SUSE-SU-2021:0742-1

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.

The following security bug was fixed:

• CVE-2021-3348: Fixed a use-after-free read in nbdqueuerq (bsc#1181504).

The following non-security bugs were fixed:

• ACPI: configfs: add missing check after configfsregisterdefault_group() (git-fixes).
• ACPI: property: Fix fwnode string properties matching (git-fixes).
• ACPI: property: Satisfy kernel doc validator (part 1) (git-fixes).
• ALSA: usb-audio: Fix PCM buffer allocation in non-vmalloc mode (git-fixes).
• arm64: Update config file. Set CONFIGWATCHDOGSYSFS to true (bsc#1182560)
• ASoC: cs42l56: fix up error handling in probe (git-fixes).
• ath9k: fix data bus crash when setting nf_override via debugfs (git-fixes).
• block: fix use-after-free in diskpartiter_next (bsc#1182610).
• Bluetooth: btqcomsmd: Fix a resource leak in error handling paths in the probe function (git-fixes).
• Bluetooth: drop HCI device reference before return (git-fixes).
• Bluetooth: Fix initializing response id after clearing struct (git-fixes).
• Bluetooth: Put HCI device if inquiry procedure interrupts (git-fixes).
• bonding: Fix reference count leak in bondsysfsslave_add (git-fixes).
• bonding: wait for sysfs kobject destruction before freeing struct slave (git-fixes).
• BTRFS: Cleanup tryflushqgroup (bsc#1182047).
• BTRFS: correctly calculate item size used when item key collision happens (bsc#1181996).
• BTRFS: correctly validate compression type (bsc#1182269).
• BTRFS: delete the ordered isize update code (bsc#1181998).
• BTRFS: Do not flush from btrfsdelayedinodereservemetadata (bsc#1182047).
• BTRFS: do not set path->leave_spinning for truncate (bsc#1181998).
• BTRFS: factor out extent dropping code from hole punch handler (bsc#1182038).
• BTRFS: fix cloning range with a hole when using the NO_HOLES feature (bsc#1182038).
• BTRFS: fix data bytesmayuse underflow with fallocate due to failed quota reserve (bsc#1182130)
• BTRFS: fix ENOSPC errors, leading to transaction aborts, when cloning extents (bsc#1182038).
• BTRFS: fix hole extent items with a zero size after range cloning (bsc#1182038).
• BTRFS: fix lost i_size update after cloning inline extent (bsc#1181998).
• BTRFS: fix mount failure caused by race with umount (bsc#1182248).
• BTRFS: Fix race between extent freeing/allocation when using bitmaps (bsc#1181574).
• BTRFS: fix unexpected cow in rundelallocnocow (bsc#1181987).
• BTRFS: fix unexpected failure of nocow buffered writes after snapshotting when low on space (bsc#1181987).
• BTRFS: Free correct amount of space in btrfsdelayedinodereservemetadata (bsc#1182047).
• BTRFS: incremental send, fix file corruption when no-holes feature is enabled (bsc#1182184).
• BTRFS: Introduce extentiotree::owner to distinguish different io_trees (bsc#1181998).
• BTRFS: introduce per-inode file extent tree (bsc#1181998).
• BTRFS: prepare for extensions in compression options (bsc#1182269).
• BTRFS: prop: fix vanished compression property after failed set (bsc#1182269).
• BTRFS: prop: fix zstd compression parameter validation (bsc#1182269).
• BTRFS: Remove btrfsinode from btrfsdelayedinodereserve_metadata (bsc#1182047).
• BTRFS: replace all uses of btrfsorderedupdateisize (bsc#1181998).
• BTRFS: send, allow clone operations within the same file (bsc#1182173)
• BTRFS: send, do not issue unnecessary truncate operations (bsc#1182173)
• BTRFS: send, fix emission of invalid clone operations within the same file (bsc#1182173)
• BTRFS: send, fix incorrect file layout after hole punching beyond eof (bsc#1182173).
• BTRFS: send: fix invalid clone operations when cloning from the same file and root (bsc#1182173)
• BTRFS: send, fix missing truncate for inode with prealloc extent past eof (bsc#1182173).
• BTRFS: send, orphanize first all conflicting inodes when processing references (bsc#1182243 bsc#1182242).
• BTRFS: send, recompute reference path after orphanization of a directory (bsc#1182243).
• BTRFS: Simplify code flow in btrfsdelayedinodereservemetadata (bsc#1182047).
• BTRFS: transaction: Avoid deadlock due to bad initialization timing of fsinfo::journalinfo (bsc#1181931).
• BTRFS: Unlock extents in btrfszerorange in case of errors (bsc#1182047).
• BTRFS: Use bddev to generate index when devstate_hashtable add items (bsc#1181931).
• BTRFS: use btrfsorderedupdateisize in clonefinishinode_update (bsc#1181998).
• BTRFS: use the file extent tree infrastructure (bsc#1181998).
• cifs: report error instead of invalid when revalidating a dentry fails (bsc#1177440).
• dm: avoid filesystem lookup in dmgetdev_t() (bsc#1178049).
• Drivers: hv: vmbus: Avoid use-after-free in vmbusonofferrescind() (git-fixes).
• Exclude Symbols.list again. Removing the exclude builds vanilla/linux-next builds. Fixes: 55877625c800 ('kernel-binary.spec.in: Package the objinstalldir as explicit filelist.')
• ext4: do not remount read-only with errors=continue on reboot (bsc#1182464).
• ext4: fix a memory leak of ext4freedata (bsc#1182447).
• ext4: fix bug for rename with RENAME_WHITEOUT (bsc#1182449).
• ext4: fix deadlock with fs freezing and EA inodes (bsc#1182463).
• ext4: fix superblock checksum failure when setting password salt (bsc#1182465).
• fgraph: Initialize tracinggraphpause at task creation (git-fixes).
• firmware: imx: select SOC_BUS to fix firmware build (git-fixes).
• Fix unsynchronized access to sev members through svmregisterenc_region (bsc#1114648).
• fs: fix lazytime expiration handling in _writebacksingle_inode() (bsc#1182466).
• fs: move IDIRTYINODE to fs.h (bsc#1182612).
• HID: core: detect and skip invalid inputs to snto32() (git-fixes).
• HID: wacom: Ignore attempts to overwrite the touch_max value from HID (git-fixes).
• hwrng: timeriomem - Fix cooldown period calculation (git-fixes).
• ibmvnic: Clear failover_pending if unable to schedule (bsc#1181960 ltc#190997).
• ibmvnic: device remove has higher precedence over reset (bsc#1065729).
• ibmvnic: fix a race between open and reset (bsc#1176855 ltc#187293).
• ibmvnic: fix login buffer memory leak (bsc#1081134 ltc#164631).
• ibmvnic: serialize access to work queue on remove (bsc#1065729).
• ibmvnic: Set to CLOSED state even on error (bsc#1084610 ltc#165122 git-fixes).
• Input: elo - fix an error code in elo_connect() (git-fixes).
• Input: joydev - prevent potential read overflow in ioctl (git-fixes).
• iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
• kABI: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
• kernel-binary.spec: Add back initrd and image symlink ghosts to filelist (bsc#1182140). Fixes: 76a9256314c3 ('rpm/kernel-{source,binary}.spec: do not include ghost symlinks (boo#1179082).')
• kernfs: deal with kernfsfillsuper() failures (bsc#1181809).
• KVM: apic: Flush TLB after APIC mode/address change if VPIDs are in use (bsc#1182302).
• KVM: Fix kABI for setvirtualapic_mode (bsc#1182310).
• KVM: Fix kABI for tlb_flush (bsc#1182195).
• kvm-vmx-Basic-APIC-virtualization-controls-have-thre.patch: (bsc#1182310).
• KVM: VMX: check for existence of secondary exec controls before accessing (bsc#1182438).
• KVM: VMX: hide flexpriority from guest when disabled at the module level (bsc#1182448).
• kvm-vmx-Introduce-lapic_mode-enumeration.patch: (bsc#1182307).
• KVM: x86: emulate RDPID (bsc#1182182).
• KVM: x86: emulating RDPID failure shall return #UD rather than
• KVM: X86: introduce invalidate_gpa argument to tlb flush (bsc#1182195).
• libfs: fix error cast of negative value in simpleattrwrite() (bsc#1179709).
• libnvdimm/dimm: Avoid race between probe and availableslotsshow() (bsc#1170442).
• mac80211: fix potential overflow when multiplying to u32 integers (git-fixes).
• media: cx25821: Fix a bug when reallocating some dma memory (git-fixes).
• media: media/pci: Fix memleak in empress_init (git-fixes).
• media: pwc: Use correct device for DMA (git-fixes).
• media: pxa_camera: declare variable when DEBUG is defined (git-fixes).
• media: qm1d1c0042: fix error return code in qm1d1c0042_init() (git-fixes).
• media: tm6000: Fix memleak in tm6000startstream (git-fixes).
• media: vsp1: Fix an error handling path in the probe function (git-fixes).
• mfd: wm831x-auxadc: Prevent use after free in wm831xauxadcread_irq() (git-fixes).
• misc: eeprom_93xx46: Add module alias to avoid breaking support for non device tree users (git-fixes).
• misc: eeprom_93xx46: Fix module alias to enable module autoprobe (git-fixes).
• mmc: usdhi6rol0: Fix a resource leak in the error handling path of the probe (git-fixes).
• mm/pmem: avoid inserting hugepage PTE entry with fsdax if hugepage support is disabled (bsc#1181896 ltc#191273).
• mm: thp: kABI: move the added flag to the end of enum (bsc#1181896 ltc#191273).
• nbd: Fix memory leak in nbdaddsocket (bsc#1181504).
• net: bcmgenet: add support for ethtool rxnfc flows (git-fixes).
• net: bcmgenet: code movement (git-fixes).
• net: bcmgenet: fix mask check in bcmgenetvalidateflow() (git-fixes).
• net: bcmgenet: Fix WoL with password after deep sleep (git-fixes).
• net: bcmgenet: re-remove bcmgenethfbadd_filter (git-fixes).
• net: bcmgenet: set Rx mode before starting netif (git-fixes).
• net: bcmgenet: use _be16 for htons(ETHP_IP) (git-fixes).
• net: bcmgenet: Use correct I/O accessors (git-fixes).
• net: lpc-enet: fix error return code in lpcmiiinit() (git-fixes).
• net/mlx4_en: Handle TX error CQE (bsc#1181854).
• net: moxa: Fix a potential double 'free_irq()' (git-fixes).
• net: sun: fix missing release regions in casinitone() (git-fixes).
• nvme-multipath: Early exit if no path is available (git-fixes).
• objtool: Do not fail on missing symbol table (bsc#1169514).
• PCI/IOV: Mark VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
• powerpc/book3s64/hash: Add cond_resched to avoid soft lockup warning (bsc#1182571 ltc#191345).
• powerpc: Fix alignment bug within the init sections (bsc#1065729).
• powerpc/perf: Exclude kernel samples while counting events in user space (bsc#1065729).
• powerpc/perf/hv-24x7: Dont create sysfs event files for dummy events (bsc#1182118 ltc#190624).
• powerpc/pseries/dlpar: handle ibm, configure-connector delay status (bsc#1181985 ltc#188074).
• powerpc/pseries/eeh: Make pseriespcibiosbusadddevice() static (bsc#1078720, git-fixes).
• powerpc/pseries: extract host bridge from pci_bus prior to bus removal (bsc#1182171 ltc#190900).
• powerpc/pseries/ras: Make initrashotplug_IRQ() static (bsc#1065729. git-fixes).
• power: reset: at91-sama5d2_shdwc: fix wkupdbc mask (git-fixes).
• ptrace: reintroduce usage of subjective credentials in ptracehascap() (bsc#1163930).
• ptrace: Set PF_SUPERPRIV when checking capability (bsc#1163930).
• quota: Fix error codes in v2readfile_info() (bsc#1182652).
• quota: Fix memory leak when handling corrupted quota file (bsc#1182650).
• quota: Sanity-check quota file headers on load (bsc#1182461).
• regulator: axp20x: Fix reference cout leak (git-fixes).
• reiserfs: add check for an invalid ihentrycount (bsc#1182462).
• reset: hisilicon: correct vendor prefix (git-fixes).
• rpm/post.sh: Avoid purge-kernel for the first installed kernel (bsc#1180058)
• s390/pci: adaptation of iommu to multifunction (bsc#1179612).
• s390/pci: Mark all VFs as not implementing PCICOMMANDMEMORY (bsc#1179612).
• scsi: qla2xxx: Fix description for parameter ql2xenforceiocblimit (bsc#1179142).
• scsi: target: Fix truncated PR-in ReadKeys response (bsc#1182590).
• scsi: target: fix unmapzeroesdata boolean initialisation (bsc#1163617).
• staging: rtl8723bs: wifi_regd.c: Fix incorrect number of regulatory rules (git-fixes).
• tools lib traceevent: Fix 'robust' test of dogeneratedynamiclistfile (git-fixes).
• tpm_tis: Clean up locality release (git-fixes).
• tpmtis: Fix checklocality for correct locality acquisition (git-fixes).
• tracing: Check length before giving out the filter buffer (git-fixes).
• tracing: Do not count ftrace events in top level enable output (git-fixes).
• USB: cdc-acm: blacklist another IR Droid device (git-fixes).
• USB: dwc2: Abort transaction after errors with unknown reason (git-fixes).
• USB: dwc2: Make 'trimming xfer length' a debug message (git-fixes).
• USB: musb: Fix runtime PM race in mUSBqueueresume_work (git-fixes).
• USB: serial: cp210x: add new VID/PID for supporting Teraoka AD2000 (git-fixes).
• USB: serial: cp210x: add pid/vid for WSDA-200-USB (git-fixes).
• USB: serial: mos7720: fix error code in mos7720_write() (git-fixes).
• USB: serial: mos7720: improve OOM-handling in readmosreg() (git-fixes).
• USB: serial: mos7840: fix error code in mos7840_write() (git-fixes).
• USB: serial: option: Adding support for Cinterion MV31 (git-fixes).
• USB: serial: option: add LongSung M5710 module support (git-fixes).
• USB: uas: Add PNY USB Portable SSD to unusual_uas (git-fixes).
• USB: usblp: fix DMA to stack (git-fixes).
• vfio/pci: Decouple PCICOMMANDMEMORY bit checks from is_virtfn (bsc#1179612).
• vmxnet3: Remove buf_info from device accessible structures (bsc#1181671).
• writeback: Drop IDIRTYTIME_EXPIRE (bsc#1182460).
• x86/apic: Add extra serialization for non-serializing MSRs (bsc#1114648).
• x86/efistub: Disable paging at mixed mode entry (bsc#1114648).
• x86/entry/64/compat: Fix 'x86/entry/64/compat: Preserve r8-r11 in int $0x80' (bsc#1114648).
• x86/entry/64/compat: Preserve r8-r11 in int $0x80 (bsc#1114648).
• x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1114648).
• x86/resctrl: Remove unused struct mbmstate::chunksbw (bsc#1114648).
• xen-blkfront: allow discard-* nodes to be optional (bsc#1181346).
• xen/netback: avoid race in xenvifrxringslotsavailable() (bsc#1065600).
• xen/netback: fix spurious event detection for common event case (bsc#1182175).
• xfs: reduce quota reservation when doing a dax unwritten extent conversion (git-fixes bsc#1182561).
• xhci: fix bounce buffer usage for non-sg list case (git-fixes).