SUSE-SU-2017:1102-1

Source
https://www.suse.com/support/update/announcement/2017/suse-su-20171102-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:1102-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2017:1102-1
Related
Published
2017-04-25T14:34:26Z
Modified
2017-04-25T14:34:26Z
Summary
Security update for the Linux Kernel
Details

The SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2017-5551: The simplesetacl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097 (bnc#1021258).
  • CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968).
  • CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
  • CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#989152).
  • CVE-2015-1350: Denial of service in notify_change for filesystem xattrs (bsc#914939).
  • CVE-2016-8632: The tipcmsgbuild function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAPNETADMIN capability (bnc#1008831).
  • CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. (bnc#1014746).
  • CVE-2016-9793: The socksetsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sksndbuf and skrcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAPNETADMIN capability for a crafted setsockopt system call with the (1) SOSNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
  • CVE-2012-6704: The socksetsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sksndbuf and skrcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAPNETADMIN capability for a crafted setsockopt system call with the (1) SOSNDBUF or (2) SO_RCVBUF option (bnc#1013542).
  • CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).
  • CVE-2016-9576: splice: introduce FMODESPLICEREAD and FMODESPLICEWRITE (bsc#1013604)
  • CVE-2016-9794: ALSA: pcm : Call kill_fasync() in stream lock (bsc#1013533)
  • CVE-2016-3841: KABI workaround for ipv6: add complete rcu protection around np->opt (bsc#992566).
  • CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfsattrlist.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832).
  • CVE-2015-8962: Double free vulnerability in the sgcommonwrite function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).
  • CVE-2016-9555: The sctpsfootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
    • CVE-2016-7910: Use-after-free vulnerability in the diskseqfstop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).
  • CVE-2016-7911: Race condition in the gettaskioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).
  • CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address (bnc#853052).
  • CVE-2015-8964: The ttysettermiosldisc function in drivers/tty/ttyldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).
  • CVE-2016-7916: Revert 'proc: prevent accessing /proc/<PID>/environ until it's ready (bsc#1010467)'
  • CVE-2016-8646: The hashaccept function in crypto/algifhash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150).
  • CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).
  • CVE-2016-7042: KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517).
  • CVE-2015-8956: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925).
  • CVE-2016-7117: net: Fix use after free in the recvmmsg exit path (bsc#1003077).

The following non-security bugs were fixed:

  • blacklist.conf: 45f13df be2net: Enable Wake-On-LAN from shutdown for Skyhawk
  • blacklist.conf: c9cc599 net/mlx4_core: Fix QUERY FUNC CAP flags

  • 8250_pci: Fix potential use-after-free in error path (bsc#1013070).

  • IB/mlx4: Fix error flow when sending mads under SRIOV (bsc#786036).
  • IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036).
  • IB/mlx4: Fix memory leak if QP creation failed (bsc#786036).
  • IB/mlx4: Fix potential deadlock when sending mad to wire (bsc#786036).
  • IB/mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036).
  • IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036).
  • apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).
  • arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
  • be2net: Do not leak iomapped memory on removal (bug#925065).
  • blockdev: do not test bdev->bdcontains when it is not stable (bsc#1008557).
  • bna: Add synchronization for tx ring (bsc#993739).
  • bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
  • bnx2x: fix lockdep splat (bsc#908684).
  • cifs: revert fs/cifs: fix wrongly prefixed path to root (bsc#963655)
  • config.conf: add bigmem flavour on ppc64
  • cpumask, nodemask: implement cpumask/nodemaskprargs() (bnc1003866).
  • cpumasksetcpulocalfirst => cpumasklocalspread, lament (bug#919382).
  • crypto: add ghash-generic in the supported.conf(bsc#1016824)
  • crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106 (bsc#913387, #bsc1016831).
  • dm space map metadata: fix smbootstrapgetnrblocks()
  • dm thin: fix race condition when destroying thin pool workqueue
  • dm: do not call dmsynctable() when creating new devices (bnc#901809, bsc#1008893).
  • drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)
  • ext3: Avoid premature failure of ext3hasfree_blocks() (bsc#1016668).
  • ext4: do not leave icrtime.tvsec uninitialized (bsc#1013018).
  • ext4: fix reference counting bug on block allocation error (bsc#1013018).
  • fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
  • fs/cifs: Fix memory leaks in cifsdomount() (bsc#799133).
  • fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
  • fs/cifs: Move check for prefix path to within cifsgetroot() (bsc#799133).
  • fs/cifs: cifsgetroot shouldn't use path with tree name (bsc#963655, bsc#979681).
  • fs/cifs: make share unaccessible at root level mountable (bsc#799133).
  • futex: Acknowledge a new waiter in counter before plist (bsc#851603).
  • futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).
  • hpilo: Add support for iLO5 (bsc#999101).
  • hv: do not lose pending heartbeat vmbus packets (bnc#1006919).
  • hv: vmbus: avoid scheduling in interrupt context in vmbusinitiateunload() (bnc#986337).
  • hv: vmbus: avoid waitforcompletion() on crash (bnc#986337).
  • hv: vmbus: do not loose HVMSGTIMEREXPIRED messages (bnc#986337).
  • hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).
  • hv: vmbus: handle various crash scenarios (bnc#986337).
  • hv: vmbus: remove code duplication in message handling (bnc#986337).
  • hv: vss: run only on supported host versions (bnc#986337).
  • i40e: fix an uninitialized variable bug (bsc#909484).
  • ibmveth: calculate gso_segs for large packets (bsc#1019165, bsc#1019148).
  • ibmveth: set correct gsosize and gsotype (bsc#1019165, bsc#1019148).
  • igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491).
  • igb: Fix NULL assignment to incorrect variable in igbresetq_vector (bsc#795297).
  • igb: Fix oops caused by missing queue pairing (bsc#909491).
  • igb: Fix oops on changing number of rings (bsc#909491).
  • igb: Remove unnecessary flag setting in igbsetflagqueuepairs() (bsc#909491).
  • igb: Unpair the queues when changing the number of queues (bsc#909491).
  • ipv6: replacing a rt6info needs to purge possible propagated rt6infos too (bsc#865783).
  • kabi-fix for flock_owner addition (bsc#998689).
  • kexec: add a kexeccrashloaded() function (bsc#973691).
  • kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).
  • kvm: Distangle eventfd code from irqchip (bsc#989680).
  • kvm: Iterate over only vcpus that are preempted (bsc#989680).
  • kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).
  • kvm: VMX: Pass vcpu to _vmxcomplete_interrupts (bsc#989680).
  • kvm: fold kvmpittimer into kvmkpitstate (bsc#989680).
  • kvm: make processes waiting on vcpu mutex killable (bsc#989680).
  • kvm: nVMX: Add preemption timer support (bsc#989680).
  • kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).
  • kvm: use symbolic constant for nr interrupts (bsc#989680).
  • kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).
  • kvm: x86: Run PIT work in own kthread (bsc#989680).
  • kvm: x86: limit difference between kvmclock updates (bsc#989680).
  • kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).
  • lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).
  • libata: introduce atahost->ntags to avoid oops on SAS controllers (bsc#871728).
  • libata: remove n_tags to avoid kABI breakage (bsc#871728).
  • libata: support the ata host which implements a queue depth less than 32 (bsc#871728)
  • libfc: Do not take rdata->rpmutex when processing a -FCEX_CLOSED ELS response (bsc#962846).
  • libfc: Fixup disc_mutex handling (bsc#962846).
  • libfc: Issue PRLI after a PRLO has been received (bsc#962846).
  • libfc: Revisit kref handling (bnc#990245).
  • libfc: Update rport reference counting (bsc#953233).
  • libfc: do not send ABTS when resetting exchanges (bsc#962846).
  • libfc: fixup locking of ptp_setup() (bsc#962846).
  • libfc: reset exchange manager during LOGO handling (bsc#962846).
  • libfc: send LOGO for PLOGI failure (bsc#962846).
  • locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).
  • md/raid10: Fix memory leak when raid10 reshape completes
  • md/raid10: always set reshapesafe when initializing reshapeposition
  • md: Drop sending a change uevent when stopping (bsc#1003568).
  • md: check command validity early in md_ioctl() (bsc#1004520).
  • md: fix problem when adding device to read-only array with bitmap (bnc#771065).
  • memstick: mspro_block: add missing curly braces (bsc#1016688).
  • mlx4: add missing braces in verifyqpparameters (bsc#786036).
  • mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).
  • mm/memory.c: actually remap enough memory (bnc#1005903).
  • mm/memoryhotplug.c: check for missing sections in testpagesina_zone() (bnc#961589).
  • mm: fix crashes from mbind() merging vmas (bnc#1005877).
  • mm: fix sleeping function warning from _putanon_vma (bnc#1005857).
  • dcache: move the call of _ddrop(anon) into _dmaterialise_unique(dentry, anon) (bsc#984194).
  • mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
  • mremap: enforce rmap src/dst vma ordering in case of vmamerge() succeeding in copyvma() (bsc#1008645).
  • mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).
  • net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036).
  • net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382).
  • net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036).
  • net/mlx4core: Do not BUGON during reset when PCI is offline (bsc#924708).
  • net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708 bsc#786036).
  • net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bug#919382).
  • net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036).
  • net/mlx4core: Implement pciresume callback (bsc#924708).
  • net/mlx4core: Update the HCA core clock frequency after INITPORT (bug#919382).
  • net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382).
  • net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382).
  • net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036).
  • net/mlx4_en: Move filters cleanup to a proper location (bsc#786036).
  • net/mlx4en: Remove dependency between timestamping capability and servicetask (bsc#919382).
  • net/mlx4_en: fix spurious timestamping callbacks (bsc#919382).
  • netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).
  • netfront: do not truncate grant references.
  • netvsc: fix incorrect receive checksum offloading (bnc#1006917).
  • nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
  • nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
  • nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).
  • nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
  • nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
  • nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).
  • nfsv4: add flock_owner to open context (bnc#998689).
  • nfsv4: change nfs4dosetattr to take an opencontext instead of a nfs4state (bnc#998689).
  • nfsv4: change nfs4selectrwstateid to take a lockcontext inplace of lock_owner (bnc#998689).
  • nfsv4: enhance nfs4copylock_stateid to use a flock stateid if there is one (bnc#998689).
  • nvme: Automatic namespace rescan (bsc#1017686).
  • nvme: Metadata format support (bsc#1017686).
  • ocfs2: fix BUGON() in ocfs2ci_checkpointed() (bnc#1019783).
  • oom: print nodemask in the oom report (bnc#1003866).
  • pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models
  • pm / hibernate: Fix rtreenextnode() to avoid walking off list ends (bnc#860441).
  • posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).
  • posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).
  • posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).
  • powerpc/64: Fix incorrect return value from _copytofrom_user (bsc#1005896).
  • powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
  • powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
  • powerpc/mm: Add 64TB support (bsc#928138,fate#319026).
  • powerpc/mm: Change the swap encoding in pte (bsc#973203).
  • powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).
  • powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).
  • powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).
  • powerpc/mm: Make KERNVIRTSIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).
  • powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).
  • powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).
  • powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).
  • powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).
  • powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).
  • powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).
  • powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).
  • powerpc/numa: Fix multiple bugs in memoryhotplugmax() (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
  • powerpc/pseries: Use HCLEARHPT to clear MMU hash table during kexec (bsc#1003813).
  • powerpc: Add ability to build little endian kernels (bsc#967716).
  • powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
  • powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).
  • powerpc: Do not build assembly files with ABIv2 (bsc#967716).
  • powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
  • powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
  • powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
  • powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).
  • powerpc: Make the vdso32 also build big-endian (bsc#967716).
  • powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).
  • powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
  • powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
  • powerpc: Rename USERESIDBITS* to ESID_BITS* (bsc#928138,fate#319026).
  • powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
  • powerpc: Update kernel VSID range (bsc#928138,fate#319026).
  • powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC' obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu
  • powerpc: dtc is required to build dtb files (bsc#967716).
  • powerpc: fix typo 'CONFIGPPCCPU' (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
  • powerpc: scanfeatures() updates incorrect bits for REALLE (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
  • printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).
  • ptrace: _ptracemay_access() should not deny sub-threads (bsc#1012851).
  • qlcnic: fix a loop exit condition better (bsc#909350).
  • qlcnic: fix a timeout loop (bsc#909350)
  • qlcnic: use the correct ring in qlcnic83xxprocessrcvring_diag() (bnc#800999).
  • reiserfs: fix race in prealloc discard (bsc#987576).
  • rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again
  • rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
  • rpm/package-descriptions: add -bigmem description
  • rt2x00: fix rfkill regression on rt2500pci (bnc#748806).
  • s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).
  • s390/time: LPAR offset handling (bnc#1003677, LTC#146920).
  • s390/time: move PTFF definitions (bnc#1003677, LTC#146920).
  • scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).
  • scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
  • scsi: zfcp: spinlockirqsave() is not nestable (bsc#1003677,LTC#147374).
  • scsi_error: count medium access timeout only once per EH run (bsc#993832).
  • scsierror: fixup crash in scsieh_reset (bsc#993832)
  • serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).
  • sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618).
  • softirq: sirq threads raising another sirq delegate to the proper thread Otherwise, high priority timer threads expend cycles precessing other sirqs, potentially increasing wakeup latencies as thes process sirqs at a priority other than the priority specified by the user.
  • sunrpc/cache: drop reference when sunrpccachepipe_upcall() detects a race (bnc#803320).
  • sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
  • sunrpc: Fix reconnection timeouts (bsc#1014410).
  • sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).
  • sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
  • tcp: fix inet6cskroute_req() for link-local addresses (bsc#1010175).
  • tcp: pass fl6 to inet6cskroute_req() (bsc#1010175).
  • tcp: plug dst leak in tcpv6conn_request() (bsc#1010175).
  • tcp: use inet6cskroutereq() in tcpv6sendsynack() (bsc#1010175).
  • tg3: Avoid NULL pointer dereference in tg3ioerror_detected() (bsc#908458).
  • tg3: Fix temperature reporting (bnc#790588).
  • tty: Signal SIGHUP before hanging up ldisc (bnc#989764).
  • usb: console: fix potential use after free (bsc#1015817).
  • usb: console: fix uninitialised ldisc semaphore (bsc#1015817).
  • usb: cp210x: Corrected USB request type definitions (bsc#1015932).
  • usb: cp210x: relocate private data from USB interface to port (bsc#1015932).
  • usb: cp210x: work around cp2108 GETLINECTL bug (bsc#1015932).
  • usb: ftdi_sio: fix null deref at port probe (bsc#1015796).
  • usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).
  • usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).
  • usb: ipaq.c: fix a timeout loop (bsc#1015848).
  • usb: opticon: fix non-atomic allocation in write path (bsc#1015803).
  • usb: option: fix runtime PM handling (bsc#1015752).
  • usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).
  • usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).
  • usb: serial: cp210x: add new access functions for large registers (bsc#1015932).
  • usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).
  • usb: serial: fix potential use-after-free after failed probe (bsc#1015828).
  • usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).
  • usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).
  • usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).
  • usb: sierra: fix AA deadlock in open error path (bsc#1015561).
  • usb: sierra: fix remote wakeup (bsc#1015561).
  • usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).
  • usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).
  • usb: sierra: fix use after free at suspend/resume (bsc#1015561).
  • usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).
  • usb: usb_wwan: fix race between write and resume (bsc#1015760).
  • usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).
  • usb: usb_wwan: fix urb leak in write error path (bsc#1015760).
  • usb: usb_wwan: fix write and suspend race (bsc#1015760).
  • usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).
  • usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).
  • vmxnet3: Wake queue from reset work (bsc#999907).
  • x86, amd_nb: Clarify F15h, model 30h GART and L3 support
  • x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
  • x86/asm/traps: Disable tracing and kprobes in fixupbadiret and sync_regs (bsc#909077).
  • x86/cpu/amd: Set X86FEATUREEXTD_APICID for future processors
  • x86/gart: Check for GART support before accessing GART registers
  • xenbus: do not invoke ->is_ready() for most device states (bsc#987333).
  • zcrypt: Fix hang condition on crypto card config-off (bsc#1016320).
  • zcrypt: Fix invalid domain response handling (bsc#1016320).
  • zfcp: Fix erratic device offline during EH (bsc#993832).
  • zfcp: close window with unblocked rport during rport gone (bnc#1003677).
  • zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677).
  • zfcp: fix ELS/GS request&response length for hardware data router (bnc#1003677).
  • zfcp: fix payload trace length for SAN request&response (bnc#1003677).
  • zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677).
  • zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677).
  • zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677).
  • zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677).
  • zfcp: trace on request for open and close of WKA port (bnc#1003677).
References

Affected packages

SUSE:Linux Enterprise Real Time 11 SP4 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101.rt130-68.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt_trace-base": "3.0.101.rt130-68.1",
            "kernel-rt-devel": "3.0.101.rt130-68.1",
            "kernel-rt_trace": "3.0.101.rt130-68.1",
            "kernel-rt_trace-devel": "3.0.101.rt130-68.1",
            "kernel-source-rt": "3.0.101.rt130-68.1",
            "kernel-rt": "3.0.101.rt130-68.1",
            "kernel-syms-rt": "3.0.101.rt130-68.1",
            "kernel-rt-base": "3.0.101.rt130-68.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 11 SP4 / kernel-rt_trace

Package

Name
kernel-rt_trace
Purl
purl:rpm/suse/kernel-rt_trace&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101.rt130-68.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt_trace-base": "3.0.101.rt130-68.1",
            "kernel-rt-devel": "3.0.101.rt130-68.1",
            "kernel-rt_trace": "3.0.101.rt130-68.1",
            "kernel-rt_trace-devel": "3.0.101.rt130-68.1",
            "kernel-source-rt": "3.0.101.rt130-68.1",
            "kernel-rt": "3.0.101.rt130-68.1",
            "kernel-syms-rt": "3.0.101.rt130-68.1",
            "kernel-rt-base": "3.0.101.rt130-68.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 11 SP4 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101.rt130-68.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt_trace-base": "3.0.101.rt130-68.1",
            "kernel-rt-devel": "3.0.101.rt130-68.1",
            "kernel-rt_trace": "3.0.101.rt130-68.1",
            "kernel-rt_trace-devel": "3.0.101.rt130-68.1",
            "kernel-source-rt": "3.0.101.rt130-68.1",
            "kernel-rt": "3.0.101.rt130-68.1",
            "kernel-syms-rt": "3.0.101.rt130-68.1",
            "kernel-rt-base": "3.0.101.rt130-68.1"
        }
    ]
}

SUSE:Linux Enterprise Real Time 11 SP4 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2011%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.101.rt130-68.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-rt_trace-base": "3.0.101.rt130-68.1",
            "kernel-rt-devel": "3.0.101.rt130-68.1",
            "kernel-rt_trace": "3.0.101.rt130-68.1",
            "kernel-rt_trace-devel": "3.0.101.rt130-68.1",
            "kernel-source-rt": "3.0.101.rt130-68.1",
            "kernel-rt": "3.0.101.rt130-68.1",
            "kernel-syms-rt": "3.0.101.rt130-68.1",
            "kernel-rt-base": "3.0.101.rt130-68.1"
        }
    ]
}