CPU memory after resuming CPU from suspend-to-RAM (bsc#1209779).
  • CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asuskbdbacklight_set when plugging/disconnecting a malicious USB device (bsc#1208604).

The following non-security bugs were fixed:

  • Decrease the number of SMB3 smbdirect client SGEs (bsc#1190317).
  • Drop dvb-core fix patch due to bug (bsc#1205758).
  • Fix formatting of client smbdirect RDMA logging (bsc#1190317).
  • Fix missing top level chapter numbers on SLE12 SP5 (bsc#1212158).
  • Fix usrmerge error (boo#1211796).
  • Handle variable number of SGEs in client smbdirect send (bsc#1190317).
  • Reduce client smbdirect max receive segment size (bsc#1190317).
  • Remove usrmerge compatibility symlink in buildroot (boo#1211796)
  • affs: initialize fsdata in affs_truncate() (git-fixes).
  • bnx2x: Check if transceiver implements DDM before access (git-fixes).
  • bnxt_en: Fix mqprio and XDP ring checking logic (git-fixes).
  • bnxt_en: Fix typo in PCI id to device description string mapping (git-fixes).
  • bnxt_en: Query default VLAN before VNIC setup on a VF (git-fixes).
  • bnxten: Remove debugfs when pciregister_driver failed (git-fixes).
  • bnxt_en: fix NQ resource accounting during vf creation on 57500 chips (git-fixes).
  • bnxten: fix potentially incorrect return value for ndorxflowsteer (git-fixes).
  • bnxt_en: reclaim max resources if sriov enable fails (git-fixes).
  • bugzilla-create: always end email with @suse.com
  • bugzilla-create: take bugzilla email from BUGZILLAACCOUNTEMAIL env var Some people have emails in bugzilla that are completely different than emails they use in git and providing one with -e option is tedious. Make bugzilla-create more flexible by providing the third options that sits between command line option and git-config automation.
  • cdc-ncm: avoid overflow in sanity checking (git-fixes).
  • ceph: fix use-after-free bug for inodes when flushing capsnaps (bsc#1212938).
  • cifs: Add helper function to check smb1+ server (bsc#1190317).
  • cifs: Convert struct fealist away from 1-element array (bsc#1190317).
  • cifs: Fix connections leak when tlink setup failed (bsc#1190317).
  • cifs: Fix lost destroy smbd connection when MR allocate failed (bsc#1190317).
  • cifs: Fix memory leak when build ntlmssp negotiate blob failed (bsc#1190317).
  • cifs: Fix oops due to uncleared server->smbd_conn in reconnect (bsc#1190317).
  • cifs: Fix pages array leak when writedata alloc failed in cifswritedataalloc() (bsc#1190317).
  • cifs: Fix pages leak when writedata alloc failed in cifswritefrom_iter() (bsc#1190317).
  • cifs: Fix smb2setpath_size() (bsc#1190317).
  • cifs: Fix the error length of VALIDATENEGOTIATEINFO message (bsc#1190317).
  • cifs: Fix uninitialized memory read for smb311 posix symlink create (bsc#1190317).
  • cifs: Fix uninitialized memory read in smb3qfstcon() (bsc#1190317).
  • cifs: Fix uninitialized memory reads for oparms.mode (bsc#1190317).
  • cifs: Fix use-after-free in rdata->readintopages() (bsc#1190317).
  • cifs: Fix warning and UAF when destroy the MR list (bsc#1190317).
  • cifs: Fix wrong return value checking when GETFLAGS (bsc#1190317).
  • cifs: Fix xid leak in cifscopyfile_range() (bsc#1190317).
  • cifs: Fix xid leak in cifs_create() (bsc#1190317).
  • cifs: Fix xid leak in cifs_flock() (bsc#1190317).
  • cifs: Get rid of unneeded conditional in the smb2getaead_req() (bsc#1190317).
  • cifs: Move the insend statistic to _smbsendrqst() (bsc#1190317).
  • cifs: Remove duplicated include in cifsglob.h (bsc#1190317).
  • cifs: Replace zero-length arrays with flexible-array members (bsc#1190317).
  • cifs: Spelling s/EACCESS/EACCES/ (bsc#1190317).
  • cifs: Use help macro to get the header preamble size (bsc#1190317).
  • cifs: Use help macro to get the mid header size (bsc#1190317).
  • cifs: Use kstrtobool() instead of strtobool() (bsc#1190317).
  • cifs: add check for returning value of SMB2closeinit (bsc#1190317).
  • cifs: add check for returning value of SMB2setinfo_init (bsc#1190317).
  • cifs: add missing spinlock around tcon refcount (bsc#1190317).
  • cifs: always initialize struct msghdr smb_msg completely (bsc#1190317).
  • cifs: avoid re-lookups in dfscachefind() (bsc#1190317).
  • cifs: avoid use of global locks for high contention data (bsc#1190317).
  • cifs: destage dirty pages before re-reading them for cache=none (bsc#1190317).
  • cifs: do not include page data when checking signature (bsc#1190317).
  • cifs: do not send down the destination address to sendmsg for a SOCK_STREAM (bsc#1190317).
  • cifs: do not take exclusive lock for updating target hints (bsc#1190317).
  • cifs: do not try to use rdma offload on encrypted connections (bsc#1190317).
  • cifs: fix DFS traversal oops without CONFIGCIFSDFS_UPCALL (bsc#1190317).
  • cifs: fix confusing debug message (bsc#1190317).
  • cifs: fix double free on failed kerberos auth (bsc#1190317).
  • cifs: fix double-fault crash during ntlmssp (bsc#1190317).
  • cifs: fix indentation in make menuconfig options (bsc#1190317).
  • cifs: fix memory leaks in session setup (bsc#1190317).
  • cifs: fix missing display of three mount options (bsc#1190317).
  • cifs: fix mount on old smb servers (bsc#1190317).
  • cifs: fix oops during encryption (bsc#1190317).
  • cifs: fix pcchunk length type in smb2copychunkrange (bsc#1190317).
  • cifs: fix potential deadlock in cacherefreshpath() (bsc#1190317).
  • cifs: fix potential memory leaks in session setup (bsc#1190317).
  • cifs: fix race in assemblenegcontexts() (bsc#1190317).
  • cifs: fix return of uninitialized rc in dfscacheupdate_tgthint() (bsc#1190317).
  • cifs: fix small mempool leak in SMB2_negotiate() (bsc#1190317).
  • cifs: fix use-after-free caused by invalid pointer hostname (bsc#1190317).
  • cifs: fix various whitespace errors in headers (bsc#1190317).
  • cifs: get rid of dns resolve worker (bsc#1190317).
  • cifs: get rid of unneeded conditional in cifsgetnum_sgs() (bsc#1190317).
  • cifs: handle cache lookup errors different than -ENOENT (bsc#1190317).
  • cifs: ignore ipc reconnect failures during dfs failover (bsc#1190317).
  • cifs: introduce cifsioparms in smb2asyncwritev() (bsc#1190317).
  • cifs: lease key is uninitialized in smb1 paths (bsc#1190317).
  • cifs: lease key is uninitialized in two additional functions when smb1 (bsc#1190317).
  • cifs: match even the scope id for ipv6 addresses (bsc#1190317).
  • cifs: minor cleanup of some headers (bsc#1190317).
  • cifs: misc: fix spelling typo in comment (bsc#1190317).
  • cifs: prevent copying past input buffer boundaries (bsc#1190317).
  • cifs: prevent data race in cifsreconnecttcon() (bsc#1190317).
  • cifs: prevent data race in smb2_reconnect() (bsc#1190317).
  • cifs: prevent infinite recursion in CIFSGetDFSRefer() (bsc#1190317).
  • cifs: print last update time for interface list (bsc#1190317).
  • cifs: protect access of TCPServerInfo::{dstaddr,hostname} (bsc#1190317).
  • cifs: remove ->writepage (bsc#1190317).
  • cifs: remove duplicate code in _refreshtcon() (bsc#1190317).
  • cifs: remove initialization value (bsc#1190317).
  • cifs: remove redundant assignment to the variable match (bsc#1190317).
  • cifs: remove unneeded 2bytes of padding from smb2 tree connect (bsc#1190317).
  • cifs: return ENOENT for DFS lookupcacheentry() (bsc#1190317).
  • cifs: return correct error in ->calc_signature() (bsc#1190317).
  • cifs: reuse cifsmatchipaddr for comparison of dstaddr too (bsc#1190317).
  • cifs: revalidate mapping when doing direct writes (bsc#1190317).
  • cifs: sanitize paths in cifsupdatesuper_prepath (bsc#1190317).
  • cifs: secmech: use shash_desc directly, remove sdesc (bsc#1190317).
  • cifs: set correct ipc status after initial tree connect (bsc#1190317).
  • cifs: set correct tcon status after initial tree connect (bsc#1190317).
  • cifs: set resolved ip in sockaddr (bsc#1190317).
  • cifs: skip alloc when request has no pages (bsc#1190317).
  • cifs: skip extra NULL byte in filenames (bsc#1190317).
  • cifs: split out ses and tcon retrieval from mountgetconns() (bsc#1190317).
  • cifs: split out smb3userdma_offload() helper (bsc#1190317).
  • cifs: stop using generic_writepages (bsc#1190317).
  • cifs: update Kconfig description (bsc#1190317).
  • cifs: update internal module number (bsc#1190317).
  • cifs: update internal module number (bsc#1190317).
  • cifs: use ALIGN() and round_up() macros (bsc#1190317).
  • cifs: use stub posix acl handlers (bsc#1190317).
  • cifsatomicopen(): fix double-put on late allocation failure (bsc#1190317).
  • coda: add error handling for fget (git-fixes).
  • coda: fix build using bare-metal toolchain (git-fixes).
  • coda: pass the host file in vma->vm_file on mmap (git-fixes).
  • cxgb4: fix a memory leak bug (git-fixes).
  • dim: initialize all struct fields (bsc#1174852).
  • e1000e: Correct NVM checksum verification flow (git-fixes).
  • e1000e: Disable TSO on i219-LM card to increase speed (git-fixes).
  • e1000e: Fix TX dispatch condition (git-fixes).
  • e1000e: Fix possible overflow in LTR decoding (git-fixes).
  • fs/adfs: super: fix use-after-free bug (git-fixes).
  • fs/affs: release old buffer head on error path (git-fixes).
  • fs/hfs/extent.c: fix array out of bounds read of array extent (git-fixes).
  • fs/ocfs2/dlm/dlmdebug.c: fix a sleep-in-atomic-context bug in dlmprintone_mle() (git-fixes).
  • fs/ufs: avoid potential u32 multiplication overflow (git-fixes).
  • fs: hfsplus: fix UAF issue in hfsplusputsuper (git-fixes).
  • fs: ocfs2: fix a possible null-pointer dereference in ocfs2infoscaninodealloc() (git-fixes).
  • fs: ocfs2: fix a possible null-pointer dereference in ocfs2writeend_nolock() (git-fixes).
  • fs: sysv: Fix sysv_nblocks() returns wrong value (git-fixes).
  • google/gve:fix repeated words in comments (bsc#1211519).
  • gve: Adding a new AdminQ command to verify driver (bsc#1211519).
  • gve: Cache link_speed value from device (bsc#1211519).
  • gve: Fix GFP flags when allocing pages (bsc#1211519).
  • gve: Fix error return code in gveprefillrx_pages() (bsc#1211519).
  • gve: Fix spelling mistake 'droping' -> 'dropping' (bsc#1211519).
  • gve: Handle alternate miss completions (bsc#1211519).
  • gve: Reduce alloc and copy costs in the GQ rx path (bsc#1211519).
  • gve: Remove the code of clearing PBA bit (bsc#1211519).
  • gve: Secure enough bytes in the first TX desc for all TCP pkts (bsc#1211519).
  • gve: enhance no queue page list detection (bsc#1211519).
  • hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling (git-fixes).
  • hfs/hfsplus: use WARN_ON for sanity check (git-fixes).
  • hfs: Fix OOB Write in hfs_asc2mac (git-fixes).
  • hfs: add lock nesting notation to hfsfindinit (git-fixes).
  • hfs: add missing clean-up in hfsfillsuper (git-fixes).
  • hfs: fix BUG on bnode parent update (git-fixes).
  • hfs: fix OOB Read in _hfsbrec_find (git-fixes).
  • hfs: fix high memory mapping in hfsbnoderead (git-fixes).
  • hfs: fix missing hfsbnodeget() in _hfsbnode_create (git-fixes).
  • hfs: fix return value of hfsgetblock() (git-fixes).
  • hfs: prevent btree data loss on ENOSPC (git-fixes).
  • hfs: update timestamp on truncate() (git-fixes).
  • hfsplus: fix BUG on bnode parent update (git-fixes).
  • hfsplus: fix bug causing custom uid and gid being unable to be assigned with mount (git-fixes).
  • hfsplus: fix crash and filesystem corruption when deleting files (git-fixes).
  • hfsplus: fix return value of hfsplusgetblock() (git-fixes).
  • hfsplus: prevent btree data loss on ENOSPC (git-fixes).
  • hfsplus: update timestamps on truncate() (git-fixes).
  • igb: Add lock to avoid data race (git-fixes).
  • igb: Allocate MSI-X vector when testing (git-fixes).
  • igb: Enable SR-IOV after reinit (git-fixes).
  • igb: Initialize mailbox message for VF reset (git-fixes).
  • igb: Make DMA faster when CPU is active on the PCIe link (git-fixes).
  • igb: fix bit_shift to be in [1..8] range (git-fixes).
  • igb: fix netpoll exit with traffic (git-fixes).
  • igb: fix nvm.ops.read() error handling (git-fixes).
  • igb: skip phy status check where unavailable (git-fixes).
  • igbvf: Regard vf reset nack as success (git-fixes).
  • igbvf: fix double free in igbvf_probe (git-fixes).
  • igc: Fix BUG: scheduling while atomic (git-fixes).
  • igc: Fix infinite loop in releaseswfwsync (git-fixes).
  • igc: igcreadphyreggpy: drop premature return (git-fixes).
  • igc: igcwritephyreggpy: drop premature return (git-fixes).
  • intel/igbvf: free irq on the error path in igbvfrequestmsix() (git-fixes).
  • ipv4: fix uninit-value in iprouteoutputkeyhash_rcu() (git-fixes).
  • ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero (git-fixes).
  • ixgbe: Allow flow hash to be set via ethtool (git-fixes).
  • ixgbe: Check DDM existence in transceiver before access (git-fixes).
  • ixgbe: Enable setting RSS table to default values (git-fixes).
  • ixgbe: do not reserve excessive XDPPACKETHEADROOM on XSK Rx to skb (git-fixes).
  • ixgbe: ensure IPsec VF<->PF compatibility (git-fixes).
  • ixgbe: fix bcast packets Rx on VF after promisc removal (git-fixes).
  • ixgbe: fix pci device refcount leak (git-fixes).
  • ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
  • ixgbe: set X550 MDIO speed before talking to PHY (git-fixes).
  • ixgbe: stop resetting SYSTIME in ixgbeptpstart_cyclecounter (git-fixes).
  • kernel-binary: install expoline.o (boo#1210791 bsc#1211089)
  • kprobes: Do not call BUG_ON() if there is a kprobe in use on free list (git-fixes).
  • kprobes: Do not use local variable when creating debugfs file (git-fixes).
  • kprobes: Fix NULL pointer dereference at kprobeftracehandler (git-fixes).
  • kprobes: Fix check for probe enabled in kill_kprobe() (git-fixes).
  • kprobes: Fix error check when reusing optimized probes (git-fixes).
  • kprobes: Fix optimizekprobe()/unoptimizekprobe() cancellation logic (git-fixes).
  • kprobes: Fix to check probe enabled before disarmkprobeftrace() (git-fixes).
  • kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list (git-fixes).
  • kprobes: Fix to protect kickkprobeoptimizer() by kprobe_mutex (git-fixes).
  • kprobes: Forbid probing on trampoline and BPF code areas (git-fixes).
  • kprobes: Prohibit probes in gate area (git-fixes).
  • kprobes: Prohibit probing on BUG() and WARN() address (git-fixes).
  • kprobes: Remove pointless BUGON() from reuseunused_kprobe() (git-fixes).
  • kprobes: Set unoptimized flag after unoptimizing code (git-fixes).
  • kprobes: Use synchronizercutasks() for optprobe with CONFIG_PREEMPT=y (git-fixes).
  • kprobes: do not call disarm_kprobe() for disabled kprobes (git-fixes).
  • kprobes: fix kill kprobe which has been marked as gone (git-fixes).
  • kretprobe: Avoid re-registration of the same kretprobe earlier (git-fixes).
  • l2tp: hold reference on tunnels in netlink dumps (git-fixes).
  • l2tp: hold reference on tunnels printed in l2tp/tunnels debugfs file (git-fixes).
  • l2tp: hold reference on tunnels printed in pppol2tp proc file (git-fixes).
  • mlx5: count all link events (git-fixes).
  • net/ethernet/qlogic/qed: force the string buffer NULL-terminated (git-fixes).
  • net/mlx4: Check retval of mlx4bitmapinit (git-fixes).
  • net/mlx4_en: Do not allow aRFS for encapsulated packets (git-fixes).
  • net/mlx4en: Fix an use-after-free bug in mlx4entryalloc_resources() (git-fixes).
  • net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (git-fixes).
  • net/mlx4_en: Resolve bad operstate value (git-fixes).
  • net/usb/drivers: Remove useless hrtimer_active check (git-fixes).
  • net: axienet: Fix race condition causing TX hang (git-fixes).
  • net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize (git-fixes).
  • net: cdc_ncm: remove set but not used variable 'ctx' (git-fixes).
  • net: cxgb3main: Fix a resource leak in a error path in 'initone()' (git-fixes).
  • net: dev: Use unsigned integer as an argument to left-shift (git-fixes).
  • net: fec: fix rare tx timeout (git-fixes).
  • net: fix warning in af_unix (git-fixes).
  • net: hisilicon: Fix 'Trying to free already-free IRQ' (git-fixes).
  • net: ks8851: Dequeue RX packets explicitly (git-fixes).
  • net: macb: Clean 64b dma addresses if they are not detected (git-fixes).
  • net: marvell: mvneta: fix DMA debug warning (git-fixes).
  • net: myri10ge: fix memory leaks (git-fixes).
  • net: set static variable an initial value in atl2_probe() (git-fixes).
  • net: thunderx: make CFG_DONE message to run through generic send-ack sequence (git-fixes).
  • net: usb: qmi_wwan: Set DTR quirk for BroadMobi BM818 (git-fixes).
  • netfilter: xtables: add and use xtcheckprocname (git-fixes).
  • netlabel: If PFINET6, check skbuff ip header version (git-fixes).
  • ocfs2/dlm: do not handle migrate lockres if already in shutdown (git-fixes).
  • ocfs2: call journal flush to mark journal as empty after journal recovery when mount (git-fixes).
  • ocfs2: clear dinode links count in case of error (git-fixes).
  • ocfs2: clear journal dirty flag after shutdown journal (git-fixes).
  • ocfs2: clear zero in unaligned direct IO (git-fixes).
  • ocfs2: dlmfs: fix error handling of userdlmdestroy_lock (git-fixes).
  • ocfs2: do not clear bh uptodate for block read (git-fixes).
  • ocfs2: do not put and assigning null to bh allocated outside (git-fixes).
  • ocfs2: fix BUG when iput after ocfs2_mknod fails (git-fixes).
  • ocfs2: fix a NULL pointer dereference when call ocfs2updateinodefsynctrans() (git-fixes).
  • ocfs2: fix a panic problem caused by o2cb_ctl (git-fixes).
  • ocfs2: fix clusters leak in ocfs2defragextent() (git-fixes).
  • ocfs2: fix deadlock caused by ocfs2defragextent() (git-fixes).
  • ocfs2: fix defrag path triggering jbd2 ASSERT (git-fixes).
  • ocfs2: fix memory leak in ocfs2stackglue_init() (git-fixes).
  • ocfs2: fix non-auto defrag path not working issue (git-fixes).
  • ocfs2: fix panic due to unrecovered local alloc (git-fixes).
  • ocfs2: fix potential use after free (git-fixes).
  • ocfs2: remove set but not used variable 'last_hash' (git-fixes).
  • ocfs2: take inode cluster lock before moving reflinked inode from orphan dir (git-fixes).
  • ocfs2: wait for recovering done after direct unlock request (git-fixes).
  • openvswitch: fix linking without CONFIGNFCONNTRACK_LABELS (git-fixes).
  • pci/msi: Clear PCIMSIXFLAGS_MASKALL on error (git-fixes).
  • pci/msi: Destroy sysfs before freeing entries (git-fixes).
  • pci/msi: Fix pciirqvector()/pciirqget_affinity() (git-fixes).
  • pci/msi: Mask MSI-X vectors only on success (git-fixes).
  • pci: Add PCIEXPDEVCTLPAYLOAD* macros (git-fixes).
  • pci: aardvark: Clear all MSIs at setup (git-fixes).
  • pci: aardvark: Do not clear status bits of masked interrupts (git-fixes).
  • pci: aardvark: Do not unmask unused interrupts (git-fixes).
  • pci: aardvark: Fix return value of MSI domain .alloc() method (git-fixes).
  • pci: aardvark: Read all 16-bits from PCIEMSIPAYLOAD_REG (git-fixes).
  • pci: aardvark: Replace custom macros by standard linux/pci_regs.h macros (git-fixes).
  • pci: pciehp: Clear cmd_busy bit in polling mode (git-fixes).
  • pci: pciehp: Fix infinite loop in IRQ handler upon power fault (git-fixes).
  • powerpc/64s/radix: Fix soft dirty tracking (bsc#1065729).
  • powerpc/iommu: Limit number of TCEs to 512 for HSTUFFTCE hcall (bsc#1212701).
  • put quirkdisableautosuspend into a hole (git-fixes).
  • qed: Add cleanup in qedslowpathstart() (git-fixes).
  • qed: RDMA - Fix the hw_ver returned in device attributes (git-fixes).
  • reiserfs: Add missing calls to reiserfssecurityfree() (git-fixes).
  • reiserfs: Add security prefix to xattr name in reiserfssecuritywrite() (git-fixes).
  • reiserfs: Fix memory leak in reiserfsparseoptions() (git-fixes).
  • reiserfs: add check for invalid 1st journal block (git-fixes).
  • reiserfs: add check for rootinode in reiserfsfill_super (git-fixes).
  • reiserfs: change jtimestamp type to time64t (git-fixes).
  • reiserfs: check directory items on read from disk (git-fixes).
  • reiserfs: only call unlocknewinode() if I_NEW (git-fixes).
  • reiserfs: prevent NULL pointer dereference in reiserfsinsertitem() (git-fixes).
  • reiserfs: propagate errors from fillwithdentries() properly (git-fixes).
  • revert 'squashfs: harden sanity check in squashfsreadxattridtable' (git-fixes).
  • rpm/check-for-config-changes: add TOOLCHAINNEEDS* to IGNOREDCONFIGSRE
  • rpm/constraints.in: Increase disk size constraint for riscv64 to 52GB
  • rpm/kernel-binary.spec.in: Add Provides of kernel-preempt (jsc#SLE-18857)
  • rpm/kernel-binary.spec.in: Fix compatibility wth newer rpm
  • rpm/kernel-binary.spec.in: Fix missing kernel-preempt-devel and KMP Provides (bsc#1199046)
  • rpm/kernel-docs.spec.in: pass PYTHON=python3 to fix build error (bsc#1160435)
  • s390/ctcm: Fix return type of ctc{mp,}m_tx() (git-fixes bsc#1212185).
  • s390/dasd: Use correct lock while counting channel queue length (LTC#202775 bsc#1212443).
  • s390/dasd: fix hanging blockdevice after request requeue (git-fixes bsc#1212165).
  • s390/dasd: fix no record found for rawtrackaccess (git-fixes bsc#1212266).
  • s390/kasan: avoid vdso instrumentation (git-fixes bsc#1212244).
  • s390/kprobes: fix current_kprobe never cleared after kprobes reenter (git-fixes bsc#1212167).
  • s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler (git-fixes bsc#1212170).
  • s390/lcs: Fix return type of lcsstartxmit() (git-fixes bsc#1212173).
  • s390/netiucv: Fix return type of netiucv_tx() (git-fixes bsc#1212175).
  • s390/qdio: fix do_sqbs() inline assembly constraint (git-fixes bsc#1212164).
  • s390/smsgiucv: disable SMSG on module unload (git-fixes bsc#1212236).
  • samples/kretprobes: Fix return value if register_kretprobe() failed (git-fixes).
  • sched/core: Use smpmb() in wakewoken_function() (git-fixes)
  • sched/fair: Fix util_avg of new tasks for asymmetric systems (git-fixes)
  • scsi: aic94xx: Add missing check for dmamapsingle() (git-fixes).
  • scsi: core: Add BLISTSKIPVPD_PAGES for SKhynix H28U74301AMR (git-fixes).
  • scsi: core: Improve scsivpdinquiry() checks (git-fixes).
  • scsi: core: Remove the /proc/scsi/${proc_name} directory earlier (git-fixes).
  • scsi: ipr: Work around fortify-string warning (git-fixes).
  • scsi: libsas: Remove useless devlist delete in sasexdiscoverend_dev() (git-fixes).
  • scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup() (git-fixes).
  • scsi: megaraid: Fix megacmddone() CMDIDINTCMDS (git-fixes).
  • scsi: megaraid_sas: Fix crash after a double completion (git-fixes).
  • scsi: megaraidsas: Fix fwcrashbuffershow() (git-fixes).
  • scsi: mpt3sas: Fix NULL pointer access in mpt3sastransportport_add() (git-fixes).
  • scsi: mpt3sas: Fix a memory leak (git-fixes).
  • scsi: scsidhalua: Fix memleak for 'qdata' in alua_activate() (git-fixes).
  • scsi: ses: Do not attach if enclosure has no components (git-fixes).
  • scsi: ses: Fix possible addldescptr out-of-bounds accesses (git-fixes).
  • scsi: ses: Fix possible desc_ptr out-of-bounds accesses (git-fixes).
  • scsi: ses: Fix slab-out-of-bounds in sesenclosuredata_process() (git-fixes).
  • scsi: ses: Fix slab-out-of-bounds in sesintfremove() (git-fixes).
  • scsi: zfcp: assert that the ERP lock is held when tracing a recovery trigger (git-fixes bsc#1212240).
  • smb3: fix oops in calculating shash_setkey (bsc#1190317).
  • smb3: fix problem remounting a share after shutdown (bsc#1190317).
  • smb3: fix temporary data corruption in collapse range (bsc#1190317).
  • smb3: fix temporary data corruption in insert range (bsc#1190317).
  • smb3: improve SMB3 change notification support (bsc#1190317).
  • smb3: must initialize two ACL struct fields to zero (bsc#1190317).
  • smb3: rename encryption/decryption TFMs (bsc#1190317).
  • squashfs: fix handling and sanity checking of xattr_ids count (git-fixes).
  • squashfs: harden sanity check in squashfsreadxattridtable (git-fixes).
  • sysv: use BUILDBUGON instead of runtime check (git-fixes).
  • uapi linux/codapsdev.h: move upcreq definition from uapi to kernel side headers (git-fixes).
  • update internal module version number for cifs.ko (bsc#1190317).
  • usb: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
  • usb: core: hub: disable autosuspend for TI TUSB8041 (git-fixes).
  • usb: hub: Fix the broken detection of USB3 device in SMSC hub (git-fixes).
  • usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
  • usb: serial: option: add Quectel EM05-G (CS) modem (git-fixes).
  • usb: serial: qcserial: add new usb-id for Dell branded EM7455 (git-fixes).
  • usb: xhci: add XHCISPURIOUSSUCCESS to ASM1042 despite being a V0.96 controller.
  • usb: xhci: rework grace period logic (git-fixes).
  • usrmerge: Compatibility with earlier rpm (boo#1211796)
  • x86/kprobes: Fix _recoveroptprobed_insn check optimizing logic (git-fixes).
  • x86/kprobes: Fix archcheckoptimizedkprobe check within optimizedkprobe range (git-fixes).
  • xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems (git-fixes).
  • xfs: fix rm_offset flag handling in rmap keys (git-fixes).
  • xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes).
References

Affected packages

SUSE:Linux Enterprise High Availability Extension 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.12.14-122.165.1",
            "gfs2-kmp-default": "4.12.14-122.165.1",
            "ocfs2-kmp-default": "4.12.14-122.165.1",
            "cluster-md-kmp-default": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-kgraft": "4.12.14-122.165.1",
            "kernel-default-kgraft-devel": "4.12.14-122.165.1",
            "kgraft-patch-4_12_14-122_165-default": "1-8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 SP5 / kgraft-patch-SLE12-SP5_Update_45

Package

Name
kgraft-patch-SLE12-SP5_Update_45
Purl
pkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_45&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-8.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-kgraft": "4.12.14-122.165.1",
            "kernel-default-kgraft-devel": "4.12.14-122.165.1",
            "kgraft-patch-4_12_14-122_165-default": "1-8.3.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-docs

Package

Name
kernel-docs
Purl
pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.165.1",
            "kernel-obs-build": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP5 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.12.14-122.165.1",
            "kernel-obs-build": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP5 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-source

Package

Name
kernel-source
Purl
pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP5 / kernel-syms

Package

Name
kernel-syms
Purl
pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.12.14-122.165.1",
            "kernel-devel": "4.12.14-122.165.1",
            "kernel-default-base": "4.12.14-122.165.1",
            "kernel-default-man": "4.12.14-122.165.1",
            "kernel-default": "4.12.14-122.165.1",
            "kernel-source": "4.12.14-122.165.1",
            "kernel-syms": "4.12.14-122.165.1",
            "kernel-default-devel": "4.12.14-122.165.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP5 / kernel-default

Package

Name
kernel-default
Purl
pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.12.14-122.165.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.12.14-122.165.1"
        }
    ]
}