SUSE-SU-2020:2908-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20202908-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2908-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:2908-1
Related
Published
2020-10-13T13:49:58Z
Modified
2020-10-13T13:49:58Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-26088: Fixed an improper CAPNETRAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990).
  • CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235).
  • CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721).
  • CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725).
  • CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722).
  • CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423).
  • CVE-2020-25212: Fixed getxattr kernel panic and memory overflow (bsc#1176381).
  • CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482).
  • CVE-2020-14385: Fixed a failure of the file system metadata validator in XFS which could have caused an inode with a valid, user-creatable extended attribute to be flagged as corrupt (bsc#1176137).

The following non-security bugs were fixed:

  • ALSA: asihpi: fix iounmap in error handler (git-fixes).
  • ALSA: ca0106: fix error code handling (git-fixes).
  • ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes).
  • ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes).
  • ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes).
  • ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes).
  • ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO (git-fixes).
  • ALSA: hda: fixup headset for ASUS GX502 laptop (git-fixes).
  • ALSA: hda: hdmi - add Rocketlake support (git-fixes).
  • ALSA: hda/hdmi: always check pin power status in i915 pin fixup (git-fixes).
  • ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes).
  • ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged (git-fixes).
  • ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 (git-fixes).
  • ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes).
  • ALSA: hda/realtek - The Mic on a RedmiBook does not work (git-fixes).
  • ALSA: hda/tegra: Program WAKEEN register for Tegra (git-fixes).
  • ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check (git-fixes).
  • ALSA: usb-audio: Add basic capture support for Pioneer DJ DJM-250MK2 (git-fixes).
  • ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for UR22C (git-fixes).
  • ALSA: usb-audio: Disable autosuspend for Lenovo ThinkStation P620 (git-fixes).
  • arm64: paravirt: Initialize steal time when cpu is online (bsc#1176833).
  • ASoC: img: Fix a reference count leak in imgi2sinsetfmt (git-fixes).
  • ASoC: img-parallel-out: Fix a reference count leak (git-fixes).
  • ASoC: meson: axg-toddr: fix channel order on g12 platforms (git-fixes).
  • ASoC: qcom: common: Fix refcount imbalance on error (git-fixes).
  • ASoC: qcom: Set card->owner to avoid warnings (git-fixes).
  • ASoC: SOF: Intel: add PCI ID for CometLake-S (git-fixes).
  • ASoC: tegra: Fix reference count leaks (git-fixes).
  • ata: ahci: use atalinkinfo() instead of atalinkprintk() (jsc#SLE-14459).
  • batman-adv: Add missing include for in_interrupt() (git-fixes).
  • batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes).
  • batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes).
  • batman-adv: bla: use netifrxni when not in interrupt context (git-fixes).
  • batman-adv: Fix own OGM check in aggregated OGMs (git-fixes).
  • batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh (git-fixes).
  • batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN (git-fixes).
  • batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes).
  • batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes).
  • bcache: Convert pr_<level> uses to a more typical style (git fixes (block drivers)).
  • bitfield.h: do not compile-time validate val in FIELDFIT (git fixes (bitfield)).
  • blktrace: fix debugfs use after free (git fixes (block drivers)).
  • block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)).
  • block: revert back to synchronous request_queue removal (git fixes (block drivers)).
  • block: Use non rcu version of list functions for tagset_list (git-fixes).
  • Bluetooth: btrtl: Add support for RTL8761B (bsc#1177021).
  • bnxt: do not enable NAPI until rings are ready (git-fixes).
  • bnxt_en: Check for zero dir entries in NVRAM (git-fixes).
  • bnxten: Do not query FW when netifrunning() is false (git-fixes).
  • bnxten: Fix completion ring sizing with TPA enabled (networking-stable-2007_29).
  • bnxt_en: fix HWRM error when querying VF temperature (git-fixes).
  • bnxt_en: Fix PCI AER error recovery flow (git-fixes).
  • bnxten: Fix possible crash in bnxtfwresettask() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Fix race when modifying pause settings (networking-stable-2007_29).
  • bonding: check error value of registernetdevice() immediately (networking-stable-2007_29).
  • bonding: check return value of registernetdevice() in bondnewlink() (networking-stable-200729).
  • bonding: fix a potential double-unregister (git-fixes).
  • bpf: Fix a rcu warning for bpffs map pretty-print (bsc#1155518).
  • bpf: mapseqnext should always increase position index (bsc#1155518).
  • btrfs: add a leak check for roots (bsc#1176019).
  • btrfs: add __cold attribute to more functions (bsc#1176019).
  • btrfs: add dedicated members for start and length of a block group (bsc#1176019).
  • btrfs: Add readbackuproot (bsc#1176019).
  • btrfs: block-group: Refactor btrfsreadblock_groups() (bsc#1176019).
  • btrfs: block-group: Reuse the item key from caller of readoneblock_group() (bsc#1176019).
  • btrfs: Cleanup and simplify findnewestsuper_backup (bsc#1176019).
  • btrfs: clear DEADRELOCTREE before dropping the reloc root (bsc#1176019).
  • btrfs: do not init a reloc root if we are not relocating (bsc#1176019).
  • btrfs: Do not use objectid_mutex during mount (bsc#1176019).
  • btrfs: drop block from cache on error in relocation (bsc#1176019).
  • btrfs: drop create parameter to btrfsgetextent() (bsc#1176019).
  • btrfs: drop unused parameter isnew from btrfsiget (bsc#1176019).
  • btrfs: export and rename freefsinfo (bsc#1176019).
  • btrfs: export and use btrfsreadtree_root for tree-log (bsc#1176019).
  • btrfs: Factor out tree roots initialization during mount (bsc#1176019).
  • btrfs: fix setting last_trans for reloc roots (bsc#1176019).
  • btrfs: free more things in btrfsfreefs_info (bsc#1176019).
  • btrfs: free the reloc_control in a consistent way (bsc#1176019).
  • btrfs: handle NULL roots in btrfsput/btrfsgrabfsroot (bsc#1176019).
  • btrfs: hold a ref for the root in btrfsfindorphan_roots (bsc#1176019).
  • btrfs: hold a ref on fs roots while they're in the radix tree (bsc#1176019).
  • btrfs: hold a ref on the root in btrfscheckuuidtreeentry (bsc#1176019).
  • btrfs: hold a ref on the root in btrfsioctlgetsubvolinfo (bsc#1176019).
  • btrfs: hold a ref on the root in btrfsioctlsend (bsc#1176019).
  • btrfs: hold a ref on the root in btrfsrecoverlog_trees (bsc#1176019).
  • btrfs: hold a ref on the root in btrfsrecoverrelocation (bsc#1176019).
  • btrfs: hold a ref on the root in _btrfsrundefraginode (bsc#1176019).
  • btrfs: hold a ref on the root in btrfssearchpathintree (bsc#1176019).
  • btrfs: hold a ref on the root in btrfssearchpathintree_user (bsc#1176019).
  • btrfs: hold a ref on the root in buildbackreftree (bsc#1176019).
  • btrfs: hold a ref on the root in creatependingsnapshot (bsc#1176019).
  • btrfs: hold a ref on the root in createrelocinode (bsc#1176019).
  • btrfs: hold a ref on the root in create_subvol (bsc#1176019).
  • btrfs: hold a ref on the root in finddatareferences (bsc#1176019).
  • btrfs: hold a ref on the root in fixuptreeroot_location (bsc#1176019).
  • btrfs: hold a ref on the root in getsubvolnamefromobjectid (bsc#1176019).
  • btrfs: hold a ref on the root in mergerelocroots (bsc#1176019).
  • btrfs: hold a ref on the root in open_ctree (bsc#1176019).
  • btrfs: hold a ref on the root in preparetomerge (bsc#1176019).
  • btrfs: hold a ref on the root in recordrelocrootintrans (bsc#1176019).
  • btrfs: hold a ref on the root in resolveindirectref (bsc#1176019).
  • btrfs: hold a ref on the root in scrubprintwarning_inode (bsc#1176019).
  • btrfs: hold a ref on the root in search_ioctl (bsc#1176019).
  • btrfs: hold a ref on the root->reloc_root (bsc#1176019).
  • btrfs: hold a root ref in btrfsgetdentry (bsc#1176019).
  • btrfs: hold ref on root in btrfsioctldefault_subvol (bsc#1176019).
  • btrfs: implement full reflink support for inline extents (bsc#1176019).
  • btrfs: make btrfsfindorphanroots use btrfsgetfsroot (bsc#1176019).
  • btrfs: make relocation use btrfsreadtree_root() (bsc#1176019).
  • btrfs: make the fs root init functions static (bsc#1176019).
  • btrfs: make the init of static elements in fs_info separate (bsc#1176019).
  • btrfs: move all reflink implementation code into its own file (bsc#1176019).
  • btrfs: move blockgroupitem::flags to block group (bsc#1176019).
  • btrfs: move blockgroupitem::used to block group (bsc#1176019).
  • btrfs: move fs_info init work into it's own helper function (bsc#1176019).
  • btrfs: move fs root init stuff into btrfsinitfs_root (bsc#1176019).
  • btrfs: open code btrfsreadfsrootno_name (bsc#1176019).
  • btrfs: push btrfsgrabfsroot into btrfsgetfsroot (bsc#1176019).
  • btrfs: push grabfsroot into readfsroot (bsc#1176019).
  • btrfs: push _setuproot into btrfsallocroot (bsc#1176019).
  • btrfs: reloc: clean dirty subvols if we fail to start a transaction (bsc#1176019).
  • btrfs: remove a BUGON() from mergereloc_roots() (bsc#1176019).
  • btrfs: Remove blockrsv parameter from btrfsdrop_snapshot (bsc#1176019).
  • btrfs: remove btrfsreadfs_root, not used anymore (bsc#1176019).
  • btrfs: remove embedded blockgroupcache::item (bsc#1176019).
  • btrfs: Remove newestgen argument from findoldestsuperbackup (bsc#1176019).
  • btrfs: Remove unused nextrootbackup function (bsc#1176019).
  • btrfs: rename blockgroupitem on-stack accessors to follow naming (bsc#1176019).
  • btrfs: rename btrfsblockgroup_cache (bsc#1176019).
  • btrfs: rename btrfsputfsroot and btrfsgrabfsroot (bsc#1176019).
  • btrfs: rename extent buffer block group item accessors (bsc#1176019).
  • btrfs: Rename findoldestsuperbackup to initbackuprootslot (bsc#1176019).
  • btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789).
  • btrfs: reset tree root pointer after error in inittreeroots (bsc#1176019).
  • btrfs: simplify inline extent handling when doing reflinks (bsc#1176019).
  • btrfs: stop clearing EXTENT_DIRTY in inode I/O tree (bsc#1176019).
  • btrfs: Streamline btrfsfsinfo::backuprootindex semantics (bsc#1176019).
  • btrfs: tree-checker: fix the error message for transid error (bsc#1176788).
  • btrfs: unset reloc control if we fail to recover (bsc#1176019).
  • btrfs: use bool argument in freerootpointers() (bsc#1176019).
  • btrfs: use btrfsblockgroupcachedone in updateblockgroup (bsc#1176019).
  • btrfs: use btrfsputfs_root to free roots always (bsc#1176019).
  • ceph: do not allow setlease on cephfs (bsc#1176537).
  • ceph: fix potential mdsc use-after-free crash (bsc#1176538).
  • ceph: fix use-after-free for fsc->mdsc (bsc#1176539).
  • ceph: handle zero-length feature mask in session messages (bsc#1176540).
  • ceph: set sec_context xattr on symlink creation (bsc#1176541).
  • ceph: use frag's MDS in either mode (bsc#1176542).
  • cfg80211: regulatory: reject invalid hints (bsc#1176699).
  • cifs: Fix leak when handling lease break for cached root fid (bsc#1176242).
  • cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
  • cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
  • clk: davinci: Use the correct size when allocating memory (git-fixes).
  • clk: rockchip: Fix initialization of muxpllsrc4pllsp (git-fixes).
  • cxgb4: fix thermal zone device registration (git-fixes).
  • debugfs: Fix module state check condition (bsc#1173746).
  • debugfs: Fix module state check condition (git-fixes).
  • dev: Defer free of skbs in flushbacklog (networking-stable-2007_29).
  • dmaengine: acpi: Put the CSRT table after using it (git-fixes).
  • dmaengine: athdmac: check return value of offinddevicebynode() in atdma_xlate() (git-fixes).
  • dmaengine: dw-edma: Fix scatter-gather address calculation (git-fixes).
  • dmaengine: of-dma: Fix ofdmarouterxlate's ofdma_xlate handling (git-fixes).
  • dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes).
  • dm: do not call report zones for more than the user requested (git fixes (block drivers)).
  • dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)).
  • dm rq: do not call blkmqqueuestopped() in dmstop_queue() (git fixes (block drivers)).
  • dm writecache: add condresched to loop in persistentmemory_claim() (git fixes (block drivers)).
  • dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)).
  • dm zoned: assign maxiolen correctly (git fixes (block drivers)).
  • dpaa2-eth: Fix passing zero to 'PTRERR' warning (networking-stable-2008_08).
  • driver-core: Introduce DEVICEATTRADMIN_{RO,RW} (bsc#1176486 ltc#188130).
  • Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877).
  • Drivers: hv: vmbus: Add timeout to vmbuswaitfor_unload (git-fixes).
  • Drivers: hv: vmbus: hibernation: do not hang forever in vmbusbusresume() (git-fixes).
  • drivers/net/wan/x25asy: Fix to make it work (networking-stable-2007_29).
  • drm/amd/display: fix ref count leak in amdgpudrmioctl (git-fixes).
  • drm/amd/display: Switch to immediate mode for updating infopackets (git-fixes).
  • drm/amdgpu/display: fix ref count leak when pmruntimeget_sync fails (git-fixes).
  • drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes).
  • drm/amdgpu: fix ref count leak in amdgpudisplaycrtcsetconfig (git-fixes).
  • drm/amdgpu: fix ref count leak in amdgpudriveropen_kms (git-fixes).
  • drm/amdgpu/gfx10: refine mgcg setting (git-fixes).
  • drm/amdkfd: Fix reference count leaks (git-fixes).
  • drm/amd/pm: correct the thermal alert temperature limit settings (git-fixes).
  • drm/amd/pm: correct Vega10 swctf limit setting (git-fixes).
  • drm/amd/pm: correct Vega12 swctf limit setting (git-fixes).
  • drm/amd/pm: correct Vega20 swctf limit setting (git-fixes).
  • drm/amd/powerplay: correct UVD/VCE PG state on custom pptable uploading (git-fixes).
  • drm/amd/powerplay: correct Vega20 cached smu feature state (git-fixes).
  • drm/ast: Initialize DRAM type before posting GPU (bsc#1152472) * context changes
  • drm/mgag200: Remove declaration of mgag200_mmap() from header file (bsc#1152472) * context changes
  • drm/nouveau/drm/noveau: fix reference count leak in nouveaufbconopen (git-fixes).
  • drm/nouveau: Fix reference count leak in nouveauconnectordetect (git-fixes).
  • drm/nouveau: fix reference count leak in nv50dispatomic_commit (git-fixes).
  • drm/radeon: fix multiple reference count leak (git-fixes).
  • drm/radeon: Prefer lower feedback dividers (git-fixes).
  • drm/sched: Fix passing zero to 'PTR_ERR' warning v2 (git-fixes).
  • drm/sun4i: add missing put_device() call in (bsc#1152472)
  • drm/sun4i: backend: Disable alpha on the lowest plane on the A20 (bsc#1152472)
  • drm/sun4i: backend: Support alpha property on lowest plane (bsc#1152472)
  • drm/sun4i: Fix dsi dcs long write function (bsc#1152472)
  • drm/virtio: fix missing dmafenceput() in (bsc#1152489) * context changes
  • EDAC/amd64: Add AMD family 17h model 60h PCI IDs (bsc#1152489).
  • EDAC/amd64: Read back the scrub rate PCI register on F15h (bsc#1152489).
  • EDAC: Fix reference count leaks (bsc#1152489).
  • enetc: Remove the mdio bus on PF probe bailout (networking-stable-200729).
  • epoll: atomically remove wait entry on wake up (bsc#1176236).
  • epoll: call final epeventsavailable() check under the lock (bsc#1176237).
  • fbcon: prevent user font height or width change from causing potential out-of-bounds access (git-fixes).
  • ftrace: Setup correct FTRACEFLREGS flags for module (git-fixes).
  • HID: core: Add printkonce variants to hidwarn() etc (bsc#1176775).
  • HID: core: Correctly handle ReportSize being zero (git-fixes).
  • HID: core: fix dmesg flooding if report field larger than 32bit (bsc#1176775).
  • HID: core: reformat and reduce hid_printk macros (bsc#1176775).
  • HID: core: Sanitize event code and type when mapping input (git-fixes).
  • HID: elan: Fix memleak in elaninputconfigured (git-fixes).
  • HID: hiddev: Fix slab-out-of-bounds write in hiddevioctlusage() (git-fixes).
  • HID: i2c-hid: Always sleep 60ms after I2CHIDPWR_ON commands (git-fixes).
  • HID: microsoft: Add rumble support for the 8bitdo SN30 Pro+ controller (git-fixes).
  • HID: quirks: add NOGET quirk for Logitech GROUP (git-fixes).
  • HID: quirks: Always poll three more Lenovo PixArt mice (git-fixes).
  • HID: quirks: Set INCREMENTUSAGEON_DUPLICATE for all Saitek X52 devices (git-fixes).
  • hsr: use netdeverr() instead of WARNONCE() (bsc#1176659).
  • hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877).
  • hv_utils: return error if host timesysnc update is stale (bsc#1176877).
  • i2c: algo: pca: Reapply i2c bus settings after reset (git-fixes).
  • i2c: i801: Fix resume bug (git-fixes).
  • i2c: mxs: use MXSDMACTRLWAIT4END instead of DMACTRL_ACK (git-fixes).
  • i40e: Fix crash during removing i40e driver (git-fixes).
  • i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (git-fixes).
  • ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140).
  • iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio: accel: kxsd9: Fix alignment of local buffer (git-fixes).
  • iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio:accel:mma8452: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio:adc:ina2xx Fix timestamp alignment issue (git-fixes).
  • iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes).
  • iio: adc: mcp3422: fix locking on error path (git-fixes).
  • iio: adc: mcp3422: fix locking scope (git-fixes).
  • iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes).
  • iio:adc:ti-adc084s021 Fix alignment and data leak issues (git-fixes).
  • iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes).
  • iio:chemical:ccs811: Fix timestamp alignment and prevent data leak (git-fixes).
  • iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592rreadraw() (git-fixes).
  • iio:light:ltr501 Fix timestamp alignment issue (git-fixes).
  • iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes).
  • iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes).
  • iio:proximity:mb1232: Fix timestamp alignment and prevent data leak (git-fixes).
  • include/asm-generic/vmlinux.lds.h: align roafterinit (git-fixes).
  • include/linux/bitops.h: avoid clang shift-count-overflow warnings (git-fixes).
  • include/linux/poison.h: remove obsolete comment (git-fixes).
  • initramfs: remove clean_rootfs (git-fixes).
  • initramfs: remove the populateinitrdimage and clean_rootfs stubs (git-fixes).
  • Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists (git-fixes).
  • Input: trackpoint - add new trackpoint variant IDs (git-fixes).
  • iommu/amd: Do not force direct mapping when SME is active (bsc#1174358).
  • iommu/amd: Do not use IOMMUv2 functionality when SME is active (bsc#1174358).
  • iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176357).
  • iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176358).
  • iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176359).
  • iommu/omap: Check for failure of a call to omapiommudump_ctx (bsc#1176360).
  • iommu/vt-d: Fix PASID devTLB invalidation (bsc#1176361).
  • iommu/vt-d: Handle 36bit addressing for x86-32 (bsc#1176362).
  • iommu/vt-d: Handle non-page aligned address (bsc#1176367).
  • iommu/vt-d: Remove global page support in devTLB flush (bsc#1176363).
  • iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176364).
  • iommu/vt-d: Support flushing more translation cache types (bsc#1176365).
  • ipv4: Silence suspicious RCU usage warning (networking-stable-200808).
  • ipv6: fix memory leaks on IPV6ADDRFORM path (networking-stable-2008_08).
  • ipv6: Fix nexthop refcnt leak when creating ipv6 route info (networking-stable-200808).
  • irqdomain/treewide: Free firmware node after domain removal (git-fixes).
  • irqdomain/treewide: Keep firmware node unconditionally allocated (git-fixes).
  • kABI: net: dsa: microchip: call phyremovelink_mode during probe (kabi).
  • kernel/cpupm: Fix uninitted local in cpupm (git fixes (kernel/pm)).
  • kernel-syms.spec.in: Also use bz compression (boo#1175882).
  • libata: implement ATAHORKAGEMAXTRIM128M and apply to Sandisks (jsc#SLE-14459).
  • libbpf: Fix readelf output parsing for Fedora (bsc#1155518).
  • libbpf: Fix readelf output parsing on powerpc with recent binutils (bsc#1155518).
  • libnvdimm: cover up nvdimmsecurityops changes (bsc#1171742).
  • libnvdimm: cover up struct nvdimm changes (bsc#1171742).
  • libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).
  • libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).
  • md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)).
  • media: cedrus: Add missing v4l2ctrlrequesthdlput() (git-fixes).
  • media: davinci: vpif_capture: fix potential double free (git-fixes).
  • media: gpio-ir-tx: improve precision of transmitted signal due to scheduling (git-fixes).
  • media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes).
  • mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).
  • mlx4: disable device on shutdown (git-fixes).
  • mlxsw: destroy workqueue when trapregister in mlxswemadinit (networking-stable-2007_29).
  • mmc: sdhci-acpi: Clear amdsdhcihost on reset (git-fixes).
  • mmc: sdhci-msm: Add retries when all tuning phases are found valid (git-fixes).
  • mmc: sdhci-of-esdhc: Do not walk device-tree on every interrupt (git-fixes).
  • mmc: sdio: Use mmcprereq() / mmcpostreq() (git-fixes).
  • mm: limit boost_watermark on small zones (git fixes (mm/pgalloc)).
  • mm, pagealloc: fix core hung in freepcppages_bulk() (git fixes (mm/pgalloc)).
  • mm/page_alloc: silence a KASAN false positive (git fixes (mm/pgalloc)).
  • mm: remove VMBUGON(PageSlab()) from page_mapcount() (git fixes (mm/compaction)).
  • mm/shuffle: do not move pages between zones and do not read garbage memmaps (git fixes (mm/pgalloc)).
  • mm/sparse: rename pfnpresent() to pfninpresentsection() (git fixes (mm/pgalloc)).
  • mm, thp: fix defrag setting if newline is not used (git fixes (mm/thp)).
  • net: dp83640: fix SIOCSHWTSTAMP to update the struct with actual configuration (networking-stable-200729).
  • net: dsa: microchip: call phyremovelinkmode during probe (networking-stable-2007_29).
  • net: ethernet: mlx4: Fix memory allocation in mlx4buddyinit() (git-fixes).
  • net: ethernet: mtkethsoc: fix MTU warnings (networking-stable-200808).
  • netfilter: ipset: Fix forceadd evaluation path (bsc#1176587).
  • net: Fix potential memory leak in protoregister() (networking-stable-2008_15).
  • net: gre: recompute gre csum for sctp over gre tunnels (networking-stable-200808).
  • net: initialize fastreuse on inetinheritport (networking-stable-200815).
  • net/nfc/rawsock.c: add CAPNETRAW check (networking-stable-200815).
  • net: refactor bindbucket fastreuse into helper (networking-stable-2008_15).
  • net: sched: initialize with 0 before setting erspan md->u (bsc#1154353).
  • net: Set fputneeded iff FDPUTFPUT is set (networking-stable-200815).
  • net/smc: put slot when connection is killed (git-fixes).
  • net-sysfs: add a newline when printing 'txtimeout' by sysfs (networking-stable-2007_29).
  • net: thunderx: use spinlockbh in nicvfsetrxmodetask() (networking-stable-200808).
  • net/tls: Fix kmap usage (networking-stable-200815).
  • net: udp: Fix wrong clean up for ISUDPLITE macro (networking-stable-2007_29).
  • NFC: st95hf: Fix memleak in st95hfinsend_cmd (git-fixes).
  • nvme-fc: set max_segments to lldd max value (bsc#1176038).
  • nvme-pci: override the value of the controller's numa node (bsc#1176507).
  • omapfb: fix multiple reference count leaks due to pmruntimeget_sync (git-fixes).
  • openvswitch: Prevent kernel-infoleak in ovsctputkey() (networking-stable-2008_08).
  • PCI: Fix pcicreateslot() reference count leak (git-fixes).
  • platform/x86: dcdbas: Check SMBIOS for protected buffer address (jsc#SLE-14407).
  • powerpc/64: mark emergency stacks valid to unwind (bsc#1156395).
  • powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#168122).
  • powerpc/64s: machine check interrupt update NMI accounting (bsc#1094244 ltc#168122).
  • powerpc: Add cputimetonsecs() (bsc#1065729).
  • powerpc/book3s64/radix: Add kernel command line option to disable radix GTSE (bsc#1055186 ltc#153436 jsc#SLE-13512).
  • powerpc: Do not flush caches when adding memory (bsc#1176980 ltc#187962).
  • powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).
  • powerpc/kernel: Cleanup machine check function declarations (bsc#1065729).
  • powerpc/kernel: Enables memory hot-remove after reboot on pseries guests (bsc#1177030 ltc#187588).
  • powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436 jsc#SLE-13512).
  • powerpc/mm: Limit resizehptfor_hotplug() call to hash guests only (bsc#1177030 ltc#187588).
  • powerpc/mm/radix: Create separate mappings for hot-plugged memory (bsc#1055186 ltc#153436).
  • powerpc/mm/radix: Fix PTE/PMD fragment count for early page table mappings (bsc#1055186 ltc#153436).
  • powerpc/mm/radix: Free PUD table when freeing pagetable (bsc#1055186 ltc#153436).
  • powerpc/mm/radix: Remove splitkernelmapping() (bsc#1055186 ltc#153436).
  • powerpc/numa: Early request for home node associativity (bsc#1171068 ltc#183935).
  • powerpc/numa: Offline memoryless cpuless node 0 (bsc#1171068 ltc#183935).
  • powerpc/numa: Prefer node id queried from vphn (bsc#1171068 ltc#183935).
  • powerpc/numa: Set numa_node for all possible cpus (bsc#1171068 ltc#183935).
  • powerpc/numa: Use cpu node map of first sibling thread (bsc#1171068 ltc#183935).
  • powerpc/paprscm: Limit the readability of 'perfstats' sysfs attribute (bsc#1176486 ltc#188130).
  • powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436 jsc#SLE-13512).
  • powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122).
  • powerpc/pseries: Machine check use rtascallunlocked() with args on stack (bsc#1094244 ltc#168122).
  • powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244 ltc#168122).
  • powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).
  • powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244 ltc#168122).
  • powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#168122).
  • powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).
  • powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244 ltc#168122).
  • powerpc/xmon: Use dcbf inplace of dcbi instruction for 64bit Book3S (bsc#1065729).
  • qrtr: orphan socket in qrtrrelease() (networking-stable-2007_29).
  • RDMA/bnxt_re: Do not report transparent vlan from QP1 (bsc#1173017).
  • RDMA/bnxt_re: Fix the qp table indexing (bsc#1173017).
  • RDMA/bnxtre: Remove set but not used variable 'qplibctx' (bsc#1170774).
  • RDMA/bnxt_re: Remove the qp from list only if the qp destroy succeeds (bsc#1170774).
  • RDMA/bnxtre: Restrict the maxgids to 256 (bsc#1173017).
  • RDMA/bnxt_re: Static NQ depth allocation (bsc#1170774).
  • RDMA/mlx4: Read pkey table length instead of hardcoded value (git-fixes).
  • RDMA/siw: Suppress uninitialized var warning (jsc#SLE-8381).
  • Remove patch causing regression (bsc#1094244 ltc#168122).
  • rpadlpario: Add MODULEDESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243).
  • rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)
  • rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#SLE-13618).
  • rpm/kernel-binary.spec.in: pack .ipa-clones files for live patching When -fdump-ipa-clones option is enabled, GCC reports about its cloning operation during IPA optimizations. We use the information for live patches preparation, because it is crucial to know if and how functions are optimized. Currently, we create the needed .ipa-clones dump files manually. It is unnecessary, because the files may be created automatically during our kernel build. Prepare for the step and provide the resulting files in -livepatch-devel package.
  • rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To avoid the unnecessary key enrollment, when enrolling the signing key of the kernel package, '--ca-check' is added to mokutil so that mokutil will ignore the request if the CA of the signing key already exists in MokList or UEFI db. Since the macro, %susekernelmodulesubpackage, is only defined in a kernel module package (KMP), it's used to determine whether the %post script is running in a kernel package, or a kernel module package.
  • rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).
  • rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#1176698) The '-c' option wasn't passed down to %kernelmodule_package so the ueficert subpackage wasn't generated even if the certificate is specified in the spec file.
  • rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).
  • rxrpc: Fix race between recvmsg and sendmsg on immediate call failure (networking-stable-200808).
  • rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA (networking-stable-200729).
  • s390: Change s390kernelwrite() return type to match memcpy() (bsc#1176449). Prerequisite for bsc#1176449.
  • s390/dasd: fix inability to use DASD with DIAG driver (git-fixes).
  • s390: fix GENERIC_LOCKBREAK dependency typo in Kconfig (git-fixes).
  • s390/maccess: add no DAT mode to kernel_write (bsc#1176449).
  • s390/mm: fix huge pte soft dirty copying (git-fixes).
  • s390/qeth: do not process empty bridge port events (git-fixes).
  • s390/qeth: integrate RX refill worker with NAPI (git-fixes).
  • s390/qeth: tolerate pre-filled RX buffer (git-fixes).
  • s390/setup: init jump labels before command line parsing (git-fixes).
  • sbitmap: Consider cleared bits in sbitmapbitmapshow() (git fixes (block drivers)).
  • scsi: fcoe: Memory leak fix in fcoesysfsfcf_del() (bsc#1174899).
  • scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#188304).
  • scsi: ibmvfc: Use compiler attribute defines instead of attribute() (bsc#1176962 ltc#188304).
  • scsi: libfc: Fix for double free() (bsc#1174899).
  • scsi: libfc: Free skb in fcdiscgpnidresp() for valid cases (bsc#1174899).
  • scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).
  • scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).
  • scsi: qla2xxx: Fix regression on sparc64 (git-fixes).
  • scsi: qla2xxx: Fix the return value (bsc#1171688).
  • scsi: qla2xxx: Fix the size used in a 'dmafreecoherent()' call (bsc#1171688).
  • scsi: qla2xxx: Fix wrong return value in qlanvmeregister_hba() (bsc#1171688).
  • scsi: qla2xxx: Fix wrong return value in qltchkunresolv_exchg() (bsc#1171688).
  • scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).
  • scsi: qla2xxx: Log calling function name in qla2x00getspfromhandle() (bsc#1171688).
  • scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).
  • scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).
  • scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).
  • scsi: qla2xxx: Simplify return value logic in qla2x00getspfromhandle() (bsc#1171688).
  • scsi: qla2xxx: Suppress two recently introduced compiler warnings (git-fixes).
  • scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1171688).
  • scsi: zfcp: Fix use-after-free in request timeout handlers (git-fixes).
  • sctp: shrink stream outq only when new outcnt < old outcnt (networking-stable-200729).
  • sctp: shrink stream outq when fails to do addstream reconf (networking-stable-200729).
  • selftests/net: relax cpu affinity requirement in msgzerocopy test (networking-stable-2008_08).
  • serial: 8250_pci: Add Realtek 816a and 816b (git-fixes).
  • SMB3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558).
  • SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546).
  • SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
  • SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
  • SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
  • soundwire: fix double free of dangling pointer (git-fixes).
  • spi: Fix memory leak on splited transfers (git-fixes).
  • spi: spi-loopback-test: Fix out-of-bounds read (git-fixes).
  • spi: stm32: always perform registers configuration prior to transfer (git-fixes).
  • spi: stm32: clear only asserted irq flags on interrupt (git-fixes).
  • spi: stm32: fix fifo threshold level in case of short transfer (git-fixes).
  • spi: stm32: fix pmruntimeget_sync() error checking (git-fixes).
  • spi: stm32: fix stm32spipreparembr in case of odd clkrate (git-fixes).
  • spi: stm32h7: fix race condition at end of transfer (git-fixes).
  • taprio: Fix using wrong queues in gate mask (bsc#1154353).
  • tcp: apply a floor of 1 for RTT samples from TCP timestamps (networking-stable-200808).
  • tcp: correct read of TFO keys on big endian systems (networking-stable-200815).
  • testkmod: avoid potential double free in triggerconfigruntype() (git-fixes).
  • tg3: Fix soft lockup when tg3resettask() fails (git-fixes).
  • thermal: qcom-spmi-temp-alarm: Do not suppress negative temp (git-fixes).
  • thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 (git-fixes).
  • tracing: fix double free (git-fixes).
  • Update patches.suse/btrfs-add-dedicated-members-for-start-and-length-of-.patch (bsc#1176019).
  • USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).
  • USB: Fix out of sync data toggle if a configured device is reconfigured (git-fixes).
  • USB: gadget: fncm: add bounds checks to ncmunwrap_ntb() (git-fixes).
  • USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).
  • USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).
  • USB: lvtest: return proper error code in probe (git-fixes).
  • USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes).
  • USB: quirks: Add USBQUIRKIGNOREREMOTEWAKEUP quirk for BYD zhaoxin notebook (git-fixes).
  • USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).
  • USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules (git-fixes).
  • USB: serial: option: support dynamic Quectel USB compositions (git-fixes).
  • USB: sisusbvga: Fix a potential UB casued by left shifting a negative value (git-fixes).
  • USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).
  • USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).
  • USB: typec: ucsi: Prevent mode overrun (git-fixes).
  • USB: uas: Add quirk for PNY Pro Elite (git-fixes).
  • USB: UAS: fix disconnect by unplugging a hub (git-fixes).
  • USB: yurex: Fix bad gfp argument (git-fixes).
  • vfio-pci: Avoid recursive read-lock usage (bsc#1176366).
  • virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes (block drivers)).
  • vsock/virtio: annotate 'thevirtiovsock' RCU pointer (networking-stable-200729).
  • vt: defer kfree() of vcscreenbuf in vcdo_resize() (git-fixes).
  • vxlan: Ensure FDB dump is performed under RCU (networking-stable-200808).
  • wireguard: noise: take lock when removing handshake entry from table (git-fixes).
  • wireguard: peerlookup: take lock before checking hash in replace operation (git-fixes).
  • workqueue: require CPU hotplug read exclusion for applyworkqueueattrs (bsc#1176763).
  • x86/hotplug: Silence APIC only after all interrupts are migrated (git-fixes).
  • x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1152489).
  • x86, sched: Bail out of frequency invariance if turbofreq/basefreq gives 0 (bsc#1176925).
  • x86, sched: Bail out of frequency invariance if turbo frequency is unknown (bsc#1176925).
  • x86, sched: check for counters overflow in frequency invariant accounting (bsc#1176925).
  • x86/stacktrace: Fix reliable check for empty user task stacks (bsc#1058115).
  • x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).
  • xen: do not reschedule in preemption off sections (bsc#1175749).
  • XEN uses irqdesc::irqdatacommon::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (bsc#1065600).
  • xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-azure

Package

Name
kernel-azure
Purl
purl:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.21.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.21.1",
            "kernel-azure-devel": "5.3.18-18.21.1",
            "kernel-devel-azure": "5.3.18-18.21.1",
            "kernel-syms-azure": "5.3.18-18.21.1",
            "kernel-source-azure": "5.3.18-18.21.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
purl:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.21.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.21.1",
            "kernel-azure-devel": "5.3.18-18.21.1",
            "kernel-devel-azure": "5.3.18-18.21.1",
            "kernel-syms-azure": "5.3.18-18.21.1",
            "kernel-source-azure": "5.3.18-18.21.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP2 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
purl:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-18.21.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-18.21.1",
            "kernel-azure-devel": "5.3.18-18.21.1",
            "kernel-devel-azure": "5.3.18-18.21.1",
            "kernel-syms-azure": "5.3.18-18.21.1",
            "kernel-source-azure": "5.3.18-18.21.1"
        }
    ]
}