SUSE-SU-2022:4503-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20224503-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:4503-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2022:4503-1
Related
Published
2022-12-16T12:28:13Z
Modified
2022-12-16T12:28:13Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4378: Fixed stack overflow in _doproc_dointvec (bsc#1206207).
  • CVE-2022-3635: Fixed a use-after-free in the tst_timer() of the file drivers/atm/idt77252.c of the component IPsec (bsc#1204631).
  • CVE-2022-41850: Fixed a race condition in roccatreportevent() in drivers/hid/hid-roccat.c (bsc#1203960).
  • CVE-2022-45934: Fixed a integer wraparound via L2CAPCONFREQ packets in l2capconfigreq in net/bluetooth/l2cap_core.c (bsc#1205796).
  • CVE-2022-3628: Fixed potential buffer overflow in brcmffwehevent_worker() in wifi/brcmfmac (bsc#1204868).
  • CVE-2022-3567: Fixed a to race condition in inet6streamops()/inet6dgramops() of the component IPv6 Handler (bsc#1204414).
  • CVE-2022-41858: Fixed a denial of service in sltxtimeout() in drivers/net/slip (bsc#1205671).
  • CVE-2022-43945: Fixed a buffer overflow in the NFSD implementation (bsc#1205128).
  • CVE-2022-4095: Fixed a use-after-free in rtl8712 driver (bsc#1205514).
  • CVE-2022-3903: Fixed a denial of service with the Infrared Transceiver USB driver (bsc#1205220).
  • CVE-2022-2602: Fixed a local privilege escalation vulnerability involving Unix socket Garbage Collection and io_uring (bsc#1204228).
  • CVE-2022-4139: Fixed an issue with the i915 driver that allowed the GPU to access any physical memory (bsc#1205700).
  • CVE-2022-4129: Fixed a denial of service with the Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. (bsc#1205711)
  • CVE-2022-42895: Fixed an information leak in the net/bluetooth/l2capcore.c's l2capparseconfreq() which can be used to leak kernel pointers remotely (bsc#1205705).
  • CVE-2022-42896: Fixed a use-after-free vulnerability in the net/bluetooth/l2capcore.c's l2capconnect() and l2capleconnect_req() which may have allowed code execution and leaking kernel memory (respectively) remotely via Bluetooth (bsc#1205709).
  • CVE-2022-3707: Fixed a double free in the Intel GVT-g graphics driver (bsc#1204780).

The following non-security bugs were fixed:

  • ALSA: hda/ca0132: add quirk for EVGA Z390 DARK (git-fixes).
  • ALSA: hda: fix potential memleak in 'addwidgetnode' (git-fixes).
  • ALSA: usb-audio: Add DSD support for Accuphase DAC-60 (git-fixes).
  • ALSA: usb-audio: Add quirk entry for M-Audio Micro (git-fixes).
  • ALSA: usb-audio: Drop sndBUGON() from sndusbmidioutput_open() (git-fixes).
  • ASoC: codecs: jz4725b: Fix spelling mistake 'Sourc' -> 'Source', 'Routee' -> 'Route' (git-fixes).
  • ASoC: codecs: jz4725b: add missed Line In power control bit (git-fixes).
  • ASoC: codecs: jz4725b: fix capture selector naming (git-fixes).
  • ASoC: codecs: jz4725b: fix reported volume for Master ctl (git-fixes).
  • ASoC: codecs: jz4725b: use right control for Capture Volume (git-fixes).
  • ASoC: core: Fix use-after-free in sndsocexit() (git-fixes).
  • ASoC: max98373: Add checks for devm_kcalloc (git-fixes).
  • ASoC: soc-utils: Remove _exit for sndsocutilexit() (git-fixes).
  • ASoC: wm5102: Revert 'ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe' (git-fixes).
  • ASoC: wm5110: Revert 'ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe' (git-fixes).
  • ASoC: wm8962: Add an event handler for TEMPHP and TEMPSPK (git-fixes).
  • ASoC: wm8997: Revert 'ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe' (git-fixes).
  • Bluetooth: L2CAP: Fix attempting to access uninitialized memory (git-fixes).
  • Bluetooth: L2CAP: Fix l2capglobalchanbypsm (git-fixes).
  • Bluetooth: L2CAP: Fix use-after-free caused by l2capreassemblesdu (git-fixes).
  • Do not enable CONFIGATARIPARTITION (jsc#PED-1573)
  • Drivers: hv: vmbus: Add /sys/bus/vmbus/hibernation (git-fixes).
  • Drivers: hv: vmbus: Add VMbus IMC device to unsupported list (git-fixes).
  • Drivers: hv: vmbus: Add vmbus_requestor data structure for VMBus hardening (bsc#1204017).
  • Drivers: hv: vmbus: Drop error message when 'No request id available' (bsc#1204017).
  • Drivers: hv: vmbus: Fix duplicate CPU assignments within a device (git-fixes).
  • Drivers: hv: vmbus: Fix handling of messages with transaction ID of zero (bsc#1204017).
  • Drivers: hv: vmbus: Fix memory leak in vmbusaddchannel_kobj (git-fixes).
  • Drivers: hv: vmbus: Fix potential crash on module unload (git-fixes).
  • Drivers: hv: vmbus: Introduce vmbusrequestaddr_match() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce vmbussendpacketgetid() (bsc#1204017).
  • Drivers: hv: vmbus: Introduce {lock,unlock}_requestor() (bsc#1204017).
  • Drivers: hv: vmbus: Prevent load re-ordering when reading ring buffer (git-fixes).
  • Drivers: hv: vmbus: Remove unused linux/version.h header (git-fixes).
  • Drivers: hv: vmbus: Replace smpstoremb() with virtstoremb() (git-fixes).
  • Drivers: hv: vmbus: fix double free in the error path of vmbusaddchannel_work() (git-fixes).
  • Drivers: hv: vmbus: fix possible memory leak in vmbusdeviceregister() (git-fixes).
  • Drivers: hv: vmbus: remove unused function (git-fixes).
  • HID: saitek: add madcatz variant of MMO7 mouse device ID (git-fixes).
  • Input: i8042 - fix leaking of platform device on module removal (git-fixes).
  • Input: iforce - invert valid length check when fetching device IDs (git-fixes).
  • KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support (git-fixes).
  • KVM: nVMX: Invalidate all EPTP contexts when emulating INVEPT for L1 (git-fixes).
  • KVM: nVMX: Validate the EPTP when emulating INVEPT(EXTENT_CONTEXT) (git-fixes).
  • KVM: nVMX: clear PINBASEDPOSTEDINTR from nested pinbasedctls only when apicv is globally disabled (git-fixes).
  • KVM: s390: Add a routine for setting userspace CPU state (git-fixes).
  • KVM: s390: Fix handle_sske page fault handling (git-fixes).
  • KVM: s390: Simplify SIGP Set Arch handling (git-fixes).
  • KVM: s390: get rid of register asm usage (git-fixes).
  • KVM: s390: pv: avoid stalls when making pages secure (git-fixes).
  • KVM: s390: pv: do not allow userspace to set the clock under PV (git-fixes).
  • KVM: s390: pv: leak the topmost page table when destroy fails (git-fixes).
  • KVM: s390: reduce number of IO pins to 1 (git-fixes).
  • NFC: nci: fix memory leak in ncirxdata_packet() (git-fixes).
  • NFS: Refactor nfs_instantiate() for dentry referencing callers (bsc#1204215).
  • NFSv3: use nfsaddor_obtain() to create and reference inodes (bsc#1204215).
  • PCI: hv: Add check for hypervinitialized in inithvpcidrv() (bsc#1204446).
  • PCI: hv: Add validation for untrusted Hyper-V values (git-fixes).
  • PCI: hv: Drop msi_controller structure (bsc#1204446).
  • PCI: hv: Fix a race condition when removing the device (bsc#1204446).
  • PCI: hv: Fix sleep while in non-sleep context when removing child devices from the bus (bsc#1204446).
  • PCI: hv: Fix synchronization between channel callback and hvcomposemsi_msg() (bsc#1204017).
  • PCI: hv: Fix synchronization between channel callback and hvpcibus_exit() (bsc#1204017).
  • PCI: hv: Fix the definition of vector in hvcomposemsi_msg() (bsc#1200845).
  • PCI: hv: Fix typo (bsc#1204446).
  • PCI: hv: Remove bus device removal unused refcount/functions (bsc#1204446).
  • PCI: hv: Remove unnecessary use of %hx (bsc#1204446).
  • PCI: hv: Support for create interrupt v3 (bsc#1204446).
  • PCI: hv: Use PCIERRORRESPONSE to identify config read errors (bsc#1204446).
  • PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening (bsc#1204017).
  • RDMA/core/sa_query: Remove unused argument (git-fixes)
  • RDMA/hns: Fix spelling mistakes of original (git-fixes)
  • RDMA/qedr: Add support for user mode XRC-SRQ's (git-fixes)
  • RDMA/qedr: Fix reporting max{send/recv}wr attrs (git-fixes)
  • RDMA/qedr: Remove unsupported qedrresizecq callback (git-fixes)
  • RDMA/rxe: Fix memory leak in error path code (git-fixes)
  • SCSI: scsiprobelun: retry INQUIRY after timeout (bsc#1189297).
  • USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM (git-fixes).
  • USB: serial: option: add Fibocom FM160 0x0111 composition (git-fixes).
  • USB: serial: option: add Sierra Wireless EM9191 (git-fixes).
  • USB: serial: option: add u-blox LARA-L6 modem (git-fixes).
  • USB: serial: option: add u-blox LARA-R6 00B modem (git-fixes).
  • USB: serial: option: remove old LARA-R6 PID (git-fixes).
  • USB: serial: option: remove old LARA-R6 PID.
  • Xen/gntdev: do not ignore kernel unmapping error (git-fixes).
  • add another bug reference to some hyperv changes (bsc#1205617).
  • arm/xen: Do not probe xenbus as part of an early initcall (git-fixes).
  • arm64: dts: imx8mm: Fix NAND controller size-cells (git-fixes)
  • arm64: dts: juno: Add thermal critical trip points (git-fixes)
  • ata: libata-transport: fix double atahostput() in atatportadd() (git-fixes).
  • ata: libata-transport: fix error handling in atatdevadd() (git-fixes).
  • ata: libata-transport: fix error handling in atatlinkadd() (git-fixes).
  • ata: libata-transport: fix error handling in atatportadd() (git-fixes).
  • ata: patalegacy: fix pdc20230set_piomode() (git-fixes).
  • blk-crypto: fix check for too-large dun_bytes (git-fixes).
  • blk-mq: Properly init requests from blkmqallocrequesthctx() (git-fixes).
  • blk-mq: do not create hctx debugfs dir until q->debugfs_dir is created (git-fixes).
  • blk-wbt: call rqqosadd() after wb_normal is initialized (git-fixes).
  • blktrace: Trace remapped requests correctly (git-fixes).
  • block-map: add _GFPZERO flag for allocpage in function biocopy_kern (git-fixes).
  • block: Add a helper to validate the block size (git-fixes).
  • block: assign bibdev for cloned bios in blkrqprepclone (bsc#1204328).
  • block: ataflop: fix breakage introduced at blk-mq refactoring (git-fixes).
  • block: ataflop: more blk-mq refactoring fixes (git-fixes).
  • block: fix infinite loop for invalid zone append (git-fixes).
  • block: limit request dispatch loop duration (git-fixes).
  • block: nbd: add sanity check for first_minor (git-fixes).
  • block: use 'unsigned long' for blkvalidateblock_size() (git-fixes).
  • bus: sunxi-rsb: Support atomic transfers (git-fixes).
  • can: cc770: cc770isaprobe(): add missing free_cc770dev() (git-fixes).
  • can: sja1000isa: sja1000isaprobe(): add missing freesja1000dev() (git-fixes).
  • capabilities: fix undefined behavior in bit shift for CAPTOMASK (git-fixes).
  • ceph: allow ceph.dir.rctime xattr to be updatable (bsc#1205989).
  • ceph: do not access the kiocb after aio requests (bsc#1205984).
  • ceph: fix fscache invalidation (bsc#1205985).
  • ceph: lockdep annotations for trynonblockinginvalidate (bsc#1205988).
  • ceph: remove bogus checks and WARNONs from cephsetpagedirty (bsc#1205986).
  • ceph: request Fw caps before updating the mtime in cephwriteiter (bsc#1205987).
  • cifs: skip extra NULL byte in filenames (bsc#1204791).
  • dm era: commit metadata in postsuspend after worker stops (git-fixes).
  • dm integrity: set journal entry unused when shrinking device (git-fixes).
  • dm mirror log: clear log bits up to BITSPERLONG boundary (git-fixes).
  • dm mpath: only use ktimegetns() in historical selector (git-fixes).
  • dm raid: fix accesses beyond end of raid member array (git-fixes).
  • dm raid: fix address sanitizer warning in raid_resume (git-fixes).
  • dm raid: fix address sanitizer warning in raid_status (git-fixes).
  • dm thin: fix use-after-free crash in dmsmregisterthresholdcallback (git-fixes).
  • dm verity fec: fix misaligned RS roots IO (git-fixes).
  • dm writecache: fix writing beyond end of underlying device when shrinking (git-fixes).
  • dm writecache: return the exact table values that were set (git-fixes).
  • dm writecache: set a default MAXWRITEBACKJOBS (git-fixes).
  • dm: fix request-based DM to not bounce through indirect dmsubmitbio (git-fixes).
  • dm: remove special-casing of bio-based immutable singleton target on NVMe (git-fixes).
  • dm: return early from dmprcall() if DM device is suspended (git-fixes).
  • dma-buf: fix racing conflict of dmaheapadd() (git-fixes).
  • dmaengine: athdmac: Check return code of dmaasyncdeviceregister (git-fixes).
  • dmaengine: at_hdmac: Do not allow CPU to reorder channel enable (git-fixes).
  • dmaengine: athdmac: Do not start transactions at txsubmit level (git-fixes).
  • dmaengine: athdmac: Fix atlli struct definition (git-fixes).
  • dmaengine: at_hdmac: Fix completion of unissued descriptor in case of errors (git-fixes).
  • dmaengine: at_hdmac: Fix impossible condition (git-fixes).
  • dmaengine: mvxorv2: Fix a resource leak in mvxorv2_remove() (git-fixes).
  • dmaengine: pxadma: use platformgetirqoptional (git-fixes).
  • drivers/hv: remove obsolete TODO and fix misleading typo in comment (git-fixes).
  • drivers: hv: Fix EXPORT_SYMBOL and tab spaces issue (git-fixes).
  • drivers: hv: Fix hypervrecordpanic_msg path on comment (git-fixes).
  • drivers: hv: Fix missing error code in vmbus_connect() (git-fixes).
  • drivers: hv: vmbus: Fix call msleep using < 20ms (git-fixes).
  • drivers: hv: vmbus: Fix checkpatch LINE_SPACING (git-fixes).
  • drivers: hv: vmbus: Fix checkpatch SPLIT_STRING (git-fixes).
  • drivers: hv: vmbus: Replace symbolic permissions by octal permissions (git-fixes).
  • drivers: net: slip: fix NPD bug in sltxtimeout() (git-fixes).
  • drm/drv: Fix potential memory leak in drmdevinit() (git-fixes).
  • drm/i915/dmabuf: fix sgtable handling in mapdma_buf (git-fixes).
  • drm/i915/sdvo: Filter out invalid outputs more sensibly (git-fixes).
  • drm/i915/sdvo: Setup DDC fully before output init (git-fixes).
  • drm/imx: imx-tve: Fix return type of imxtveconnectormodevalid (git-fixes).
  • drm/panel: simple: set bpc field for logic technologies displays (git-fixes).
  • drm/rockchip: dsi: Force synchronous probe (git-fixes).
  • drm/vc4: Fix missing platformunregisterdrivers() call in vc4drmregister() (git-fixes).
  • drm: Fix potential null-ptr-deref in drmvblankdestroy_worker() (git-fixes).
  • fbdev: smscufx: Fix several use-after-free bugs (git-fixes).
  • firmware: arm_scmi: Suppress the driver's bind attributes (git-fixes).
  • ftrace: Fix char print issue in printipins() (git-fixes).
  • ftrace: Fix null pointer dereference in ftraceaddmod() (git-fixes).
  • ftrace: Fix the possible incorrect kernel message (git-fixes).
  • ftrace: Fix use-after-free for dynamic ftrace_ops (git-fixes).
  • ftrace: Optimize the allocation for mcount entries (git-fixes).
  • ftrace: Properly unset FTRACEHASHFL_MOD (git-fixes).
  • fuse: add file_modified() to fallocate (bsc#1205330).
  • fuse: fix readdir cache race (bsc#1205329).
  • hamradio: fix issue of dev reference count leakage in bpqdeviceevent() (git-fixes).
  • hv: hyperv.h: Remove unused inline functions (git-fixes).
  • hv_netvsc: Add a comment clarifying batching logic (git-fixes).
  • hvnetvsc: Add check for kvmallocarray (git-fixes).
  • hv_netvsc: Add error handling while switching data path (bsc#1204850).
  • hvnetvsc: Allocate the recvbuf buffers after NVSPMSG1TYPESENDRECV_BUF (git-fixes).
  • hv_netvsc: Check VF datapath when sending traffic to VF (git-fixes).
  • hv_netvsc: Fix potential dereference of NULL pointer (git-fixes).
  • hv_netvsc: Fix race between VF offering and VF association message from host (bsc#1204850).
  • hvnetvsc: Print value of invalid ID in netvscsend{completion,txcomplete}() (git-fixes).
  • hvnetvsc: Process NETDEVGOING_DOWN on VF hot remove (bsc#1204850).
  • hvnetvsc: Use bitmapzalloc() when applicable (git-fixes).
  • hvnetvsc: Use vmbusrequestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • hv_netvsc: Validate number of allocated sub-channels (git-fixes).
  • hvnetvsc: Wait for completion on request SWITCHDATA_PATH (bsc#1204017).
  • hvnetvsc: use netifisbondmaster() instead of open code (git-fixes).
  • hvutils: Fix passing zero to 'PTRERR' warning (git-fixes).
  • hwmon: (coretemp) Check for null before removing sysfs attrs (git-fixes).
  • hwmon: (coretemp) fix pci device refcount leak in nv1aramnew() (git-fixes).
  • hwmon: (i5500temp) fix missing pcidisable_device() (git-fixes).
  • hwmon: (ibmpex) Fix possible UAF when ibmpexregisterbmc() fails (git-fixes).
  • i2c: i801: add lis3lv02d's I2C address for Vostro 5568 (git-fixes).
  • ibmvnic: Free rwi on reset success (bsc#1184350 ltc#191533 git-fixes).
  • iio: adc: at91adc: fix possible memory leak in at91adcallocatetrigger() (git-fixes).
  • iio: core: Fix entry not deleted when iioregisterswtriggertype() fails (git-fixes).
  • iio: health: afe4403: Fix oob read in afe4403readraw (git-fixes).
  • iio: health: afe4404: Fix oob read in afe4404[read|write]raw (git-fixes).
  • iio: light: apds9960: fix wrong register for gesture gain (git-fixes).
  • iio: light: rpr0521: add missing Kconfig dependencies (git-fixes).
  • iio: pressure: ms5611: changed hardcoded SPI speed to value limited (git-fixes).
  • iio: trigger: sysfs: fix possible memory leak in iiosysfstrig_init() (git-fixes).
  • isdn: mISDN: netjet: fix wrong check of device registration (git-fixes).
  • iwlwifi: dbg: disable ini debug in 9000 family and below (git-fixes).
  • kABI: Fix after adding traceiterator.waitindex (git-fixes).
  • kABI: remove new member of usbip_device (git-fixes).
  • kabi: fix transportadddevice change (git-fixes).
  • kexec: turn all kexec_mutex acquisitions into trylocks (git-fixes).
  • kvm: nVMX: reflect MTF VM-exits if injected by L1 (git-fixes).
  • loop: Check for overflow while configuring loop (git-fixes).
  • mISDN: fix misuse of putdevice() in mISDNregister_device() (git-fixes).
  • mISDN: fix possible memory leak in mISDNdspelement_register() (git-fixes).
  • mISDN: fix possible memory leak in mISDNregisterdevice() (git-fixes).
  • md/raid5: Ensure stripe_fill happens on non-read IO with journal (git-fixes).
  • md: Replace snprintf with scnprintf (git-fixes).
  • media: dvb-frontends/drxk: initialize err to 0 (git-fixes).
  • media: meson: vdec: fix possible refcount leak in vdec_probe() (git-fixes).
  • media: v4l2: Fix v4l2i2csubdevsetname function documentation (git-fixes).
  • media: venus: dec: Handle the case where find_format fails (git-fixes).
  • media: vim2m: initialize the media device earlier (git-fixes).
  • media: vivid: fix assignment of dev->fbufoutflags (git-fixes).
  • misc/vmwvmci: fix an infoleak in vmcihostdoreceive_datagram() (git-fixes).
  • mmc: core: properly select voltage range without power cycle (git-fixes).
  • mmc: cqhci: Provide helper for resetting both SDHCI and CQHCI (git-fixes).
  • mmc: sdhci-of-arasan: Fix SDHCIRESETALL for CQHCI (git-fixes).
  • mmc: sdhci-pci-o2micro: fix card detect fail issue caused by CD# debounce timeout (git-fixes).
  • mmc: sdhci-pci: Fix possible memory leak caused by missing pcidevput() (git-fixes).
  • nbd: Fix use-after-free in pid_show (git-fixes).
  • nbd: fix possible overflow for 'firstminor' in nbddev_add() (git-fixes).
  • nbd: fix possible overflow on 'firstminor' in nbddev_add() (git-fixes).
  • nbd: handle device refs for DESTROYONDISCONNECT properly (git-fixes).
  • net/x25: Fix skb leak in x25lapbreceive_frame() (git-fixes).
  • net: ethernet: nixge: fix NULL dereference (git-fixes).
  • net: ethernet: renesas: ravb: Fix promiscuous mode after system resumed (git-fixes).
  • net: hyperv: remove use of bpfopt (git-fixes).
  • net: netvsc: remove break after return (git-fixes).
  • net: phy: fix null-ptr-deref while probe() failed (git-fixes).
  • net: thunderbolt: Fix error handling in tbnet_init() (git-fixes).
  • net: usb: qmi_wwan: Set DTR quirk for MR400 (git-fixes).
  • net: usb: qmiwwan: restore mtu min/max values after rawip switch (git-fixes).
  • nfc/nci: fix race with opening and closing (git-fixes).
  • nfc: nfcmrvl: Fix potential memory leak in nfcmrvli2cnci_send() (git-fixes).
  • nfc: s3fwrn5: Fix potential memory leak in s3fwrn5ncisend() (git-fixes).
  • nfc: st-nci: fix incorrect validating logic in EVT_TRANSACTION (git-fixes).
  • nfc: st-nci: fix memory leaks in EVT_TRANSACTION (git-fixes).
  • nfsd: set the server_scope during service startup (bsc#1203746).
  • null_blk: Fail zone append to conventional zones (git-fixes).
  • null_blk: synchronization fix for zoned device (git-fixes).
  • nvmem: core: Check input parameter for NULL in nvmem_unregister() (bsc#1204241).
  • panic, kexec: make _crashkexec() NMI safe (git-fixes).
  • parport_pc: Avoid FIFO port location truncation (git-fixes).
  • phy: stm32: fix an error code in probe (git-fixes).
  • pinctrl: devicetree: fix null pointer dereferencing in pinctrldtto_map (git-fixes).
  • platform/x86: hp_wmi: Fix rfkill causing soft blocked wifi (git-fixes).
  • powerpc/boot: Explicitly disable usage of SPE instructions (bsc#1156395).
  • powerpc/kvm: Fix kvmusemagic_page (bsc#1156395).
  • printk: add missing memory barrier to wakeupklogd() (bsc#1204934).
  • printk: use atomic updates for klogd work (bsc#1204934).
  • printk: wake waiters for safe and NMI contexts (bsc#1204934).
  • r8152: Add MAC passthrough support to new device (git-fixes).
  • r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
  • r8152: use new helper tcpv6gsocsumprep (git-fixes).
  • rbd: fix possible memory leak in rbdsysfsinit() (git-fixes).
  • regulator: core: fix UAF in destroy_regulator() (git-fixes).
  • regulator: core: fix kobject release warning and memory leak in regulator_register() (git-fixes).
  • regulator: twl6030: re-add TWL6032_SUBCLASS (git-fixes).
  • ring-buffer: Add ringbufferwake_waiters() (git-fixes).
  • ring-buffer: Allow splice to read previous partially read pages (git-fixes).
  • ring-buffer: Check for NULL cpubuffer in ringbufferwakewaiters() (git-fixes).
  • ring-buffer: Check pending waiters when doing wake ups as well (git-fixes).
  • ring-buffer: Fix race between reset page and reading page (git-fixes).
  • ring-buffer: Have the shortest_full queue be the shortest not longest (git-fixes).
  • ring-buffer: Include dropped pages in counting dirty patches (git-fixes).
  • ring_buffer: Do not deactivate non-existant pages (git-fixes).
  • rndis_host: increase sleep time in the query-response loop (git-fixes).
  • rtc: mt6397: fix alarm register overwrite (git-fixes).
  • s390/boot: fix absolute zero lowcore corruption on boot (git-fixes).
  • s390/cpcmd: fix inline assembly register clobbering (git-fixes).
  • s390/dasd: fix Oops in dasdaliasgetstartdev due to missing pavgroup (git-fixes).
  • s390/disassembler: increase ebpf disasm buffer size (git-fixes).
  • s390/futex: add missing EXTABLE entry to _futexatomicop() (bsc#1205428 LTC#200501).
  • s390/hugetlb: fix preparehugepagerange() check for 2 GB hugepages (bsc#1203144 LTC#199881).
  • s390/mm: use non-quiescing sske for KVM switch to keyed guest (git-fixes).
  • s390/pci: add missing EXTABLE entries to pcistgmioinuser()/pcilgmio_inuser() (git-fixes).
  • s390/ptrace: return -ENOSYS when invalid syscall is supplied (git-fixes).
  • s390/uaccess: add missing EXTABLE entries to _clearuser(), copyinusermvcos(), copyinusermvc(), clearuserxc() and _strnlen_user() (bsc#1205428 LTC#200501).
  • s390/vtime: fix inline assembly clobber list (git-fixes).
  • s390/zcore: fix race when reading from hardware system area (git-fixes).
  • s390/zcrypt: fix zcard and zqueue hot-unplug memleak (git-fixes).
  • s390: Remove archhasrandom, archhasrandom_seed (git-fixes).
  • s390: fix double free of GS and RI CBs on fork() failure (git-fixes).
  • s390: fix nospec table alignments (git-fixes).
  • s390: mark _cpacfquery() as _alwaysinline (git-fixes).
  • scsi: bsg: Remove support for SCSIIOCTLSEND_COMMAND (git-fixes).
  • scsi: drivers: base: Propagate errors through the transport component (git-fixes).
  • scsi: drivers: base: Support atomic version of attributecontainerdevice_trigger (git-fixes).
  • scsi: ibmvfc: Avoid path failures during live migration (bsc#1065729 bsc#1204810 ltc#200162).
  • scsi: ibmvscsis: Increase INITIALSRPLIMIT to 1024 (bsc#1156395).
  • scsi: lpfc: Create a sysfs entry called lpfcxcvrdata for transceiver info (bsc#1204957).
  • scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (bsc#1204957).
  • scsi: lpfc: Fix memory leak in lpfccreateport() (bsc#1204957).
  • scsi: lpfc: Fix spelling mistake 'unsolicted' -> 'unsolicited' (bsc#1204957).
  • scsi: lpfc: Log when congestion management limits are in effect (bsc#1204957).
  • scsi: lpfc: Set sli4_param's cmf option to zero when CMF is turned off (bsc#1204957).
  • scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
  • scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
  • scsi: qla2xxx: Fix serialization of DCBX TLV data request (bsc#1204963).
  • scsi: qla2xxx: Use transport-defined speed mask for supported_speeds (bsc#1204963).
  • scsi: scsitransportsas: Fix error handling in sasphyadd() (git-fixes).
  • scsi: storvsc: Correctly handle multiple flags in srb_status (git-fixes).
  • scsi: storvsc: Drop DIDTARGETFAILURE use (git-fixes).
  • scsi: storvsc: Fix handling of srb_status and capacity change events (git-fixes).
  • scsi: storvsc: Fix maxoutstandingreqperchannel for Win8 and newer (bsc#1204017).
  • scsi: storvsc: Fix validation for unsolicited incoming packets (bsc#1204017).
  • scsi: storvsc: Log TESTUNITREADY errors as warnings (git-fixes).
  • scsi: storvsc: Miscellaneous code cleanups (git-fixes).
  • scsi: storvsc: Parameterize number hardware queues (git-fixes).
  • scsi: storvsc: Remove WQMEMRECLAIM from storvscerrorwq (git-fixes).
  • scsi: storvsc: Resolve data race in storvsc_probe() (bsc#1204017).
  • scsi: storvsc: Return DID_ERROR for invalid commands (git-fixes).
  • scsi: storvsc: Update error logging (git-fixes).
  • scsi: storvsc: Use blkmqunique_tag() to generate requestIDs (bsc#1204017).
  • scsi: storvsc: Use scsicmdtorq() instead of scsicmnd.request (git-fixes).
  • scsi: storvsc: Use vmbus_requestor to generate transaction IDs for VMBus hardening (bsc#1204017).
  • scsi: storvsc: Validate length of incoming packet in storvsconchannel_callback() (bsc#1204017).
  • scsi: zfcp: Fix double free of FSF request when qdio send fails (git-fixes).
  • scsi: zfcp: Fix missing auto port scan and thus missing target ports (git-fixes).
  • serial: 8250: Fall back to non-DMA Rx if IIR_RDI occurs (git-fixes).
  • serial: 8250: omap: Fix unpaired pmruntimeputsync() in omap8250remove() (git-fixes).
  • serial: 8250: omap: Flush PM QOS work on remove (git-fixes).
  • serial: 8250_lpss: Configure DMA also w/o DMA filter (git-fixes).
  • serial: 8250_omap: remove wait loop from Errata i202 workaround (git-fixes).
  • serial: imx: Add missing .thaw_noirq hook (git-fixes).
  • siox: fix possible memory leak in sioxdeviceadd() (git-fixes).
  • slimbus: stream: correct presence rate frequencies (git-fixes).
  • spi: spi-imx: Fix spibusclk if requested clock is higher than input clock (git-fixes).
  • spi: stm32: Print summary 'callbacks suppressed' message (git-fixes).
  • staging: greybus: light: fix a couple double frees (git-fixes).
  • swiotlb-xen: use vmalloctopage on vmalloc virt addresses (git-fixes).
  • tracing/ring-buffer: Have polling block on watermark (git-fixes).
  • tracing: Add ioctl() to force ring buffer waiters to wake up (git-fixes).
  • tracing: Disable interrupt or preemption before acquiring archspinlockt (git-fixes).
  • tracing: Do not free snapshot if tracer is on cmdline (git-fixes).
  • tracing: Fix wild-memory-access in registersynthevent() (git-fixes).
  • tracing: Simplify conditional compilation code in tracingsettracer() (git-fixes).
  • tracing: Wake up ring buffer waiters on closing of the file (git-fixes).
  • tracing: Wake up waiters when tracing is disabled (git-fixes).
  • usb: add NO_LPM quirk for Realforce 87U Keyboard (git-fixes).
  • usb: chipidea: fix deadlock in ciotgdel_timer (git-fixes).
  • usb: dwc3: exynos: Fix remove() function (git-fixes).
  • usb: dwc3: fix PHY disable sequence (git-fixes).
  • usb: dwc3: gadget: Clear ep descriptor last (git-fixes).
  • usb: dwc3: gadget: Fix null pointer exception (git-fixes).
  • usb: dwc3: qcom: fix runtime PM wakeup.
  • usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup (git-fixes).
  • usb: xhci: add XHCISPURIOUSSUCCESS to ASM1042 despite being a V0.96 controller (git-fixes).
  • usbip: add sysfs_lock to synchronize sysfs code paths (git-fixes).
  • usbip: stub-dev synchronize sysfs code paths (git-fixes).
  • usbip: stub_dev: remake locking for kABI (git-fixes).
  • usbip: synchronize event handler with sysfs code paths (git-fixes).
  • usbip: usbip_event: use global lock (git-fixes).
  • usbip: vudc synchronize sysfs code paths (git-fixes).
  • usbip: vudc_sysfs: use global lock (git-fixes).
  • use _netdevnotify_peers in hyperv (git-fixes).
  • v3 of 'PCI: hv: Only reuse existing IRTE allocation for Multi-MSI'
  • v3 of 'PCI: hv: Only reuse existing IRTE allocation for Multi-MSI' (bsc#1200845)
  • vfio/ccw: Do not change FSM state in subchannel event (git-fixes).
  • virtio-blk: Do not use MAXDISCARDSEGMENTS if maxdiscardseg is zero (git-fixes).
  • virtio-blk: Use blkvalidateblock_size() to validate block size (git-fixes).
  • virtioblk: eliminate anonymous moduleinit & module_exit (git-fixes).
  • virtioblk: fix the discardgranularity and discard_alignment queue limits (git-fixes).
  • vmlinux.lds.h: Fix placement of '.data..decrypted' section (git-fixes).
  • wifi: cfg80211: fix buffer overflow in elem comparison (git-fixes).
  • wifi: cfg80211: fix memory leak in queryregdbfile() (git-fixes).
  • wifi: cfg80211: silence a sparse RCU warning (git-fixes).
  • wifi: mac8021: fix possible oob access in ieee80211getrate_duration (git-fixes).
  • workqueue: do not skip lockdep work dependency in cancelworksync() (bsc#1204967).
  • x86/cpu: Restore AMD's DE_CFG MSR after resume (bsc#1205473).
  • x86/hyperv: Output host build info as normal Windows version number (git-fixes).
  • x86/hyperv: check cpu mask after interrupt has been disabled (git-fixes).
  • x86/kexec: Fix double-free of elf header buffer (bsc#1205567).
  • x86/microcode/AMD: Apply the patch early on every logical thread (bsc#1205264).
  • x86/xen: Add xennovector_callback option to test PCI INTX delivery (git-fixes).
  • x86/xen: Distribute switch variables for initialization (git-fixes).
  • x86/xen: do not unbind uninitialized lockkickerirq (git-fixes).
  • xen-blkback: prevent premature module unload (git-fixes).
  • xen-netback: correct success/error reporting for the SKB-with-fraglist case (git-fixes).
  • xen/balloon: fix balloon kthread freezing (git-fixes).
  • xen/balloon: fix ballooned page accounting without hotplug enabled (git-fixes).
  • xen/balloon: fix cancelled balloon action (git-fixes).
  • xen/balloon: use a kernel thread instead a workqueue (git-fixes).
  • xen/gntdev: Avoid blocking in unmapgrantpages() (git-fixes).
  • xen/gntdev: Ignore failure to unmap INVALIDGRANTHANDLE (git-fixes).
  • xen/gntdev: Prevent leaking grants (git-fixes).
  • xen/pcpu: fix possible memory leak in register_pcpu() (git-fixes).
  • xen/privcmd: Corrected error handling path (git-fixes).
  • xen/privcmd: fix error exit of privcmdioctldm_op() (git-fixes).
  • xen/xenbus: Fix granting of vmalloc'd memory (git-fixes).
  • xen/xenbus: ensure xenbusmapring_valloc() returns proper grant status (git-fixes).
  • xen: Fix XenStore initialisation for XS_LOCAL (git-fixes).
  • xen: Fix event channel callback via INTX/GSI (git-fixes).
  • xen: delay xenhvminittimeops() if kdump is boot on vcpu>=32 (git-fixes).
  • xenbus: req->body should be updated before req->state (git-fixes).
  • xenbus: req->err should be updated before req->state (git-fixes).
  • xfs: Lower CIL flush limit for large logs (git-fixes).
  • xfs: Throttle commits on delayed background CIL push (git-fixes).
  • xfs: Use scnprintf() for avoiding potential buffer overflow (git-fixes).
  • xfs: check owner of dir3 blocks (git-fixes).
  • xfs: factor common AIL item deletion code (git-fixes).
  • xfs: open code insert range extent split helper (git-fixes).
  • xfs: rework collapse range into an atomic operation (git-fixes).
  • xfs: rework insert range into an atomic operation (git-fixes).
  • xfs: tail updates only need to occur when LSN changes (git-fixes).
  • xfs: trylock underlying buffer on dquot flush (git-fixes).
  • xfs: xfsbufcorruptionerror should take _this_address (git-fixes).
  • xhci: Remove device endpoints from bandwidth list when freeing the device (git-fixes).
References

Affected packages

SUSE:Linux Enterprise Module for Public Cloud 15 SP3 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP3 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 15 SP3 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}

openSUSE:Leap 15.3 / kernel-azure

Package

Name
kernel-azure
Purl
pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "dlm-kmp-azure": "5.3.18-150300.38.88.1",
            "cluster-md-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-extra": "5.3.18-150300.38.88.1",
            "gfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-optional": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kselftests-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-livepatch-devel": "5.3.18-150300.38.88.1",
            "ocfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}

openSUSE:Leap 15.3 / kernel-source-azure

Package

Name
kernel-source-azure
Purl
pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "dlm-kmp-azure": "5.3.18-150300.38.88.1",
            "cluster-md-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-extra": "5.3.18-150300.38.88.1",
            "gfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-optional": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kselftests-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-livepatch-devel": "5.3.18-150300.38.88.1",
            "ocfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}

openSUSE:Leap 15.3 / kernel-syms-azure

Package

Name
kernel-syms-azure
Purl
pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.3.18-150300.38.88.1

Ecosystem specific

{
    "binaries": [
        {
            "reiserfs-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-devel-azure": "5.3.18-150300.38.88.1",
            "dlm-kmp-azure": "5.3.18-150300.38.88.1",
            "cluster-md-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-extra": "5.3.18-150300.38.88.1",
            "gfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-optional": "5.3.18-150300.38.88.1",
            "kernel-azure-devel": "5.3.18-150300.38.88.1",
            "kernel-azure": "5.3.18-150300.38.88.1",
            "kselftests-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-syms-azure": "5.3.18-150300.38.88.1",
            "kernel-azure-livepatch-devel": "5.3.18-150300.38.88.1",
            "ocfs2-kmp-azure": "5.3.18-150300.38.88.1",
            "kernel-source-azure": "5.3.18-150300.38.88.1"
        }
    ]
}