SUSE-SU-2020:3764-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20203764-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:3764-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:3764-1
Related
Published
2020-12-11T13:25:44Z
Modified
2020-12-11T13:25:44Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
  • CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
  • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
  • CVE-2020-25705: Fixed A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782).
  • CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
  • CVE-2020-27786: Fixed a use after free in kernel midi subsystem sndrawmidikernel_read1() (bsc#1179601).
  • CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
  • CVE-2020-28941: Fixed an issue where local attackers on systems with the speakup driver could cause a local denial of service attack (bsc#1178740).
  • CVE-2020-29369: Fixed a race condition between certain expand functions (expanddownwards and expandupwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 bsc#1179432).
  • CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).
  • CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666).

The following non-security bugs were fixed:

  • ACPI: APEI: Kick the memory_failure() queue for synchronous errors (jsc#SLE-16610).
  • ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes).
  • ACPICA: Add NHLT table signature (bsc#1176200).
  • Add bug reference to two hv_netvsc patches (bsc#1178853).
  • ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
  • ALSA: firewire: Clean up a locking issue in copyrespto_buf() (git-fixes).
  • ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes).
  • ALSA: hda/generic: Add option to enforce preferred_dacs pairs (git-fixes).
  • ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (git-fixes).
  • ALSA: hda/realtek - Add new codec supported for ALC897 (git-fixes).
  • ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
  • ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes).
  • ALSA: hda/realtek - Add supported mute Led for HP (git-fixes).
  • ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (git-fixes).
  • ALSA: hda/realtek: Fix bass speaker DAC assignment on Asus Zephyrus G14 (git-fixes).
  • ALSA: hda/realtek - Fixed Dell AIO wrong sound tone (git-fixes).
  • ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes).
  • ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes).
  • ALSA: mixart: Fix mutex deadlock (git-fixes).
  • ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).
  • ALSA: usb-audio: Convert to the common vmalloc memalloc (bsc#1178203).
  • ALSA: usb-audio: Correct wrongly matching entries with audio class (bsc#1178203).
  • ALSA: usb-audio: Move device rename and profile quirks to an internal table (bsc#1178203).
  • ALSA: usb-audio: Properly match with audio interface class (bsc#1178203).
  • ALSA: usb-audio: Simplify quirk entries with a macro (bsc#1178203).
  • ALSA: usb-audio: Support PCM sync_stop (bsc#1178203).
  • ALSA: usb-audio: US16x08: fix value count for level meters (git-fixes).
  • ALSA: usb-audio: Use ALC1220-VB-DT mapping for ASUS ROG Strix TRX40 mobo (bsc#1178203).
  • ALSA: usb-audio: Use managed buffer allocation (bsc#1178203).
  • arm64: acpi: Make apeiclaimsea() synchronise with APEI's irq work (jsc#SLE-16610).
  • arm64: bpf: Fix branch offset in JIT (git-fixes).
  • arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes).
  • arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes).
  • arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes).
  • arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes).
  • arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes).
  • arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes).
  • arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes).
  • arm64: Run ARCHWORKAROUND1 enabling code on all CPUs (git-fixes).
  • arm64: Run ARCHWORKAROUND2 enabling code on all CPUs (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes).
  • arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes).
  • arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes).
  • ASoC: Intel: bytcr_rt5640: Fix HP Pavilion x2 Detachable quirks (git-fixes).
  • ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
  • ASoC: wmadsp: fix error return code in wmadsp_load() (git-fixes).
  • batman-adv: Consider fragmentation for needed_headroom (git-fixes).
  • batman-adv: Do not always reallocate the fragmentation skb head (git-fixes).
  • batman-adv: Reserve needed_*room for fragments (git-fixes).
  • batman-adv: set .owner to THIS_MODULE (git-fixes).
  • blk-mq-blk-mq-provide-forced-completion-method.patch: (bsc#1175995,jsc#SLE-15608,bsc#1178756).
  • bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274).
  • bnxten: Check abort error state in bnxtopen_nic() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Fix NULL ptr dereference crash in bnxtfwresettask() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Fix regression in workqueue cleanup logic in bnxtremove_one() (jsc#SLE-8371 bsc#1153274).
  • bnxten: Invoke canceldelayedworksync() for PFs also (jsc#SLE-8371 bsc#1153274).
  • bnxten: return proper error codes in bnxtshow_temp (git-fixes).
  • bnxten: Send HWRMFUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274).
  • bpf: Do not rely on GCC attribute((optimize)) to disable GCSE (bsc#1155518).
  • bpf: Fix comment for helper bpfcurrenttaskundercgroup() (bsc#1155518).
  • bpf: Zero-fill re-used per-cpu map element (bsc#1155518).
  • btrfs: allow btrfstruncateblock() to fallback to nocow for data space reservation (bsc#1161099).
  • btrfs: fix bytesmayuse underflow in prealloc error condtition (bsc#1179217).
  • btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217).
  • btrfs: fix relocation failure due to race with fallocate (bsc#1179217).
  • btrfs: qgroup: do not commit transaction when we already hold the handle (bsc#1178634).
  • btrfs: remove itemsize member of struct btrfscloneextentinfo (bsc#1179217).
  • btrfs: rename btrfsinsertclone_extent() to a more generic name (bsc#1179217).
  • btrfs: rename btrfspunchhole_range() to a more generic name (bsc#1179217).
  • btrfs: rename struct btrfscloneextent_info to a more generic name (bsc#1179217).
  • can: afcan: prevent potential access of uninitialized member in canfdrcv() (git-fixes).
  • can: afcan: prevent potential access of uninitialized member in canrcv() (git-fixes).
  • can: ccan: ccanpowerup(): fix error handling (git-fixes).
  • can: dev: can_restart(): post buffer from the right context (git-fixes).
  • can: flexcan: flexcansetupstopmode(): add missing 'reqbit' to stop mode property comment (git-fixes).
  • can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
  • can: kvaserusb: kvaserusb_hydra: Fix KCAN bittiming limits (git-fixes).
  • can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
  • can: mcan: mcanhandlestate_change(): fix state change (git-fixes).
  • can: mcan: mcan_stop(): set device to software init mode before closing (git-fixes).
  • can: mcbausb: mcbausbstartxmit(): first fill skb, then pass to canputecho_skb() (git-fixes).
  • can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
  • can: sja1000: sja1000_err(): do not count arbitration lose as an error (git-fixes).
  • can: sun4ican: sun4ican_err(): do not count arbitration lose as an error (git-fixes).
  • ceph: add checksessionstate() helper and make it global (bsc#1179012).
  • ceph: check session state after bumping session->s_seq (bsc#1179012).
  • ceph: check the sesion state and return false in case it is closed (bsc#1179012).
  • ceph: downgrade warning from mdsmap decode to debug (bsc#1178653).
  • ceph: fix race in concurrent _cephremove_cap invocations (bsc#1178635).
  • cfg80211: initialize wdev data earlier (git-fixes).
  • cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
  • cifs: allow syscalls to be restarted in _smbsend_rqst() (bsc#1176956).
  • cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
  • cifs: fix potential use-after-free in cifsechorequest() (bsc#1139944).
  • cifs: remove bogus debug code (bsc#1179427).
  • cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
  • clk: define toclkregmap() as inline function (git-fixes).
  • compiler_attributes.h: Add 'fallthrough' pseudo keyword for switch/case use (bsc#1178203).
  • Convert trailing spaces and periods in path components (bsc#1179424).
  • coredump: fix core_pattern parse error (git-fixes).
  • crypto: sun4i-ss - add the A33 variant of SS (git-fixes).
  • devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353).
  • docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
  • Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076).
  • drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397).
  • Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64.
  • EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001).
  • EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001).
  • EDAC/amd64: Gather hardware information early (bsc#1179001).
  • EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001).
  • EDAC/amd64: Make struct amd64familytype global (bsc#1179001).
  • EDAC/amd64: Save max number of controllers to family type (bsc#1179001).
  • EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001).
  • efi: add missed destroyworkqueue when efisubsysinit fails (git-fixes).
  • efi: efibc: check for efivars write capability (git-fixes).
  • efi: EFI_EARLYCON should depend on EFI (git-fixes).
  • efi/efivars: Set generic ops before loading SSDT (git-fixes).
  • efi/esrt: Fix reference count leak in esrecreatesysfs_entry (git-fixes).
  • efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes).
  • efi: provide empty efientervirtual_mode implementation (git-fixes).
  • efivarfs: fix memory leak in efivarfs_create() (git-fixes).
  • efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes).
  • efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes).
  • efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
  • efi/x86: Fix the deletion of variables in mixed mode (git-fixes).
  • efi/x86: Free efipgd with freepages() (git-fixes).
  • efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes).
  • efi/x86: Ignore the memory attributes table on i386 (git-fixes).
  • efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
  • ethtool: fix error handling in ethtoolphysid (git-fixes).
  • firmware: armsdei: Document the motivation behind these setfs() calls (jsc#SLE-16610).
  • Fix wrongly set CONFIGSOUNDWIRE=y (bsc#1179201) CONFIGSOUNDWIRE was mistakenly set as built-in. Mark it as module.
  • futex: Do not enable IRQs unconditionally in putpistate() (bsc#1149032).
  • futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1149032).
  • geneve: pull IP header before ECN decapsulation (git-fixes).
  • HID: add HIDQUIRKINCREMENTUSAGEON_DUPLICATE for Gamevice devices (git-fixes).
  • HID: Add Logitech Dinovo Edge battery quirk (git-fixes).
  • HID: add support for Sega Saturn (git-fixes).
  • HID: cypress: Support Varmilo Keyboards' media hotkeys (git-fixes).
  • HID: hid-sensor-hub: Fix issue with devices with no report ID (git-fixes).
  • HID: ite: Replace ABS_MISC 120/121 events with touchpad on/off keypresses (git-fixes).
  • HID: logitech-dj: Fix an error in msebluetoothdescriptor (git-fixes).
  • HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes).
  • HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes).
  • HID: logitech-hidpp: Add HIDPPCONSUMERVENDOR_KEYS quirk for the Dinovo Edge (git-fixes).
  • HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes).
  • HID: uclogic: Add ID for Trust Flex Design Tablet (git-fixes).
  • hv_balloon: disable warning when floor reached (git-fixes).
  • hv: clocksource: Add notrace attribute to readhvschedclock*() functions (git-fixes).
  • hwmon: (pwm-fan) Fix RPM calculation (git-fixes).
  • i2c: mediatek: move dma reset before i2c reset (git-fixes).
  • i2c: qup: Fix error return code in qupi2cbamscheduledesc() (git-fixes).
  • i2c: sh_mobile: implement atomic transfers (git-fixes).
  • igc: Fix not considering the TX delay for timestamps (bsc#1160634).
  • igc: Fix wrong timestamp latency numbers (bsc#1160634).
  • iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
  • iio: accel: kxcjk1013: Replace issmo8500device with an acpi_type enum (git-fixes).
  • iio: adc: mediatek: fix unset field (git-fixes).
  • iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes).
  • Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
  • Input: i8042 - allow insmod to succeed on devices without an i8042 controller (git-fixes).
  • Input: i8042 - fix error return code in i8042setupaux() (git-fixes).
  • Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes).
  • intel_idle: Customize IceLake server support (bsc#1178286).
  • ionic: check port ptr before use (bsc#1167773).
  • iwlwifi: mvm: write queuesyncstate only for sync (git-fixes).
  • kABI: revert use_mm name change (MM Functionality, bsc#1178426).
  • kABI workaround for HD-audio generic parser (git-fixes).
  • kABI workaround for HD-audio (git-fixes).
  • kABI workaround for USB audio driver (bsc#1178203).
  • kernel: better document the usemm/unusemm API contract (MM Functionality, bsc#1178426).
  • kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
  • kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPMBUILDROOT is cleared before %%install. Do the unpack into RPMBUILDROOT in %%install
  • kernel/watchdog: fix watchdogallowedmask not used warning (git-fixes).
  • kgdb: Fix spurious true from indbgmaster() (git-fixes).
  • KVM: arm64: ARMSMCCCARCHWORKAROUND1 does not return SMCCCRETNOT_REQUIRED (git-fixes).
  • lan743x: fix issue causing intermittent kernel log warnings (git-fixes).
  • lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes).
  • libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518).
  • libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • lib/strncpyfromuser.c: Mask out bytes after NUL terminator (bsc#1155518).
  • mac80211: always wind down STA state (git-fixes).
  • mac80211: fix use of skb payload instead of header (git-fixes).
  • mac80211: free sta in stainfoinsert_finish() on errors (git-fixes).
  • mac80211: minstrel: fix tx status processing corner case (git-fixes).
  • mac80211: minstrel: remove deferred sampling code (git-fixes).
  • mei: protect meiclmtu from null dereference (git-fixes).
  • mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes).
  • mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes).
  • mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426).
  • mm: fix kthreadusemm() vs TLB invalidate (MM Functionality, bsc#1178426).
  • mm/gup: allow FOLLFORCE for getuserpagesfast() (git fixes (mm/gup)).
  • mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235).
  • mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)).
  • mm/memory-failure: Add memoryfailurequeue_kick() (jsc#SLE-16610).
  • mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)).
  • mm: swap: make page_evictable() inline (git fixes (mm/vmscan)).
  • mm: swap: use smpmbafteratomic() to order LRU bit set (git fixes (mm/vmscan)).
  • mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755).
  • modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076).
  • net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
  • net: ena: Change license into format to SPDX in all files (bsc#1177397).
  • net: ena: Change log message to netif/dev function (bsc#1177397).
  • net: ena: Change RSS related macros and variables names (bsc#1177397).
  • net: ena: ethtool: Add new device statistics (bsc#1177397).
  • net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
  • net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
  • net: ena: Fix all static chekers' warnings (bsc#1177397).
  • net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
  • net: ena: handle bad request id in ena_netdev (bsc#1174852).
  • net: ena: Remove redundant print of placement policy (bsc#1177397).
  • net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
  • net: fix pos incrementment in ipv6routeseq_next (bsc#1154353).
  • net/mlx5: Clear bw_share upon VF disable (jsc#SLE-8464).
  • net/mlx5: E-Switch, Fail mlx5eswmodifyvportrate if qos disabled (jsc#SLE-8464).
  • net: sctp: Rename fallthrough label to unhandled (bsc#1178203).
  • net/x25: prevent a couple of overflows (bsc#1178590).
  • nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
  • NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
  • nvme: do not update disk info for multipathed device (bsc#1171558).
  • nvme-force-complete-cancelled-requests.patch: (bsc#1175995,bsc#1178756,jsc#SLE-15608).
  • pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
  • pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
  • platform/x86: thinkpad_acpi: Send tablet mode switch at wakeup time (git-fixes).
  • platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
  • powerpc/64s/radix: Fix mmcpumask trimming race vs kthreaduse_mm (MM Functionality, bsc#1178426).
  • powerpc: Inline doorbell sending functions (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc/numa: Fix a regression on memoryless node 0 (bsc#1179639 ltc#189002).
  • powerpc/perf: consolidate GPCI hcall structs into asm/hvcall.h (jsc#SLE-16360 jsc#SLE-16915).
  • powerpc/perf: Fix crash with issieravailable when pmu is not set (bsc#1179578 ltc#189313).
  • powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • powerpc/pseries: Add KVM guest doorbell restrictions (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc/pseries: new lparcfg key/value pair: partitionaffinityscore (jsc#SLE-16360 jsc#SLE-16915).
  • powerpc/pseries: Use doorbells even if XIVE is available (jsc#SLE-15869 jsc#SLE-16321).
  • powerpc: select ARCHWANTIRQSOFFACTIVATE_MM (MM Functionality, bsc#1178426).
  • powerpc/vnic: Extend 'failover pending' window (bsc#1176855 ltc#187293).
  • qla2xxx: Add MODULE_VERSION back to driver (bsc#1179160).
  • RDMA/hns: Fix retrycnt and rnrcnt when querying QP (jsc#SLE-8449).
  • RDMA/hns: Fix the wrong value of rnr_retry when querying qp (jsc#SLE-8449).
  • RDMA/hns: Fix wrong field of SRQ number the device supports (jsc#SLE-8449).
  • RDMA/hns: Solve the overflow of the calcpgsz() (jsc#SLE-8449).
  • RDMA/mlx5: Fix devlink deadlock on net namespace deletion (jsc#SLE-8464).
  • RDMA/qedr: Fix return code if accept is called on a destroyed qp (jsc#SLE-8215).
  • RDMA/ucma: Add missing locking around rdmaleavemulticast() (git-fixes).
  • reboot: fix overflow parsing reboot cpu number (git-fixes).
  • regulator: avoid resolve_supply() infinite recursion (git-fixes).
  • regulator: fix memory leak with repeated setmachineconstraints() (git-fixes).
  • regulator: pfuze100: limit pfuze-support-disable-sw to pfuze{100,200} (git-fixes).
  • regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).
  • regulator: workaround self-referent regulators (git-fixes).
  • Restore the header of series.conf The header of series.conf was accidentally changed by abb50be8e6bc '(kABI: revert use_mm name change (MM Functionality, bsc#1178426))'.
  • Revert 'xfs: complain if anyone tries to create a too-large buffer' (bsc#1179425, bsc#1179550)
  • rfkill: Fix use-after-free in rfkill_resume() (git-fixes).
  • rpm/kernel-binary.spec.in: avoid using barewords (bsc#1179014) Author: Dominique Leuenberger -dimstar@opensuse.org
  • rpm/kernel-binary.spec.in: avoid using more barewords (bsc#1179014) %split_extra still contained two.
  • rpm/kernel-binary.spec.in: use grep -E instead of egrep (bsc#1179045) egrep is only a deprecated bash wrapper for 'grep -E'. So use the latter instead.
  • rpm/kernel-obs-build.spec.in: Add -q option to modprobe calls (bsc#1178401)
  • rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).
  • rpm/mkspec: do not build kernel-obs-build on x8632 We want to use 64bit kernel due to various bugs (bsc#1178762 to name one). There is: ExportFilter: ^kernel-obs-build.*.x8664.rpm$ . i586 in Factory's prjconf now. No other actively maintained distro (i.e. merging packaging branch) builds a x86_32 kernel, hence pushing to packaging directly.
  • rtw88: debug: Fix uninitialized memory in debugfs code (git-fixes).
  • s390/bpf: Fix multiple tail calls (git-fixes).
  • s390/cpumcf,perf: change DFLTCCERROR counter name (bsc#1175918 LTC#187935).
  • s390/cpumsf.c: fix file permission for cpumsfb_size (git-fixes).
  • s390/dasd: fix null pointer dereference for ERP requests (git-fixes).
  • s390/pkey: fix paes selftest failure with paes and pkey static build (git-fixes).
  • s390/zcrypt: fix kmalloc 256k failure (bsc#1177066 LTC#188341).
  • s390/zcrypt: Fix ZCRYPTPERDEVREQCNT ioctl (bsc#1177070 LTC#188342).
  • sched/fair: Ensure tasks spreading in LLC during LB (git fixes (sched)).
  • sched/fair: Fix unthrottlecfsrq() for leafcfsrq list (git fixes (sched)).
  • sched: Fix loadavg accounting race on arm64 kabi (bnc#1178227).
  • sched: Fix rq->nr_iowait ordering (git fixes (sched)).
  • scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
  • scsi: libiscsi: Fix NOP race condition (bsc#1176481).
  • scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).
  • spi: lpspi: Fix use-after-free on unbind (git-fixes).
  • staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).
  • SUNRPC: fix copying of multiple pages in gssreadproxy_verf() (bsc#1154353).
  • SUNRPC: Fix general protection fault in tracerpcxdr_overflow() (git-fixes).
  • thunderbolt: Add the missed idasimpleremove() in ringrequestmsix() (git-fixes).
  • thunderbolt: Fix memory leak if idasimpleget() fails in enumerate_services() (git-fixes).
  • thunderbolt: Fix use-after-free in removeunpluggedswitch() (git-fixes).
  • timer: Fix wheel index calculation on last level (git-fixes).
  • timer: Prevent base->clk from moving backward (git-fixes).
  • time/schedclock: Mark schedclockreadbegin/retry() as notrace (git-fixes).
  • tpm: efi: Do not create binarybiosmeasurements file for an empty log (git-fixes).
  • tpm_tis: Disable interrupts on ThinkPad T490s (git-fixes).
  • tty: Fix ->pgrp locking in tiocspgrp() (git-fixes).
  • tty: serial: imx: fix potential deadlock (git-fixes).
  • tty: serial: imx: keep console clocks always on (git-fixes).
  • uio: Fix use-after-free in uiounregisterdevice() (git-fixes).
  • Update patches.suse/xfrm-Fix-memleak-on-xfrm-state-destroy.patch references (add bsc#1158775).
  • USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
  • USB: core: Change %pK for __user pointers to %px (git-fixes).
  • USB: core: driver: fix stray tabs in error messages (git-fixes).
  • USB: core: Fix regression in Hercules audio card (git-fixes).
  • USB: gadget: f_fs: Use local copy of descriptors for userspace copy (git-fixes).
  • USB: gadget: Fix memleak in gadgetfsfillsuper (git-fixes).
  • USB: gadget: fmidi: Fix memleak in fmidi_alloc (git-fixes).
  • USB: gadget: goku_udc: fix potential crashes in probe (git-fixes).
  • USB: quirks: Add USBQUIRKDISCONNECT_SUSPEND quirk for Lenovo A630Z TIO built-in usb-audio card (git-fixes).
  • USB: serial: kl5kusb105: fix memleak on open (git-fixes).
  • USB: serial: kl5kusb105: fix memleak on open (git-fixes).
  • USB: serial: option: fix Quectel BG96 matching (git-fixes).
  • video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
  • video: hyperv_fb: include vmalloc.h (git-fixes).
  • virtio: virtio_console: fix DMA memory allocation for rproc serial (git-fixes).
  • x86/hyperv: Clarify comment on x2apic mode (git-fixes).
  • x86/i8259: Use printk_deferred() to prevent deadlock (git-fixes).
  • x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1152489).
  • x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (bsc#1152489).
  • x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (bsc#1152489).
  • x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1152489).
  • x86/speculation: Fix prctl() when spectrev2user={seccomp,prctl},ibpb (bsc#1152489).
  • xfs: fix a missing unlock on error in xfsfsmap_blocks (git-fixes).
  • xfs: fix brainos in the refcount scrubber's rmap fragment processor (git-fixes).
  • xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes).
  • xfs: fix rmap key and record comparison functions (git-fixes).
  • xfs: prohibit fs freezing when using empty transactions (bsc#1179442).
  • xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes).
  • xfs: set the unwritten bit in rmap lookup flags in xchkbmapget_rmapextents (git-fixes).
  • xhci: Fix sizeof() mismatch (git-fixes).
  • xhci: hisilicon: fix refercence leak in xhcihistbprobe (git-fixes).
References

Affected packages

SUSE:Real Time Module 15 SP2 / kernel-rt

Package

Name
kernel-rt
Purl
purl:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-19.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-19.1",
            "dlm-kmp-rt": "5.3.18-19.1",
            "kernel-rt-devel": "5.3.18-19.1",
            "cluster-md-kmp-rt": "5.3.18-19.1",
            "kernel-rt_debug-devel": "5.3.18-19.1",
            "kernel-source-rt": "5.3.18-19.1",
            "kernel-rt": "5.3.18-19.1",
            "ocfs2-kmp-rt": "5.3.18-19.1",
            "gfs2-kmp-rt": "5.3.18-19.1",
            "kernel-syms-rt": "5.3.18-19.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-rt_debug

Package

Name
kernel-rt_debug
Purl
purl:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-19.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-19.1",
            "dlm-kmp-rt": "5.3.18-19.1",
            "kernel-rt-devel": "5.3.18-19.1",
            "cluster-md-kmp-rt": "5.3.18-19.1",
            "kernel-rt_debug-devel": "5.3.18-19.1",
            "kernel-source-rt": "5.3.18-19.1",
            "kernel-rt": "5.3.18-19.1",
            "ocfs2-kmp-rt": "5.3.18-19.1",
            "gfs2-kmp-rt": "5.3.18-19.1",
            "kernel-syms-rt": "5.3.18-19.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-source-rt

Package

Name
kernel-source-rt
Purl
purl:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-19.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-19.1",
            "dlm-kmp-rt": "5.3.18-19.1",
            "kernel-rt-devel": "5.3.18-19.1",
            "cluster-md-kmp-rt": "5.3.18-19.1",
            "kernel-rt_debug-devel": "5.3.18-19.1",
            "kernel-source-rt": "5.3.18-19.1",
            "kernel-rt": "5.3.18-19.1",
            "ocfs2-kmp-rt": "5.3.18-19.1",
            "gfs2-kmp-rt": "5.3.18-19.1",
            "kernel-syms-rt": "5.3.18-19.1"
        }
    ]
}

SUSE:Real Time Module 15 SP2 / kernel-syms-rt

Package

Name
kernel-syms-rt
Purl
purl:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-19.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-devel-rt": "5.3.18-19.1",
            "dlm-kmp-rt": "5.3.18-19.1",
            "kernel-rt-devel": "5.3.18-19.1",
            "cluster-md-kmp-rt": "5.3.18-19.1",
            "kernel-rt_debug-devel": "5.3.18-19.1",
            "kernel-source-rt": "5.3.18-19.1",
            "kernel-rt": "5.3.18-19.1",
            "ocfs2-kmp-rt": "5.3.18-19.1",
            "gfs2-kmp-rt": "5.3.18-19.1",
            "kernel-syms-rt": "5.3.18-19.1"
        }
    ]
}