SUSE-SU-2020:1663-1

The SUSE Linux Enterprise 15 kernel was updated receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824).
• CVE-2020-9383: Fixed an out-of-bounds read due to improper error condition check of FDC index (bsc#1165111).
• CVE-2020-8992: Fixed an issue which could have allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069).
• CVE-2020-8834: Fixed a stack corruption which could have lead to kernel panic (bsc#1168276).
• CVE-2020-8649: Fixed a use-after-free in the vgaconinvertregion function in drivers/video/console/vgacon.c (bsc#1162931).
• CVE-2020-8648: Fixed a use-after-free in the nttyreceivebufcommon function in drivers/tty/n_tty.c (bsc#1162928).
• CVE-2020-8647: Fixed a use-after-free in the vcdoresize function in drivers/tty/vt/vt.c (bsc#1162929).
• CVE-2020-8428: Fixed a use-after-free which could have allowed local users to cause a denial of service (bsc#1162109).
• CVE-2020-7053: Fixed a use-after-free in the i915ppgttclose function in drivers/gpu/drm/i915/i915gemgtt.c (bsc#1160966).
• CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).
• CVE-2020-13143: Fixed an out-of-bounds read in gadgetdevdescUDCstore in drivers/usb/gadget/configfs.c (bsc#1171982).
• CVE-2020-12769: Fixed an issue which could have allowed attackers to cause a panic via concurrent calls to dwspiirq and dwspitransfer_one (bsc#1171983).
• CVE-2020-12657: An a use-after-free in block/bfq-iosched.c (bsc#1171205).
• CVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219).
• CVE-2020-12655: Fixed an issue which could have allowed attackers to trigger a sync of excessive duration via an XFS v5 image with crafted metadata (bsc#1171217).
• CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202).
• CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195).
• CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218).
• CVE-2020-12464: Fixed a use-after-free due to a transfer without a reference (bsc#1170901).
• CVE-2020-12114: Fixed a pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098).
• CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idlebook3s.S did not have save/restore functionality for PNVPOWERSAVEAMR, PNVPOWERSAVEUAMOR, and PNVPOWERSAVE_AMOR (bnc#1169390).
• CVE-2020-11609: Fixed a null pointer dereference due to improper handling of descriptors (bsc#1168854).
• CVE-2020-11608: Fixed a null pointer dereferences via a crafted USB (bsc#1168829).
• CVE-2020-11494: Fixed an issue which could have allowed attackers to read uninitialized can_frame data (bsc#1168424).
• CVE-2020-10942: Fixed a kernel stack corruption via crafted system calls (bsc#1167629).
• CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317).
• CVE-2020-10751: Fixed an improper implementation in SELinux LSM hook where it was assumed that an skb would only contain a single netlink message (bsc#1171189).
• CVE-2020-10732: Fixed kernel data leak in userspace coredumps due to uninitialized data (bsc#1171220).
• CVE-2020-10720: Fixed a use-after-free read in napigrofrags() (bsc#1170778).
• CVE-2020-10711: Fixed a null pointer dereference in SELinux subsystem which could have allowed a remote network user to crash the kernel resulting in a denial of service (bsc#1171191).
• CVE-2020-10690: Fixed the race between the release of ptp_clock and cdev (bsc#1170056).
• CVE-2019-9458: Fixed a use after free due to a race condition which could have led to privilege escalation of privilege (bsc#1168295).
• CVE-2019-9455: Fixed a pointer leak due to a WARN_ON statement in a video driver. This could lead to local information disclosure with System execution privileges needed (bsc#1170345).
• CVE-2019-3701: Fixed an issue in cancangw_rcv, which could cause a system crash (bsc#1120386).
• CVE-2019-20812: Fixed an issue in prbcalcretireblktmo() which could have resulted in a denial of service (bsc#1172453).
• CVE-2019-20810: Fixed a memory leak in due to not calling of sndcardfree (bsc#1172458).
• CVE-2019-20096: Fixed a memory leak in _featregister_sp() in net/dccp/feat.c, which could have caused denial of service (bsc#1159908).
• CVE-2019-20095: Fixed an improper error-handling cases that did not free allocated hostcmd memory which was causing memory leak (bsc#1159909).
• CVE-2019-20054: Fixed a null pointer dereference in dropsysctltable() in fs/proc/procsysctl.c, related to putlinks (bsc#1159910).
• CVE-2019-19966: Fixed a use-after-free in cpia2_exit() which could have caused denial of service (bsc#1159841).
• CVE-2019-19965: Fixed a null pointer dereference, due to mishandling of port disconnection during discovery (bsc#1159911).
• CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function (bsc#1159198).
• CVE-2019-19768: Fixed a use-after-free in the _blkadd_trace function in kernel/trace/blktrace.c (bsc#1159285).
• CVE-2019-19462: Fixed an issue which could have allowed local user to cause denial of service (bsc#1158265).
• CVE-2019-19447: Fixed a user after free via a crafted ext4 filesystem image (bsc#1158819).
• CVE-2019-19319: Fixed a user after free when a large old_size value is used in a memset call (bsc#1158021).
• CVE-2019-19318: Fixed a use after free via a crafted btrfs image (bsc#1158026).
• CVE-2019-19054: Fixed a memory leak in the cx23888irprobe() which could have allowed attackers to cause a denial of service (bsc#1161518).
• CVE-2019-19045: Fixed a memory leak in which could have allowed attackers to cause a denial of service (bsc#1161522).
• CVE-2019-19036: Fixed a null pointer dereference in btrfsrootnode (bsc#1157692).
• CVE-2019-16994: Fixed a memory leak which might have caused denial of service (bsc#1161523).
• CVE-2019-14897: Fixed a stack overflow in Marvell Wifi Driver (bsc#1157155).
• CVE-2019-14896: Fixed a heap overflow in Marvell Wifi Driver (bsc#1157157).
• CVE-2019-14615: Fixed an improper control flow in certain data structures which could have led to information disclosure (bsc#1160195).
• CVE-2018-1000199: Fixed a potential local code execution via ptrace (bsc#1089895).

The following non-security bugs were fixed:

• 6pack,mkiss: fix possible deadlock (bsc#1051510).
• ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).
• ACPI: bus: Fix NULL pointer check in acpibusgetprivatedata() (bsc#1051510).
• ACPI: fix acpifindchilddevice() invocation in acpipreset_companion() (bsc#1051510).
• af_packet: set defaule value for tmo (bsc#1051510).
• ALSA: control: remove useless assignment in .info callback of PCM chmap element (git-fixes).
• ALSA: hda: Add Clevo W6567SB the powersave blacklist (git-fixes).
• ALSA: hda - Add docking station support for Lenovo Thinkpad T420s (git-fixes).
• ALSA: hda/analog - Minor optimization for SPDIF mux connections (git-fixes).
• ALSA: hda/ca0132 - Avoid endless loop (git-fixes).
• ALSA: hda/ca0132 - Fix work handling in delayed HP detection (git-fixes).
• ALSA: hda/ca0132 - Keep power on during processing DSP response (git-fixes).
• ALSA: hda - Downgrade error message for single-cmd fallback (git-fixes).
• ALSA: hda/hdmi - add retry logic to parseintelhdmi() (git-fixes).
• ALSA: hda/hdmi - fix atpx_present when CLASS is not VGA (bsc#1051510).
• ALSA: hda/realtek - Add headset Mic no shutup for ALC283 (bsc#1051510).
• ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code (bsc#1051510).
• ALSA: pcm: Avoid possible info leaks from PCM stream buffers (git-fixes).
• ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).
• ALSA: sh: Fix compile warning wrt const (git-fixes).
• ALSA: usb-audio: fix set_format altsetting sanity check (bsc#1051510).
• ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).
• ar5523: check NULL before memcpy() in ar5523_cmd() (bsc#1051510).
• arm64: Revert support for execute-only user mappings (bsc#1160218).
• ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).
• ASoC: cs4349: Use PM ops 'cs4349runtimepm' (bsc#1051510).
• ASoC: Jack: Fix NULL pointer dereference in sndsocjack_report (bsc#1051510).
• ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 (bsc#1051510).
• ASoC: wm8962: fix lambda value (git-fixes).
• ath10k: fix fw crash by moving chip reset after napi disabled (bsc#1051510).
• ath9k: fix storage endpoint lookup (git-fixes).
• a typo in %kernelbaseconflicts macro name
• batman-adv: Fix DAT candidate selection on little endian systems (bsc#1051510).
• bcma: remove set but not used variable 'sizel' (git-fixes).
• blk: Fix kabi due to blktracemutex addition (bsc#1159285).
• blktrace: fix dereference after null check (bsc#1159285).
• blktrace: fix trace mutex deadlock (bsc#1159285).
• bonding: fix active-backup transition after link failure (git-fixes).
• bonding: fix potential NULL deref in bondupdateslave_arr (bsc#1051510).
• bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).
• brcmfmac: fix interface sanity check (git-fixes).
• brcmfmac: Fix memory leak in brcmfusbdevqinit (git-fixes).
• brcmfmac: Fix use after free in brcmfsdioreadframes() (git-fixes).
• btrfs: abort transaction after failed inode updates in create_subvol (bsc#1161936).
• btrfs: add missing extents release on file extent cluster relocation error (bsc#1159483).
• btrfs: avoid fallback to transaction commit during fsync of files with holes (bsc#1159569).
• btrfs: dev-replace: remove warning for unknown return codes when finished (dependency for bsc#1162067).
• btrfs: do not call synchronizesrcu() in inodetree_del (bsc#1161934).
• btrfs: Ensure we trim ranges across block group boundary (bsc#1151910).
• btrfs: fix block group remaining RO forever after error during device replace (bsc#1160442).
• btrfs: fix btrfswriteinode vs delayed iput deadlock (bsc#1154243).
• btrfs: fix infinite loop during nocow writeback due to race (bsc#1160804).
• btrfs: fix integer overflow in calcreclaimitems_nr (bsc#1160433).
• btrfs: fix missing data checksums after replaying a log tree (bsc#1161931).
• btrfs: fix negative subv_writers counter and data space leak after buffered write (bsc#1160802).
• btrfs: fix removal logic of the tree mod log that leads to use-after-free issues (bsc#1160803).
• btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Fix for dependency of bsc#1157692).
• btrfs: handle ENOENT in btrfsuuidtree_iterate (bsc#1161937).
• btrfs: harden agaist duplicate fsid on scanned devices (bsc#1134973).
• btrfs: inode: Verify inode mode to avoid NULL pointer dereference (dependency for bsc#1157692).
• btrfs: make tree checker detect checksum items with overlapping ranges (bsc#1161931).
• btrfs: Move btrfscheckchunk_valid() to tree-check.[ch] and export it (dependency for bsc#1157692).
• btrfs: record all roots for rename exchange on a subvol (bsc#1161933).
• btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).
• btrfs: scrub: Require mandatory block group RO for dev-replace (bsc#1162067).
• btrfs: send, skip backreference walking for extents with many references (bsc#1162139).
• btrfs: skip log replay on orphaned roots (bsc#1161935).
• btrfs: tree-checker: Check chunk item at tree block read time (dependency for bsc#1157692).
• btrfs: tree-checker: Check level for leaves and nodes (dependency for bsc#1157692).
• btrfs: tree-checker: Enhance chunk checker to validate chunk profile (dependency for bsc#1157692).
• btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency of bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in blockgroup_err (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkblockgroupitem (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkcsum_item (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkdev_item (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkdir_item (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkextentdataitem (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkinode_item (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkleaf (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in checkleaf_item (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in chunkerr (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in devitem_err (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in diritem_err (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in fileextent_err (dependency for bsc#1157692).
• btrfs: tree-checker: get fsinfo from eb in genericerr (dependency for bsc#1157692).
• btrfs: tree-checker: Make btrfscheckchunk_valid() return EUCLEAN instead of EIO (dependency for bsc#1157692).
• btrfs: tree-checker: Make chunk item checker messages more readable (dependency for bsc#1157692).
• btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).
• btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).
• btrfs: volumes: Use more straightforward way to calculate map length (bsc#1151910).
• can: candroppedinvalidskb(): ensure an initialized headroom in outgoing CAN skbuffs (bsc#1051510).
• can: gsusb: gsusb_probe(): use descriptors of current altsetting (bsc#1051510).
• can: mscan: mscanrxpoll(): fix rx path lockup when returning from polling to irq mode (bsc#1051510).
• can, slip: Protect tty->discdata in writewakeup and close with RCU (bsc#1051510).
• cfg80211: check for setwiphyparams (bsc#1051510).
• cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).
• cfg80211/mac80211: make ieee80211sendlayer2_update a public function (bsc#1051510).
• cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).
• CIFS: add support for flock (bsc#1144333).
• CIFS: Close cached root handle only if it had a lease (bsc#1144333).
• CIFS: Close open handle after interrupted close (bsc#1144333).
• CIFS: close the shared root handle on tree disconnect (bsc#1144333).
• CIFS: Do not miss cancelled OPEN responses (bsc#1144333).
• CIFS: Fix lookup of root ses in DFS referral cache (bsc#1144333).
• CIFS: Fix memory allocation in _smb2handlecancelledcmd() (bsc#1144333).
• CIFS: Fix mount options set in automount (bsc#1144333).
• CIFS: Fix NULL pointer dereference in mid callback (bsc#1144333).
• CIFS: Fix NULL-pointer dereference in smb2pushmandatory_locks (bsc#1144333).
• CIFS: Fix potential softlockups while refreshing DFS cache (bsc#1144333).
• CIFS: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).
• CIFS: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).
• CIFS: Properly process SMB3 lease breaks (bsc#1144333).
• CIFS: remove set but not used variables 'cinode' and 'netfid' (bsc#1144333).
• CIFS: Respect OSYNC and ODIRECT flags during reconnect (bsc#1144333).
• clk: Do not try to enable critical clocks if prepare failed (bsc#1051510).
• clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).
• clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).
• clk: rockchip: fix rk3188 sclkmaclbtest parameter ordering (bsc#1051510).
• clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).
• clk: sunxi: sun9i-mmc: Implement reset callback for reset controls (bsc#1051510).
• clocksource/drivers/bcm2835_timer: Fix memory leak of timer (bsc#1051510).
• clocksource/drivers/hyper-v: Set TSC clocksource as default w/ InvariantTSC (bsc#1170621).
• copy/pasted 'Recommends:' instead of 'Provides:', 'Obsoletes:' and 'Conflicts:
• crypto: afalg - Use bhlocksock in skdestruct (bsc#1051510).
• crypto: api - Check spawn->alg under lock in cryptodropspawn (bsc#1051510).
• crypto: api - Fix race condition in cryptospawnalg (bsc#1051510).
• crypto: atmel-sha - fix error handling when setting hmac key (bsc#1051510).
• crypto: ccp - fix uninitialized list head (bsc#1051510).
• crypto: chelsio - fix writing tfm flags to wrong place (bsc#1051510).
• crypto: pcrypt - Do not clear MAY_SLEEP flag in original request (bsc#1051510).
• crypto: picoxcell - adjust the position of taskletinit and fix missed taskletkill (bsc#1051510).
• crypto: reexport cryptoshootalg() (bsc#1051510, kABI fix).
• debugfs: add support for more elaborate ->d_fsdata (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: call debugfsrealfops() only after debugfsfileget() (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: convert to debugfsfileget() and -put() (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: debugfsrealfops(): drop _musthold sparse annotation (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: debugfsusestart/finish do not exist anymore (bsc#1159198). Prerequisite for bsc#1159198.
• debugfs: defer debugfs_fsdata allocation to first usage (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: fix debugfsrealfops() build error (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: implement per-file removal protection (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: purge obsolete SRCU based removal protection (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• debugfs: simplify _debugfsremove_file() (bsc#1159198). Prerequisite for bsc#1159198.
• dmaengine: coh901318: Fix a double-lock bug (bsc#1051510).
• dmaengine: coh901318: Remove unused variable (bsc#1051510).
• dmaengine: Fix access to uninitialized dmaslavecaps (bsc#1051510).
• dma-mapping: fix return type of dmasetmaxsegsize() (bsc#1051510).
• drivers/base/memory.c: cache blocks in radix tree to accelerate lookup (bsc#1159955 ltc#182993).
• drivers/base/memory.c: do not access uninitialized memmaps in softofflinepage_store() (bsc#1051510).
• drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1170617).
• drivers: hv: vmbus: Fix the issue with freeing up hvctltable_hdr (bsc#1170617).
• drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1170618).
• drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1170617).
• drm/amdgpu: add function parameter description in 'amdgpugartbind' (bsc#1051510).
• drm/amdgpu: remove 4 set but not used variable in amdgpuatombiosgetconnectorinfofromobject_table (bsc#1051510).
• drm/amdgpu: remove always false comparison in 'amdgpuatombiosi2cprocessi2c_ch' (bsc#1051510).
• drm/amdgpu: remove set but not used variable 'amdgpu_connector' (bsc#1051510).
• drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).
• drm/amdgpu: remove set but not used variable 'dig_connector' (bsc#1051510).
• drm/amdgpu: remove set but not used variable 'mcsharedchmap' (bsc#1051510).
• drm/amdgpu: remove set but not used variable 'mcsharedchmap' from 'gfxv60.c' and 'gfxv70.c' (bsc#1051510).
• drm: bridge: dw-hdmi: constify copied structure (bsc#1051510).
• drm/dpmst: correct the shifting in DPREMOTEI2CREAD (bsc#1051510).
• drm/fb-helper: Round up bitsperpixel if possible (bsc#1051510).
• drm/i810: Prevent underflow in ioctl (bsc#1114279)
• drm/i915: Add missing include file <linux/math64.h> (bsc#1051510).
• drm/i915: Fix pid leak with banned clients (bsc#1114279)
• drm: limit to INTMAX in createblob ioctl (bsc#1051510).
• drm/mst: Fix MST sideband up-reply failure handling (bsc#1051510).
• drm/nouveau: Fix copy-paste error in nouveaufencewaitueventhandler (bsc#1051510).
• drm/nouveau/secboot/gm20b: initialize pointer in gm20bsecbootnew() (bsc#1051510).
• drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
• drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)
• drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510).
• drm/vmwgfx: prevent memory leak in vmwcmdbufres_add (bsc#1051510).
• e100: Fix passing zero to 'PTRERR' warning in e100loaducodewait (bsc#1051510).
• exit: panic before exit_mm() on global init exit (bsc#1161549).
• extcon: max8997: Fix lack of path setting in USB device mode (bsc#1051510).
• firestream: fix memory leaks (bsc#1051510).
• fix autofs regression caused by follow_managed() changes (bsc#1159271).
• fix dget_parent() fastpath race (bsc#1159271).
• Fix partial checked out tree build ... so that bisection does not break.
• fjes: fix missed check in fjesacpiadd (bsc#1051510).
• fs: cifs: Fix atime update check vs mtime (bsc#1144333).
• fs/namei.c: fix missing barriers when checking positivity (bsc#1159271).
• fs/namei.c: pull positivity check into follow_managed() (bsc#1159271).
• fs/xfs: fix f_ffree value for statfs when project quota is set (bsc#1165985).
• ftrace: Avoid potential division by zero in function profiler (bsc#1160784).
• futex: Prevent robust futex exit race (bsc#1161555).
• gpio: Fix error message on out-of-range GPIO in lookup table (bsc#1051510).
• HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).
• HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).
• hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).
• HID: uhid: Fix returning EPOLLOUT from uhidcharpoll (bsc#1051510).
• hwmon: (adt7475) Make volt2reg return same reg as reg2volt input (bsc#1051510).
• hwmon: (core) Do not use device managed functions for memory allocations (bsc#1051510).
• hwmon: (nct7802) Fix voltage limits to wrong registers (bsc#1051510).
• i2c: imx: do not print error message on probe defer (bsc#1051510).
• IB/hfi1: convert to debugfsfileget() and -put() (bsc#1159198 bsc#1109911). Prerequisite for bsc#1159198.
• ibmveth: Detect unsupported packets before sending to the hypervisor (bsc#1159484 ltc#182983).
• ibmvfc: do not send implicit logouts prior to NPIV login (bsc#1169625 ltc#184611).
• iio: adc: max9611: Fix too short conversion time delay (bsc#1051510).
• iio: buffer: align the size of scan bytes to size of the largest element (bsc#1051510).
• inet: protect against too small mtu values (networking-stable-191216).
• Input: add safety guards to inputsetkeycode() (bsc#1168075).
• Input: aiptek - fix endpoint sanity check (bsc#1051510).
• Input: cyttsp4_core - fix use after free bug (bsc#1051510).
• Input: goodix - add upside-down quirk for Teclast X89 tablet (bsc#1051510).
• Input: gtco - fix endpoint sanity check (bsc#1051510).
• Input: keyspan-remote - fix control-message timeouts (bsc#1051510).
• Input: pegasus_notetaker - fix endpoint sanity check (bsc#1051510).
• Input: pm8xxx-vib - fix handling of separate enable register (bsc#1051510).
• Input: rmi_f54 - read from FIFO in 32 byte blocks (bsc#1051510).
• Input: sun4i-ts - add a check for devmthermalzoneofsensor_register (bsc#1051510).
• Input: sur40 - fix interface sanity checks (bsc#1051510).
• Input: synaptics-rmi4 - do not increment rmiaddr for SMBus transfers (bsc#1051510).
• Input: synaptics-rmi4 - simplify data read in rmif54work (bsc#1051510).
• Input: synaptics - switch another X1 Carbon 6 to RMI/SMbus (bsc#1051510).
• iommu: Remove device link to group on failure (bsc#1160755).
• iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).
• iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop (git-fixes).
• iwlwifi: mvm: Send non offchannel traffic via AP sta (bsc#1051510).
• iwlwifi: mvm: synchronize TID queue removal (bsc#1051510).
• kABI: protect struct sctpepcommon (kabi).
• kABI: restore debugfsremoverecursive() (bsc#1159198).
• kABI workaround for can/skb.h inclusion (bsc#1051510).
• kernel/trace: Fix do not unregister tracepoints when register schedmigratetask fail (bsc#1160787).
• KEYS: reaching the keys quotas correctly (bsc#1171689).
• KVM: fix spectrev1 gadgets (bsc#1164705).
• KVM: x86: Host feature SSBD does not imply guest feature SPECCTRLSSBD (bsc#1160476).
• KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (bsc#1164734).
• KVM: x86: Protect ioapicreadindirect() from Spectre-v1/L1TF attacks (bsc#1164728).
• KVM: x86: Protect ioapicwriteindirect() from Spectre-v1/L1TF attacks (bsc#1164729).
• KVM: x86: Protect kvmhvmsr[get|set]crash_data() from Spectre-v1/L1TF attacks (bsc#1164712).
• KVM: x86: Protect kvmlapicreg_write() from Spectre-v1/L1TF attacks (bsc#1164730).
• KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (bsc#1164733).
• KVM: x86: Protect MSR-based index computations in fixedmsrtosegunit() from Spectre-v1/L1TF attacks (bsc#1164731).
• KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (bsc#1164732).
• KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735).
• KVM: x86: Protect x86decodeinsn from Spectre-v1/L1TF attacks (bsc#1164705).
• KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (bsc#1164727).
• leds: Allow to call ledclassdevunregister() unconditionally (bsc#1161674).
• leds: class: ensure workqueue is initialized before setting brightness (bsc#1161674).
• lib/scatterlist.c: adjust indentation in _sgalloc_table (bsc#1051510).
• lib/testkasan.c: fix memory leak in kmallocoobkreallocmore() (bsc#1051510).
• livepatch/samples/selftest: Use klpshadowalloc() API correctly (bsc#1071995).
• livepatch/selftest: Clean up shadow variable names and type (bsc#1071995).
• mac80211: Do not send Layer 2 Update frame before authorization (bsc#1051510).
• macvlan: do not assume macheader is set in macvlanbroadcast() (bsc#1051510).
• macvlan: use skbresetmacheader() in macvlanqueue_xmit() (bsc#1051510).
• md/raid0: Fix buffer overflow at debug print (bsc#1164051).
• media: cec.h: CECOPRECFLAG values were swapped (bsc#1051510).
• media: cec: report Vendor ID after initialization (bsc#1051510).
• media: iguanair: fix endpoint sanity check (bsc#1051510).
• media: ov519: add missing endpoint sanity checks (bsc#1168829).
• media: pulse8-cec: return 0 when invalidating the logical address (bsc#1051510).
• media: stkwebcam: Bugfix for wrong return values (bsc#1051510).
• media: stv06xx: add missing descriptor sanity checks (bsc#1168854).
• media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (bsc#1051510).
• media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (bsc#1051510).
• media: v4l2-rect.h: fix v4l2rectmap_inside() top/left adjustments (bsc#1051510).
• missing escaping of backslashes in macro expansions Fixes: f3b74b0ae86b ('rpm/kernel-subpackage-spec: Unify dependency handling.') Fixes: 3fd22e219f77 ('rpm/kernel-subpackage-spec: Fix empty Recommends tag (bsc#1143959)')
• mmc: mediatek: fix CMD_TA to 2 for MT8173 HS200/HS400 mode (bsc#1051510).
• mmc: sdhci: fix minimum clock rate for v3 controller (bsc#1051510).
• mmc: sdhci-of-esdhc: fix P2020 errata handling (bsc#1051510).
• mmc: sdhci-of-esdhc: Revert 'mmc: sdhci-of-esdhc: add erratum A-009204 support' (bsc#1051510).
• mmc: tegra: fix SDR50 tuning override (bsc#1051510).
• mm: memoryhotplug: use putdevice() if device_register fail (bsc#1159955 ltc#182993).
• mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock (bsc#1159394).
• mwifiex: drop most magic numbers from mwifiexprocesstdlsactionframe() (git-fixes).
• net: bridge: deny devsetmacaddress() when unregistering (networking-stable-1912_16).
• net: ena: Add PCI shutdown handler to allow safe kexec (bsc#1167421, bsc#1167423).
• net: ethernet: ti: cpsw: fix extra rx interrupt (networking-stable-191216).
• netfilter: nf_queue: enqueue skbs with NULL dst (git-fixes).
• net/mlx4en: fix mlx4 ethtool -N insertion (networking-stable-1911_25).
• net/mlx5e: Fix set vf link state error flow (networking-stable-191125).
• net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).
• net: psample: fix skboverpanic (networking-stable-191203).
• net: rtnetlink: prevent underflows in dosetvfinfo() (networking-stable-1911_25).
• net/sched: actpedit: fix WARN() in the traffic path (networking-stable-1911_25).
• net: sched: fix tc -s class show no bstats on class with nolock subqueues (networking-stable-191203).
• net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).
• net: usb: qmiwwan: add support for Foxconn T77W968 LTE modules (networking-stable-1911_18).
• new helper: lookuppositiveunlocked() (bsc#1159271).
• NFC: pn533: fix bulk-message timeout (bsc#1051510).
• NFC: pn544: Adjust indentation in pn544hcicheck_presence (git-fixes).
• objtool: Fix stack offset tracking for indirect CFAs (bsc#1169514).
• openvswitch: drop unneeded BUGON() in ovsflowcmdbuildinfo() (networking-stable-1912_03).
• openvswitch: remove another BUGON() (networking-stable-1912_03).
• openvswitch: support asymmetric conntrack (networking-stable-191216).
• orinoco_usb: fix interface sanity check (git-fixes).
• PCI: Do not disable bridge BARs when assigning bus resources (bsc#1051510).
• PCI/switchtec: Fix vepvectornumber ioread width (bsc#1051510).
• phy: qualcomm: Adjust indentation in readpolltimeout (bsc#1051510).
• pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues (bsc#1051510).
• pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELFB and SD1CLK_B (bsc#1051510).
• platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 (bsc#1051510).
• platform/x86: hp-wmi: Make buffer for HPWMIFEATURE2QUERY 128 bytes (bsc#1051510).
• platform/x86: pmcatom: Add Siemens CONNECT X300 to critclksystems DMI table (bsc#1051510).
• powerpc: Allow 64bit VDSO _kernelsync_dicache to work across ranges >4GB (bnc#1151927 5.3.17).
• powerpc: Allow flushicacherange to work across ranges >4GB (bnc#1151927 5.3.17).
• powerpc/archrandom: fix archgetrandomseedint() (bsc#1065729).
• powerpc: Fix vDSO clock_getres() (bsc#1065729).
• powerpc/irq: fix stack overflow verification (bsc#1065729).
• powerpc/mm: drop #ifdef CONFIGMMU in isioremap_addr() (bsc#1065729).
• powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2 (bsc#1061840).
• powerpc/pkeys: remove unused pkeyallowsreadwrite (bsc#1065729).
• powerpc/powernv: Disable native PCIe port management (bsc#1065729).
• powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).
• powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery (bsc#1118338 ltc#173734).
• powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).
• powerpc/xive: Discard ESB load value when interrupt is invalid (bsc#1085030).
• powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts (bsc#1085030).
• powerpc/xmon: do not access ASDR in VMs (bsc#1065729).
• ppp: Adjust indentation into pppasyncinput (git-fixes).
• prevent active file list thrashing due to refault detection (VM Performance, bsc#1156286).
• pstore/ram: Write new dumps to start of recycled zones (bsc#1051510).
• qede: Disable hardware gro when xdp prog is installed (bsc#1086314 bsc#1086313 bsc#1086301 ).
• r8152: add missing endpoint sanity check (bsc#1051510).
• random: always use batched entropy for getrandomu{32,64} (bsc#1164871).
• RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).
• regulator: Fix return value of setload() stub (bsc#1051510).
• regulator: rk808: Lower log level on optional GPIOs being not available (bsc#1051510).
• regulator: rn5t618: fix module aliases (bsc#1051510).
• Revert 'Input: synaptics-rmi4 - do not increment rmiaddr for SMBus transfers' (bsc#1051510).
• Revert 'ipc,sem: remove uneeded semundolist lock usage in exit_sem()' (bsc#1172221).
• Revert 'mmc: sdhci: Fix incorrect switch to HS mode' (bsc#1051510).
• rtc: dt-binding: abx80x: fix resistance scale (bsc#1051510).
• rtc: max8997: Fix the returned value in case of error in 'max8997rtcread_alarm()' (bsc#1051510).
• rtc: msm6242: Fix reading of 10-hour digit (bsc#1051510).
• rtc: pcf8523: set xtal load capacitance from DT (bsc#1051510).
• rtc: s35390a: Change buf's type to u8 in s35390a_init (bsc#1051510).
• scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (bsc#1161951 ltc#183551).
• scsi: ibmvfc: Fix NULL return compiler warning (bsc#1161951 ltc#183551).
• scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (bsc#1158013).
• scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs (bsc#1158013).
• scsi: qla2xxx: Cleanup unused asynclogoutdone (bsc#1158013).
• scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).
• scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).
• scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).
• scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).
• scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).
• scsi: qla2xxx: Fix stuck login session using prlipendtimer (bsc#1158013).
• scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).
• scsi: qla2xxx: Fix the endianness of the qla82xxgetfw_size() return type (bsc#1158013).
• scsi: qla2xxx: Fix updatefcport for currenttopology (bsc#1158013).
• scsi: qla2xxx: Improve readability of the code that handles qlafltheader (bsc#1158013).
• scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (bsc#1158013).
• scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).
• scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).
• scsi: qla2xxx: Use getunaligned*() instead of open-coding these functions (bsc#1158013).
• sctp: cache netns in sctpepcommon (networking-stable-191203).
• serial: 8250_bcm2835aux: Fix line mismatch on driver unbind (bsc#1051510).
• serial: ifx6x60: add missed pmruntimedisable (bsc#1051510).
• serial: pl011: Fix DMA ->flush_buffer() (bsc#1051510).
• serial: serialcore: Perform NULL checks for breakctl ops (bsc#1051510).
• serial: stm32: fix transmit_chars when tx is stopped (bsc#1051510).
• sfc: Only cancel the PPS workqueue if it exists (networking-stable-191125).
• sheth: check shethcpudata::dual_port when dumping registers (bsc#1051510).
• sh_eth: fix dumping ARSTR (bsc#1051510).
• sh_eth: fix invalid context bug while calling auto-negotiation by ethtool (bsc#1051510).
• sh_eth: fix invalid context bug while changing link options by ethtool (bsc#1051510).
• sh_eth: fix TSU init on SH7734/R8A7740 (bsc#1051510).
• sh_eth: fix TXALCR1 offsets (bsc#1051510).
• sheth: TSUQTAG0/1 registers the same as TSU_QTAGM0/1 (bsc#1051510).
• smb3: Fix crash in SMB2openinit due to uninitialized field in compounding path (bsc#1144333).
• smb3: Fix persistent handles reconnect (bsc#1144333).
• smb3: fix refcount underflow warning on unmount when no directory leases (bsc#1144333).
• smb3: remove confusing dmesg when mounting with encryption ('seal') (bsc#1144333).
• soc: renesas: rcar-sysc: Add goto to ofnodeput() before return (bsc#1051510).
• spi: tegra114: clear packed bit for unpacked mode (bsc#1051510).
• spi: tegra114: configure dma burst size to fifo trig level (bsc#1051510).
• spi: tegra114: fix for unpacked mode transfers (bsc#1051510).
• spi: tegra114: flush fifos (bsc#1051510).
• spi: tegra114: terminate dma and reset on transfer timeout (bsc#1051510).
• staging: comedi: adv_pci1710: fix AI channels 16-31 for PCI-1713 (bsc#1051510).
• Staging: iio: adt7316: Fix i2c data reading, set the data field (bsc#1051510).
• staging: rtl8188eu: fix interface sanity check (bsc#1051510).
• staging: wlan-ng: ensure error return is actually returned (bsc#1051510).
• tcp: clear tp->packets_out when purging write queue (bsc#1160560).
• tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable 4.14.159).
• tcp: md5: fix potential overestimation of TCP option space (networking-stable-191216).
• tracing: Have the histogram compare functions convert to u64 first (bsc#1160210).
• tracing: xen: Ordered comparison of function pointers (git-fixes).
• tty: n_hdlc: fix build on SPARC (bsc#1051510).
• tty/serial: atmel: Add ishalfduplex helper (bsc#1051510).
• tty: serial: msm_serial: Fix lockup for sysrq and oops (bsc#1051510).
• tty: vt: keyboard: reject invalid keycodes (bsc#1051510).
• USB: Allow USB device to be warm reset in suspended state (bsc#1051510).
• USB: atm: ueagle-atm: add missing endpoint check (bsc#1051510).
• USB: chipidea: host: Disable port power only if previously enabled (bsc#1051510).
• USB: core: hub: Improved device recognition on remote wakeup (bsc#1051510).
• USB: core: urb: fix URB structure initialization function (bsc#1051510).
• USB: documentation: flags on usb-storage versus UAS (bsc#1051510).
• USB: dwc3: debugfs: Properly print/set link state for HS (bsc#1051510).
• USB: dwc3: do not log probe deferrals; but do log other error codes (bsc#1051510).
• USB: dwc3: ep0: Clear started flag on completion (bsc#1051510).
• USB: dwc3: turn off VBUS when leaving host mode (bsc#1051510).
• USB: gadget: fecm: Use atomict to track in-flight request (bsc#1051510).
• USB: gadget: fncm: Use atomict to track in-flight request (bsc#1051510).
• USB: gadget: pch_udc: fix use after free (bsc#1051510).
• USB: gadget: u_serial: add missing port entry locking (bsc#1051510).
• USB: gadget: Zero ffsiodata (bsc#1051510).
• USB: host: xhci-hub: fix extra endianness conversion (bsc#1051510).
• usbip: Fix receive error in vhci-hcd when using scatter-gather (bsc#1051510).
• USB: mtu3: fix dbginfo in qmutxzlperrorhandler (bsc#1051510).
• USB: musb: dma: Correct parameter passed to IRQ handler (bsc#1051510).
• USB: musb: fix idling for suspend after disconnect interrupt (bsc#1051510).
• USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).
• USB: serial: io_edgeport: add missing active-port sanity check (bsc#1051510).
• USB: serial: io_edgeport: handle unbound ports on URB completion (bsc#1051510).
• USB: serial: io_edgeport: use irqsave() in USB's complete callback (bsc#1051510).
• USB: serial: ir-usb: add missing endpoint sanity check (bsc#1051510).
• USB: serial: ir-usb: fix IrLAP framing (bsc#1051510).
• USB: serial: ir-usb: fix link-speed handling (bsc#1051510).
• USB: serial: keyspan: handle unbound ports (bsc#1051510).
• USB: serial: opticon: fix control-message timeouts (bsc#1051510).
• USB: serial: option: Add support for Quectel RM500Q (bsc#1051510).
• USB: serial: quatech2: handle unbound ports (bsc#1051510).
• USB: serial: simple: Add Motorola Solutions TETRA MTP3xxx and MTP85xx (bsc#1051510).
• USB: serial: suppress driver bind attributes (bsc#1051510).
• USB: typec: tcpci: mask event interrupts when remove driver (bsc#1051510).
• USB: uas: heed CAPACITY_HEURISTICS (bsc#1051510).
• USB: uas: honor flag to avoid CAPACITY16 (bsc#1051510).
• USB: xhci: Fix build warning seen with CONFIG_PM=n (bsc#1051510).
• workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).
• x86/entry/64: Fix unwind hints in kernel exit path (bsc#1058115).
• x86/entry/64: Fix unwind hints in register clearing code (bsc#1058115).
• x86/entry/64: Fix unwind hints in rewindstackdo_exit() (bsc#1058115).
• x86/entry/64: Fix unwind hints in _switchto_asm() (bsc#1058115).
• x86/Hyper-V: Allow guests to enable InvariantTSC (bsc#1170621).
• x86/Hyper-V: Free hvpanicpage when fail to register kmsg dump (bsc#1170617).
• x86/Hyper-V: Report crash data in die() when paniconoops is set (bsc#1170617).
• x86/Hyper-V: Report crash register data or kmsg before running crash kernel (bsc#1170617).
• x86/Hyper-V: Report crash register data when sysctlrecordpanic_msg is not set (bsc#1170617).
• x86/Hyper-V: report value of misc_features (git-fixes).
• x86/Hyper-V: Trigger crash enlightenment only once during system crash (bsc#1170617).
• x86/Hyper-V: Unload vmbus channel in hv panic callback (bsc#1170617).
• x86/kgbd: Use NMIVECTOR not APICDM_NMI (bsc#1114279).
• x86/mce/AMD: Allow any CPU to initialize the smca_banks array (bsc#1114279).
• x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks (bsc#1114279).
• x86/MCE/AMD: Do not use rdmsrsafeoncpu() in smcaconfigure() (bsc#1114279).
• x86/mce: Fix possibly incorrect severity calculation on AMD (bsc#1114279).
• x86/mm: Split vmallocsyncall() (bsc#1165741).
• x86/resctrl: Fix an imbalance in domainremovecpu() (bsc#1114279).
• x86/resctrl: Fix potential memory leak (bsc#1114279).
• x86/unwind/orc: Do not skip the first frame for inactive tasks (bsc#1058115).
• x86/unwind/orc: Fix error handling in _unwindstart() (bsc#1058115).
• x86/unwind/orc: Fix error path for bad ORC entry type (bsc#1058115).
• x86/unwind/orc: Fix unwindgetreturnaddressptr() for inactive tasks (bsc#1058115).
• x86/unwind/orc: Prevent unwinding before ORC initialization (bsc#1058115).
• x86/unwind: Prevent false warnings for non-current tasks (bsc#1058115).
• x86/xen: fix booting 32-bit pv guest (bsc#1071995).
• x86/xen: Make the boot CPU idle task reliable (bsc#1071995).
• x86/xen: Make the secondary CPU idle tasks reliable (bsc#1071995).
• xen/blkfront: Adjust indentation in xlvbdallocgendisk (bsc#1065600).
• xen-blkfront: switch kcalloc to kvcalloc for large array allocation (bsc#1160917).
• xfrm: Fix transport mode skb control buffer usage (bsc#1161552).
• xfs: also remove cached ACLs when removing the underlying attr (bsc#1165873).
• xfs: bulkstat should copy lastip whenever userspace supplies one (bsc#1165984).
• xfs: Fix tail rounding in xfsallocfile_space() (bsc#1161087, bsc#1153917).
• xhci: Fix memory leak in xhciaddin_port() (bsc#1051510).
• xhci: fix USB3 device initiated resume race with roothub autosuspend (bsc#1051510).
• xhci: handle some XHCITRUSTTX_LENGTH quirks cases as default behaviour (bsc#1051510).
• xhci: make sure interrupts are restored to correct state (bsc#1051510).
• zd1211rw: fix storage endpoint lookup (git-fixes).