SUSE-SU-2017:0575-1

Source
https://www.suse.com/support/update/announcement/2017/suse-su-20170575-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:0575-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:0575-1
Related
Published
2017-02-28T12:17:13Z
Modified
2017-02-28T12:17:13Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2016-7117: Use-after-free vulnerability in the _sysrecvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that was mishandled during error processing (bnc#1003077).
  • CVE-2017-5576: Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4SUBMIT_CL ioctl call (bnc#1021294).
  • CVE-2017-5577: The vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel did not set an errno value upon certain overflow detections, which allowed local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4SUBMIT_CL ioctl call (bnc#1021294).
  • CVE-2017-5551: The simplesetacl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. (bnc#1021258).
  • CVE-2017-2583: The loadsegmentdescriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a 'MOV SS, NULL selector' instruction, which allowed guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application (bnc#1020602).
  • CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt (bnc#1019851).
  • CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states 'there is no kernel bug here' (bnc#1010933).
  • CVE-2016-9806: Race condition in the netlinkdump function in net/netlink/afnetlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bnc#1013540).
  • CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which allowed remote attackers to trigger an out-of-bounds access, leading to a denial-of-service attack (bnc#1023762).
  • CVE-2017-5970: Fixed a possible denial-of-service that could have been triggered by sending bad IP options on a socket (bsc#1024938).
  • CVE-2017-5986: an application could have triggered a BUGON() in sctpwaitforsndbuf() if the socket TX buffer was full, a thread was waiting on it to queue more data, and meanwhile another thread peeled off the association being used by the first thread (bsc#1025235).

The following non-security bugs were fixed:

  • 8250: fintek: rename IRQ_MODE macro (boo#1009546).
  • acpi: nfit, libnvdimm: fix / harden ars_status output length handling (bsc#1023175).
  • acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).
  • acpi: nfit: validate ars_status output buffer size (bsc#1023175).
  • arm64: numa: fix incorrect log for memory-less node (bsc#1019631).
  • asoc: chtbswrt5645: Fix leftover kmalloc (bsc#1010690).
  • asoc: rt5670: add HS ground control (bsc#1016250).
  • bcache: Make gc wakeup sane, remove settaskstate() (bsc#1021260).
  • bcache: partition support: add 16 minors per bcacheN device (bsc#1019784).
  • blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).
  • blk-mq: Always schedule hctx->next_cpu (bsc#1020817).
  • blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).
  • blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).
  • blk-mq: do not overwrite rq->mq_ctx (bsc#1020817).
  • blk-mq: improve warning for running a queue on the wrong CPU (bsc#1020817).
  • block: Change extern inline to static inline (bsc#1023175).
  • bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).
  • bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
  • brcmfmac: Change error print on wlan0 existence (bsc#1000092).
  • btrfs: add support for RENAMEEXCHANGE and RENAMEWHITEOUT (bsc#1020975).
  • btrfs: bugfix: handle FSIOC32{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).
  • btrfs: fix btrfscompatioctl failures on non-compat ioctls (bsc#1018100).
  • btrfs: fix inode leak on failure to setup whiteout inode in rename (bsc#1020975).
  • btrfs: fix lockdep warning about log_mutex (bsc#1021455).
  • btrfs: fix lockdep warning on deadlock against an inode's log mutex (bsc#1021455).
  • btrfs: fix number of transaction units for renames with whiteout (bsc#1020975).
  • btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
  • btrfs: incremental send, fix invalid paths for rename operations (bsc#1018316).
  • btrfs: incremental send, fix premature rmdir operations (bsc#1018316).
  • btrfs: pin log earlier when renaming (bsc#1020975).
  • btrfs: pin logs earlier when doing a rename exchange operation (bsc#1020975).
  • btrfs: remove old treeroot dirent processing in btrfsreal_readdir() (bsc#981709).
  • btrfs: send, add missing error check for calls to path_loop() (bsc#1018316).
  • btrfs: send, avoid incorrect leaf accesses when sending utimes operations (bsc#1018316).
  • btrfs: send, fix failure to move directories with the same name around (bsc#1018316).
  • btrfs: send, fix invalid leaf accesses due to incorrect utimes operations (bsc#1018316).
  • btrfs: send, fix warning due to late freeing of orphandirinfo structures (bsc#1018316).
  • btrfs: testcheckexists: Fix infinite loop when searching for free space entries (bsc#987192).
  • btrfs: unpin log if rename operation fails (bsc#1020975).
  • btrfs: unpin logs if rename exchange operation fails (bsc#1020975).
  • ceph: fix bad endianness handling in parsereplyinfo_extra (bsc#1020488).
  • clk: xgene: Add PMD clock (bsc#1019351).
  • clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).
  • clk: xgene: Remove CLKISROOT (bsc#1019351).
  • config: enable CONFIGOCFS2DEBUG_MASKLOG for ocfs2 (bsc#1015038)
  • config: enable Ceph kernel client modules for ppc64le
  • config: enable Ceph kernel client modules for s390x
  • crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).
  • crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).
  • crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).
  • crypto: qat - fix bar discovery for c62x (bsc#1021251).
  • crypto: qat - zero esram only for DH85x devices (bsc#1021248).
  • crypto: rsa - allow keys >= 2048 bits in FIPS mode (bsc#1018913).
  • crypto: xts - consolidate sanity check for keys (bsc#1018913).
  • crypto: xts - fix compile errors (bsc#1018913).
  • cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).
  • dax: fix deadlock with DAX 4k holes (bsc#1012829).
  • dax: fix device-dax region base (bsc#1023175).
  • device-dax: check devmnsioenable() return value (bsc#1023175).
  • device-dax: fail all private mapping attempts (bsc#1023175).
  • device-dax: fix percpurefexit ordering (bsc#1023175).
  • driver core: fix race between creating/querying glue dir and its cleanup (bnc#1008742).
  • drivers: hv: Introduce a policy for controlling channel affinity.
  • drivers: hv: balloon: Add logging for dynamic memory operations.
  • drivers: hv: balloon: Disable hot add when CONFIGMEMORYHOTPLUG is not set.
  • drivers: hv: balloon: Fix info request to show max page count.
  • drivers: hv: balloon: Use available memory value in pressure report.
  • drivers: hv: balloon: account for gaps in hot add regions.
  • drivers: hv: balloon: keep track of where ha_region starts.
  • drivers: hv: balloon: replace haregionmutex with spinlock.
  • drivers: hv: cleanup vmbus_open() for wrap around mappings.
  • drivers: hv: do not leak memory in vmbusestablishgpadl().
  • drivers: hv: get rid of id in struct vmbus_channel.
  • drivers: hv: get rid of redundant messagecount in creategpadlheader().
  • drivers: hv: get rid of timeout in vmbus_open().
  • drivers: hv: make VMBus bus ids persistent.
  • drivers: hv: ringbuffer: count on wrap around mappings in getnextpktraw() (v2).
  • drivers: hv: ringbuffer: use wrap around mappings in hvcopy{from, to}_ringbuffer().
  • drivers: hv: ring_buffer: wrap around mappings for ring buffers.
  • drivers: hv: utils: Check VSS daemon is listening before a hot backup.
  • drivers: hv: utils: Continue to poll VSS channel after handling requests.
  • drivers: hv: utils: Fix the mapping between host version and protocol to use.
  • drivers: hv: utils: reduce HVUTILNEGO_TIMEOUT timeout.
  • drivers: hv: vmbus: Base host signaling strictly on the ring state.
  • drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.
  • drivers: hv: vmbus: Implement a mechanism to tag the channel for low latency.
  • drivers: hv: vmbus: Make mmio resource local.
  • drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host.
  • drivers: hv: vmbus: On write cleanup the logic to interrupt the host.
  • drivers: hv: vmbus: Reduce the delay between retries in vmbuspostmsg().
  • drivers: hv: vmbus: finally fix hvneedtosignalon_read().
  • drivers: hv: vmbus: fix the race when querying and updating the percpu list.
  • drivers: hv: vmbus: suppress some 'hv_vmbus: Unknown GUID' warnings.
  • drivers: hv: vss: Improve log messages.
  • drivers: hv: vss: Operation timeouts should match host expectation.
  • drivers: net: phy: mdio-xgene: Add hardware dependency (bsc#1019351).
  • drivers: net: phy: xgene: Fix 'remove' function (bsc#1019351).
  • drivers: net: xgene: Add change_mtu function (bsc#1019351).
  • drivers: net: xgene: Add flow control configuration (bsc#1019351).
  • drivers: net: xgene: Add flow control initialization (bsc#1019351).
  • drivers: net: xgene: Add helper function (bsc#1019351).
  • drivers: net: xgene: Add support for Jumbo frame (bsc#1019351).
  • drivers: net: xgene: Configure classifier with pagepool (bsc#1019351).
  • drivers: net: xgene: Fix MSS programming (bsc#1019351).
  • drivers: net: xgene: fix build after change_mtu function change (bsc#1019351).
  • drivers: net: xgene: fix: Coalescing values for v2 hardware (bsc#1019351).
  • drivers: net: xgene: fix: Disable coalescing on v1 hardware (bsc#1019351).
  • drivers: net: xgene: fix: RSS for non-TCP/UDP (bsc#1019351).
  • drivers: net: xgene: fix: Use GPIO to get link status (bsc#1019351).
  • drivers: net: xgene: uninitialized variable in xgeneenetfree_pagepool() (bsc#1019351).
  • drm: Delete previous two fixes for i915 (bsc#1019061). These upstream fixes brought some regressions, so better to revert for now.
  • drm: Disable patches.drivers/drm-i915-Exit-cherryviewirqhandler-after-one-pass The patch seems leading to the instability on Wyse box (bsc#1015367).
  • drm: Fix broken VT switch with video=1366x768 option (bsc#1018358).
  • drm: Use u64 for intermediate dotclock calculations (bnc#1006472).
  • drm: i915: Do not init hpd polling for vlv and chv from runtime_suspend() (bsc#1014120).
  • drm: i915: Fix PCODE polling during CDCLK change notification (bsc#1015367).
  • drm: i915: Fix watermarks for VLV/CHV (bsc#1011176).
  • drm: i915: Force VDD off on the new power seqeuencer before starting to use it (bsc#1009674).
  • drm: i915: Mark CPU cache as dirty when used for rendering (bsc#1015367).
  • drm: i915: Mark i915hpdpollinitwork as static (bsc#1014120).
  • drm: i915: Prevent PPS stealing from a normal DP port on VLV/CHV (bsc#1019061).
  • drm: i915: Prevent enabling hpd polling in late suspend (bsc#1014120).
  • drm: i915: Restore PPS HW state from the encoder resume hook (bsc#1019061).
  • drm: i915: Workaround for DP DPMS D3 on Dell monitor (bsc#1019061).
  • drm: vc4: Fix an integer overflow in temporary allocation layout (bsc#1021294).
  • drm: vc4: Return -EINVAL on the overflow checks failing (bsc#1021294).
  • drm: virtio-gpu: get the fb from the plane state for atomic updates (bsc#1023101).
  • edac: xgene: Fix spelling mistake in error messages (bsc#1019351).
  • efi: libstub: Move Graphics Output Protocol handling to generic code (bnc#974215).
  • fbcon: Fix vc attr at deinit (bsc#1000619).
  • fs: nfs: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
  • gpio: xgene: make explicitly non-modular (bsc#1019351).
  • hv: acquire vmbusconnection.channelmutex in vmbusfreechannels().
  • hv: change clockevents unbind tactics.
  • hv: do not reset hvcontext.tscpage on crash.
  • hv_netvsc: Add handler for physical link speed change.
  • hv_netvsc: Add query for initial physical link speed.
  • hv_netvsc: Implement batching of receive completions.
  • hv_netvsc: Revert 'make inline functions static'.
  • hv_netvsc: Revert 'report vmbus name in ethtool'.
  • hv_netvsc: add ethtool statistics for tx packet issues.
  • hv_netvsc: count multicast packets received.
  • hv_netvsc: dev hold/put reference to VF.
  • hvnetvsc: fix a race between netvscsend() and netvscinitbuf().
  • hv_netvsc: fix comments.
  • hv_netvsc: fix rtnl locking in callback.
  • hv_netvsc: improve VF device matching.
  • hv_netvsc: init completion during alloc.
  • hv_netvsc: make RSS hash key static.
  • hvnetvsc: make deviceremove void.
  • hv_netvsc: make inline functions static.
  • hvnetvsc: make netvscdestroy_buf void.
  • hv_netvsc: make variable local.
  • hvnetvsc: rearrange startxmit.
  • hv_netvsc: refactor completion function.
  • hv_netvsc: remove VF in flight counters.
  • hv_netvsc: remove excessive logging on MTU change.
  • hv_netvsc: report vmbus name in ethtool.
  • hv_netvsc: simplify callback event code.
  • hv_netvsc: style cleanups.
  • hvnetvsc: use ARRAYSIZE() for NDIS versions.
  • hvnetvsc: use RCU to protect vfnetdev.
  • hvnetvsc: use consumeskb.
  • hv_netvsc: use kcalloc.
  • hyperv: Fix spelling of HV_UNKOWN.
  • i2c: designware-baytrail: Disallow the CPU to enter C6 or C7 while holding the punit semaphore (bsc#1011913).
  • i2c: designware: Implement support for SMBus block read and write (bsc#1019351).
  • i2c: designware: fix wrong Tx/Rx FIFO for ACPI (bsc#1019351).
  • i2c: xgene: Fix missing code of DTB support (bsc#1019351).
  • i40e: Be much more verbose about what we can and cannot offload (bsc#985561).
  • ibmveth: calculate gso_segs for large packets (bsc#1019148).
  • ibmveth: check return of skblinearize in ibmvethstart_xmit (bsc#1019148).
  • ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
  • ibmveth: set correct gsosize and gsotype (bsc#1019148).
  • igb: Workaround for igb i210 firmware issue (bsc#1009911).
  • igb: add i211 to i210 PHY workaround (bsc#1009911).
  • input: i8042: Trust firmware a bit more when probing on X86 (bsc#1011660).
  • intel_idle: Add KBL support (bsc#1016884).
  • ip6gre: fix ip6greerr() invalid reads (CVE-2017-5897, bsc#1023762).
  • ipc: msg, make msgrcv work with LONG_MIN (bnc#1005918).
  • iwlwifi: Expose the default fallback ucode API to module info (boo#1021082, boo#1023884).
  • kgraft: iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).
  • kgraft: xen: Do not block kGraft in xenbus kthread (bsc#1017410).
  • libnvdimm: pfn: fix align attribute (bsc#1023175).
  • mailbox: xgene-slimpro: Fix wrong test for devm_kzalloc (bsc#1019351).
  • md linear: fix a race between linearadd() and linearcongested() (bsc#1018446).
  • md-cluster: convert the completion to wait queue.
  • md-cluster: protect mdfindrdevnrrcu with rcu lock.
  • md: ensure md devices are freed before module is unloaded (bsc#1022304).
  • md: fix refcount problem on mddev when stopping array (bsc#1022304).
  • misc: genwqe: ensure zero initialization.
  • mm: do not loop on GFP_REPEAT high order requests if there is no reclaim progress (bnc#1013000).
  • mm: memcg: do not retry precharge charges (bnc#1022559).
  • mm: pagealloc: fix check for NULL preferredzone (bnc#971975 VM performance -- page allocator).
  • mm: page_alloc: fix fast-path race with cpuset update or removal (bnc#971975 VM performance -- page allocator).
  • mm: page_alloc: fix premature OOM when racing with cpuset mems update (bnc#971975 VM performance -- page allocator).
  • mm: page_alloc: keep pcp count and list contents in sync if struct page is corrupted (bnc#971975 VM performance -- page allocator).
  • mm: page_alloc: move cpuset seqcount checking to slowpath (bnc#971975 VM performance -- page allocator).
  • mmc: sdhci-of-arasan: Remove no-hispd and no-cmd23 quirks for sdhci-arasan4.9a (bsc#1019351).
  • mwifiex: add missing check for PCIe8997 chipset (bsc#1018813).
  • mwifiex: fix IBSS data path issue (bsc#1018813).
  • mwifiex: fix PCIe register information for 8997 chipset (bsc#1018813).
  • net: af_iucv: do not use paged skbs for TX on HiperSockets (bnc#1020945, LTC#150566).
  • net: ethernet: apm: xgene: use phydev from struct net_device (bsc#1019351).
  • net: ethtool: Initialize buffer when querying device channel settings (bsc#969479).
  • net: hyperv: avoid uninitialized variable.
  • net: implement netifconddbg macro (bsc#1019168).
  • net: remove useless memset's in drivers get_stats64 (bsc#1019351).
  • net: xgene: avoid bogus maybe-uninitialized warning (bsc#1019351).
  • net: xgene: fix backward compatibility fix (bsc#1019351).
  • net: xgene: fix error handling during reset (bsc#1019351).
  • net: xgene: move xgenecleptree_ewdn data off stack (bsc#1019351).
  • netvsc: Remove mistaken udp.h inclusion.
  • netvsc: add rcu_read locking to netvsc callback.
  • netvsc: fix checksum on UDP IPV6.
  • netvsc: reduce maximum GSO size.
  • nfit: fail DSMs that return non-zero status by default (bsc#1023175).
  • nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
  • nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
  • nvdimm: kabi protect ndcmdout_size() (bsc#1023175).
  • nvme: apply DELAYBEFORECHK_RDY quirk at probe time too (bsc#1020685).
  • ocfs2: fix deadlock on mmapped page in ocfs2writebegin_nolock() (bnc#921494).
  • pci: Add devmrequestpcibusresources() (bsc#1019351).
  • pci: generic: Fix pciremapiospace() failure path (bsc#1019630).
  • pci: hv: Allocate physically contiguous hypercall params buffer.
  • pci: hv: Fix hvpciremove() for hot-remove.
  • pci: hv: Handle hvpcigeneric_compl() error case.
  • pci: hv: Handle vmbussendpacket() failure in hvcomposemsimsg().
  • pci: hv: Make unnecessarily global IRQ masking functions static.
  • pci: hv: Remove the unused 'wrk' in struct hvpcibusdevice.
  • pci: hv: Use listmovetail() instead of listdel() + listadd_tail().
  • pci: hv: Use pcifunctiondescription in struct definitions.
  • pci: hv: Use the correct buffer size in newpcichilddevice().
  • pci: hv: Use zero-length array in struct pci_packet.
  • pci: include header file (bsc#964944).
  • pci: xgene: Add local struct device pointers (bsc#1019351).
  • pci: xgene: Add register accessors (bsc#1019351).
  • pci: xgene: Free bridge resource list on failure (bsc#1019351).
  • pci: xgene: Make explicitly non-modular (bsc#1019351).
  • pci: xgene: Pass struct xgenepcieport to setup functions (bsc#1019351).
  • pci: xgene: Remove unused platform data (bsc#1019351).
  • pci: xgene: Request host bridge window resources (bsc#1019351).
  • perf: xgene: Remove bogus IS_ERR() check (bsc#1019351).
  • phy: xgene: rename 'enum phymode' to 'enum xgenephy_mode' (bsc#1019351).
  • power: reset: xgene-reboot: Unmap region obtained by of_iomap (bsc#1019351).
  • powerpc: fadump: Fix the race in crash_fadump() (bsc#1022971).
  • qeth: check not more than 16 SBALEs on the completion queue (bnc#1009718, LTC#148203).
  • raid1: Fix a regression observed during the rebuilding of degraded MDRAID VDs (bsc#1020048).
  • raid1: ignore discard error (bsc#1017164).
  • reiserfs: fix race in prealloc discard (bsc#987576).
  • rpm: kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
  • rpm: kernel-binary.spec.in: Fix installation of /etc/uefi/certs (bsc#1019594)
  • rtc: cmos: Clear ACPI-driven alarms upon resume (bsc#1022429).
  • rtc: cmos: Do not enable interrupts in the middle of the interrupt handler (bsc#1022429).
  • rtc: cmos: Restore alarm after resume (bsc#1022429).
  • rtc: cmos: avoid unused function warning (bsc#1022429).
  • s390: Fix invalid domain response handling (bnc#1009718).
  • s390: cpuinfo: show maximum thread id (bnc#1009718, LTC#148580).
  • s390: sysinfo: show partition extended name and UUID if available (bnc#1009718, LTC#150160).
  • s390: time: LPAR offset handling (bnc#1009718, LTC#146920).
  • s390: time: move PTFF definitions (bnc#1009718, LTC#146920).
  • sched: Allow hotplug notifiers to be setup early (bnc#1022476).
  • sched: Make wakeupnohz_cpu() handle CPUs going offline (bnc#1022476).
  • sched: core, x86/topology: Fix NUMA in package topology bug (bnc#1022476).
  • sched: core: Fix incorrect utilization accounting when switching to fair class (bnc#1022476).
  • sched: core: Fix setusernice() (bnc#1022476).
  • sched: cputime: Add steal time support to full dynticks CPU time accounting (bnc#1022476).
  • sched: cputime: Fix prev steal time accouting during CPU hotplug (bnc#1022476).
  • sched: deadline: Always calculate end of period on sched_yield() (bnc#1022476).
  • sched: deadline: Fix a bug in dl_overflow() (bnc#1022476).
  • sched: deadline: Fix lock pinning warning during CPU hotplug (bnc#1022476).
  • sched: deadline: Fix wrap-around in DL heap (bnc#1022476).
  • sched: fair: Avoid using decayloadmissed() with a negative value (bnc#1022476).
  • sched: fair: Fix fixed point arithmetic width for shares and effective load (bnc#1022476).
  • sched: fair: Fix loadabovecapacity fixed point arithmetic width (bnc#1022476).
  • sched: fair: Fix min_vruntime tracking (bnc#1022476).
  • sched: fair: Fix the wrong throttled clock time for cfsrqclock_task() (bnc#1022476).
  • sched: fair: Improve PELT stuff some more (bnc#1022476).
  • sched: rt, sched/dl: Do not push if task's scheduling class was changed (bnc#1022476).
  • sched: rt: Fix PI handling vs. sched_setscheduler() (bnc#1022476).
  • sched: rt: Kick RT bandwidth timer immediately on start up (bnc#1022476).
  • scsi: Add 'AIX VDASD' to blacklist (bsc#1006469).
  • scsi: Modify HITACHI OPEN-V blacklist entry (bsc#1006469).
  • scsi: bfa: Increase requested firmware version to 3.2.5.1 (bsc#1013273).
  • scsi: storvsc: Payload buffer incorrectly sized for 32 bit kernels.
  • scsidhalua: uninitialized variable in alua_rtpg() (bsc#1012910).
  • sctp: avoid BUGON on sctpwaitforsndbuf (CVE-2017-5986, bsc#1025235).
  • sd: always scan VPD pages if thin provisioning is enabled (bsc#1013792).
  • serial: 8250: Integrate Fintek into 8250base (boo#1016979). Update config files to change CONFIGSERIAL8250FINTEK to boolean accordingly, too. Also, the corresponding entry got removed from supported.conf.
  • serial: 8250_fintek: fix the mismatched IRQ mode (boo#1009546).
  • serial: Update metadata for serial fixes (bsc#1013001)
  • ses: Fix SAS device detection in enclosure (bsc#1016403).
  • sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
  • sfc: refactor debug-or-warnings printks (bsc#1019168).
  • sunrpc: Fix reconnection timeouts (bsc#1014410).
  • sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
  • supported.conf: Support Marvell WiFi/BT SDIO and pinctrl-cherrytrail (bsc#1018813)
  • supported.conf: delete xilinx/ll_temac (bsc#1011602)
  • target: add XCOPY target/segment desc sense codes (bsc#991273).
  • target: bounds check XCOPY segment descriptor list (bsc#991273).
  • target: bounds check XCOPY total descriptor list length (bsc#991273).
  • target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
  • target: check for XCOPY parameter truncation (bsc#991273).
  • target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
  • target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
  • target: support XCOPY requests without parameters (bsc#991273).
  • target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
  • target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
  • tools: hv: Enable network manager for bonding scripts on RHEL.
  • tools: hv: fix a compile warning in snprintf.
  • tools: hv: kvp: configurable external scripts path.
  • tools: hv: kvp: ensure kvp device fd is closed on exec.
  • tools: hv: remove unnecessary header files and netlink related code.
  • tools: hv: remove unnecessary link flag.
  • tty: n_hdlc, fix lockdep false positive (bnc#1015840).
  • uvcvideo: uvcscanfallback() for webcams with broken chain (bsc#1021474).
  • vmbus: make sysfs names consistent with PCI.
  • x86: MCE: Dump MCE to dmesg if no consumers (bsc#1013994).
  • x86: hyperv: Handle unknown NMIs on one CPU when unknownnmipanic.
  • xfs: don't allow di_size with high bit set (bsc#1024234).
  • xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
  • xfs: fix broken multi-fsb buffer logging (bsc#1024081).
  • xfs: fix buffer overflow dmgetdirattrs/dmgetdirattrs2 (bsc#989056).
  • xfs: fix up xfsswapextent_forks inline extent handling (bsc#1023888).
  • xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
  • xfs: track and serialize in-flight async buffers against unmount - kABI (bsc#1024508).
References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-default-extra": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-default-extra": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Desktop 12 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-default-extra": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise High Availability Extension 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "dlm-kmp-default": "4.4.49-92.11.1",
            "gfs2-kmp-default": "4.4.49-92.11.1",
            "cluster-network-kmp-default": "4.4.49-92.11.1",
            "ocfs2-kmp-default": "4.4.49-92.11.1",
            "cluster-md-kmp-default": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Live Patching 12 / kgraft-patch-SLE12-SP2_Update_5

Package

Name
kgraft-patch-SLE12-SP2_Update_5
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP2_Update_5&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-6.1

Ecosystem specific

{
    "binaries": [
        {
            "kgraft-patch-4_4_49-92_11-default": "1-6.1"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / kernel-docs

Package

Name
kernel-docs
Purl
purl:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.3

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.4.49-92.11.3",
            "kernel-obs-build": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Software Development Kit 12 SP2 / kernel-obs-build

Package

Name
kernel-obs-build
Purl
purl:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-docs": "4.4.49-92.11.3",
            "kernel-obs-build": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP2 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "4.4.49-92.11.1",
            "kernel-devel": "4.4.49-92.11.1",
            "kernel-default-base": "4.4.49-92.11.1",
            "kernel-default-man": "4.4.49-92.11.1",
            "kernel-default": "4.4.49-92.11.1",
            "kernel-source": "4.4.49-92.11.1",
            "kernel-syms": "4.4.49-92.11.1",
            "kernel-default-devel": "4.4.49-92.11.1"
        }
    ]
}

SUSE:Linux Enterprise Workstation Extension 12 SP2 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.49-92.11.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-default-extra": "4.4.49-92.11.1"
        }
    ]
}