openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:1382-1
Rating:             important
References:         #1065729 #1071995 #1085030 #1133021 #1154492 
                    #1156395 #1159058 #1160634 #1169790 #1171634 
                    #1171688 #1172108 #1172418 #1172871 #1173485 
                    #1173798 #1174003 #1174026 #1174387 #1174699 
                    #1174771 #1174777 #1174800 #1175128 #1175199 
                    #1175232 #1175440 #1175493 #1175546 #1175550 
                    #1175654 #1175691 #1175768 #1175769 #1175770 
                    #1175771 #1175772 #1175774 #1175775 #1175834 
                    #1175873 #1176069 
Cross-References:   CVE-2020-14314 CVE-2020-14386
Affected Products:
                    openSUSE Leap 15.2
______________________________________________________________________________

   An update that solves two vulnerabilities and has 40 fixes
   is now available.

Description:



   The openSUSE Leap 15.2 kernel was updated to receive various security and
   bugfixes.

   The following security bugs were fixed:

   - CVE-2020-14314: Fixed potential negative array index in do_split() in
     ext4 (bsc#1173798).
   - CVE-2020-14386: Fixed an overflow in af_packet, which could lead to
     local privilege escalation (bsc#1176069).


   The following non-security bugs were fixed:

   - ACPICA: Do not increment operation_region reference counts for field
     units (git-fixes).
   - ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes).
   - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes).
   - ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes).
   - ALSA: hda: avoid reset of sdo_limit (git-fixes).
   - ALSA: isa: fix spelling mistakes in the comments (git-fixes).
   - ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1) (git-fixes).
   - ALSA: usb-audio: Update documentation comment for MS2109 quirk
     (git-fixes).
   - ALSA: usb-audio: ignore broken processing/extension unit (git-fixes).
   - ASoC: intel: Fix memleak in sst_media_open (git-fixes).
   - ASoC: msm8916-wcd-analog: fix register Interrupt offset (git-fixes).
   - ASoC: q6afe-dai: mark all widgets registers as SND_SOC_NOPM (git-fixes).
   - ASoC: q6routing: add dummy register read/write function (git-fixes).
   - ASoC: wm8994: Avoid attempts to read unreadable registers (git-fixes).
   - Bluetooth: add a mutex lock to avoid UAF in do_enale_set (git-fixes).
   - Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops
     (bsc#1175128).
   - HID: input: Fix devices that return multiple bytes in battery report
     (git-fixes).
   - Input: psmouse - add a newline when printing 'proto' by sysfs
     (git-fixes).
   - KVM: PPC: Book3S PR: Remove uninitialized_var() usage (bsc#1065729).
   - KVM: Reinstall old memslots if arch preparation fails (bsc#1133021).
   - KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART (bsc#1133021).
   - KVM: x86: Fix APIC page invalidation race (bsc#1133021).
   - PCI: hv: Fix a timing issue which causes kdump to fail occasionally
     (bsc#1172871, git-fixes).
   - RDMA/mlx5: Add missing srcu_read_lock in ODP implicit flow
     (jsc#SLE-8446).
   - RDMA/mlx5: Fix typo in enum name (git-fixes).
   - Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during
     probe" (bsc#1171688 bsc#1174003).
   - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"
     (bsc#1171688 bsc#1174003).
   - bdc: Fix bug causing crash after multiple disconnects (git-fixes).
   - bfq: fix blkio cgroup leakage v4 (bsc#1175775).
   - block: Fix the type of 'sts' in bsg_queue_rq() (git-fixes).
   - bnxt_en: fix NULL dereference in case SR-IOV configuration fails
     (networking-stable-20_07_17).
   - bonding: fix active-backup failover for current ARP slave (bsc#1174771).
   - brcmfmac: To fix Bss Info flag definition Bug (git-fixes).
   - brcmfmac: keep SDIO watchdog running when console_interval is non-zero
     (git-fixes).
   - brcmfmac: set state of hanger slot to FREE when flushing PSQ (git-fixes).
   - btrfs: add helper to get the end offset of a file extent item
     (bsc#1175546).
   - btrfs: factor out inode items copy loop from btrfs_log_inode()
     (bsc#1175546).
   - btrfs: fix memory leaks after failure to lookup checksums during inode
     logging (bsc#1175550).
   - btrfs: fix missing file extent item for hole after ranged fsync
     (bsc#1175546).
   - btrfs: make full fsyncs always operate on the entire file again
     (bsc#1175546).
   - btrfs: make ranged full fsyncs more efficient (bsc#1175546).
   - btrfs: remove useless check for copy_items() return value (bsc#1175546).
   - btrfs: treat RWF_{,D}SYNC writes as sync for CRCs (bsc#1175493).
   - config/x86_64: Make CONFIG_PINCTRL_AMD=y (bsc#1174800) The pinctrl
     driver has to be initialized before hid-i2c and others. For assuring it,
     change it built-in, since we can't put the module ordering. This change
     follows the SLE15-SP2 kernel behavior.
   - cpumap: Use non-locked version __ptr_ring_consume_batched (git-fixes).
   - crypto: aesni - Fix build with LLVM_IAS=1 (git-fixes).
   - crypto: aesni - add compatibility with IAS (git-fixes).
   - dlm: Fix kobject memleak (bsc#1175768).
   - drm/amd/display: Fix EDID parsing after resume from suspend (git-fixes).
   - drm/amd/display: fix pow() crashing when given base 0 (git-fixes).
   - drm/amd/powerplay: fix compile error with ARCH=arc (git-fixes).
   - drm/amdgpu/display bail early in dm_pp_get_static_clocks (git-fixes).
   - drm/amdgpu: avoid dereferencing a NULL pointer (git-fixes).
   - drm/debugfs: fix plain echo to connector "force" attribute (git-fixes).
   - drm/etnaviv: fix ref count leak via pm_runtime_get_sync (git-fixes).
   - drm/msm: ratelimit crtc event overflow error (git-fixes).
   - drm/nouveau/kms/nv50-: Fix disabling dithering (git-fixes).
   - drm/nouveau: fix multiple instances of reference count leaks (git-fixes).
   - drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek
     (git-fixes).
   - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
     (git-fixes).
   - drm/radeon: disable AGP by default (git-fixes).
   - drm/tilcdc: fix leak & null ref in panel_connector_get_modes (git-fixes).
   - drm/ttm/nouveau: do not call tt destroy callback on alloc failure
     (git-fixes bsc#1175232).
   - drm: msm: a6xx: fix gpu failure after system resume (git-fixes).
   - dyndbg: fix a BUG_ON in ddebug_describe_flags (git-fixes).
   - enetc: Fix tx rings bitmap iteration range, irq handling
     (networking-stable-20_06_28).
   - ext2: fix missing percpu_counter_inc (bsc#1175774).
   - ext4: check journal inode extents more carefully (bsc#1173485).
   - ext4: do not BUG on inconsistent journal feature (bsc#1171634).
   - ext4: do not allow overlapping system zones (bsc#1173485).
   - ext4: fix checking of directory entry validity for inline directories
     (bsc#1175771).
   - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485).
   - genetlink: remove genl_bind (networking-stable-20_07_17).
   - gpu: host1x: debug: Fix multiple channels emitting messages
     simultaneously (git-fixes).
   - i2c: i801: Add support for Intel Comet Lake PCH-V (jsc#SLE-13411).
   - i2c: i801: Add support for Intel Emmitsburg PCH (jsc#SLE-13411).
   - i2c: i801: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411).
   - ibmveth: Fix use of ibmveth in a bridge (bsc#1174387 ltc#187506).
   - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873
     ltc#187922).
   - ice: Clear and free XLT entries on reset (jsc#SLE-7926).
   - ice: Graceful error handling in HW table calloc failure (jsc#SLE-7926).
   - igc: Fix PTP initialization (bsc#1160634).
   - ip6_gre: fix null-ptr-deref in ip6gre_init_net() (git-fixes).
   - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup()
     (networking-stable-20_06_28).
   - ip_tunnel: fix use-after-free in ip_tunnel_lookup()
     (networking-stable-20_06_28).
   - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
     (networking-stable-20_07_17).
   - ipv6: Fix use of anycast address with loopback
     (networking-stable-20_07_17).
   - ipv6: fib6_select_path can not use out path for nexthop objects
     (networking-stable-20_07_17).
   - ipvs: fix the connection sync failed in some cases (bsc#1174699).
   - iwlegacy: Check the return value of pcie_capability_read_*() (git-fixes).
   - jbd2: add the missing unlock_buffer() in the error path of
     jbd2_write_superblock() (bsc#1175772).
   - kABI: genetlink: remove genl_bind (kabi).
   - kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777)
     Exported symbols under drivers/nvme/host/ are only used by the nvme
     subsystem itself, except for the nvme-fc symbols.
   - kabi/severities: ignore qla2xxx as all symbols are internal
   - kernel/relay.c: fix memleak on destroy relay channel (git-fixes).
   - kernfs: do not call fsnotify() with name without a parent (bsc#1175770).
   - l2tp: remove skb_dst_set() from l2tp_xmit_skb()
     (networking-stable-20_07_17).
   - llc: make sure applications use ARPHRD_ETHER
     (networking-stable-20_07_17).
   - md-cluster: Fix potential error pointer dereference in resize_bitmaps()
     (git-fixes).
   - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5
     (git-fixes).
   - media: budget-core: Improve exception handling in budget_register()
     (git-fixes).
   - media: camss: fix memory leaks on error handling paths in probe
     (git-fixes).
   - media: rockchip: rga: Introduce color fmt macros and refactor CSC mode
     logic (git-fixes).
   - media: rockchip: rga: Only set output CSC mode for RGB input (git-fixes).
   - media: vpss: clean up resources in init (git-fixes).
   - mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs (jsc#SLE-13411).
   - mld: fix memory leak in ipv6_mc_destroy_dev()
     (networking-stable-20_06_28).
   - mlxsw: pci: Fix use-after-free in case of failed devlink reload
     (networking-stable-20_07_17).
   - mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON()
     (networking-stable-20_07_17).
   - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo
     (bsc#1175691).
   - mm/vunmap: add cond_resched() in vunmap_pmd_range (bsc#1175654
     ltc#184617).
   - mm: filemap: clear idle flag for writes (bsc#1175769).
   - mmc: sdhci-cadence: do not use hardware tuning for SD mode (git-fixes).
   - mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1
     (git-fixes).
   - mvpp2: ethtool rxtx stats fix (networking-stable-20_06_28).
   - net/mlx5: DR, Change push vlan action sequence (jsc#SLE-8464).
   - net/mlx5: Fix eeprom support for SFP module (networking-stable-20_07_17).
   - net/mlx5e: Fix 50G per lane indication (networking-stable-20_07_17).
   - net: Added pointer check for dst->ops->neigh_lookup in
     dst_neigh_lookup_skb (networking-stable-20_07_17).
   - net: Do not clear the sock TX queue in sk_set_socket()
     (networking-stable-20_06_28).
   - net: Fix the arp error in some cases (networking-stable-20_06_28).
   - net: bridge: enfore alignment for ethernet address
     (networking-stable-20_06_28).
   - net: core: reduce recursion limit value (networking-stable-20_06_28).
   - net: dsa: microchip: set the correct number of ports
     (networking-stable-20_07_17).
   - net: ena: Change WARN_ON expression in ena_del_napi_in_range()
     (bsc#1154492).
   - net: ena: Make missed_tx stat incremental (git-fixes).
   - net: ena: Prevent reset after device destruction (git-fixes).
   - net: fix memleak in register_netdevice() (networking-stable-20_06_28).
   - net: increment xmit_recursion level in dev_direct_xmit()
     (networking-stable-20_06_28).
   - net: mvneta: fix use of state->speed (networking-stable-20_07_17).
   - net: qrtr: Fix an out of bounds read qrtr_endpoint_post()
     (networking-stable-20_07_17).
   - net: usb: ax88179_178a: fix packet alignment padding
     (networking-stable-20_06_28).
   - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
     (networking-stable-20_07_17).
   - net_sched: fix a memory leak in atm_tc_init()
     (networking-stable-20_07_17).
   - nvme-multipath: do not fall back to __nvme_find_path() for non-optimized
     paths (bsc#1172108).
   - nvme-multipath: fix logic for non-optimized paths (bsc#1172108).
   - nvme-multipath: round-robin: eliminate "fallback" variable (bsc#1172108).
   - nvme-multipath: set bdi capabilities once (bsc#1159058).
   - nvme-pci: Re-order nvme_pci_free_ctrl (bsc#1159058).
   - nvme-rdma: Add warning on state change failure at (bsc#1159058).
   - nvme-tcp: Add warning on state change failure at (bsc#1159058).
   - nvme-tcp: fix possible crash in write_zeroes processing (bsc#1159058).
   - nvme: Fix controller creation races with teardown flow (bsc#1159058).
   - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1159058).
   - nvme: Make nvme_uninit_ctrl symmetric to nvme_init_ctrl (bsc#1159058).
   - nvme: Remove unused return code from nvme_delete_ctrl_sync (bsc#1159058).
   - nvme: add a Identify Namespace Identification Descriptor list quirk
     (git-fixes).
   - nvme: always search for namespace head (bsc#1159058).
   - nvme: avoid an Identify Controller command for each namespace
     (bsc#1159058).
   - nvme: check namespace head shared property (bsc#1159058).
   - nvme: clean up nvme_scan_work (bsc#1159058).
   - nvme: cleanup namespace identifier reporting in (bsc#1159058).
   - nvme: consolidate chunk_sectors settings (bsc#1159058).
   - nvme: consolodate io settings (bsc#1159058).
   - nvme: expose hostid via sysfs for fabrics controllers (bsc#1159058).
   - nvme: expose hostnqn via sysfs for fabrics controllers (bsc#1159058).
   - nvme: factor out a nvme_ns_remove_by_nsid helper (bsc#1159058).
   - nvme: fix a crash in nvme_mpath_add_disk (git-fixes, bsc#1159058).
   - nvme: fix identify error status silent ignore (git-fixes, bsc#1159058).
   - nvme: fix possible hang when ns scanning fails during error
     (bsc#1159058).
   - nvme: kABI fixes for nvme_ctrl (bsc#1159058).
   - nvme: multipath: round-robin: fix single non-optimized path case
     (bsc#1172108).
   - nvme: prevent double free in nvme_alloc_ns() error handling
     (bsc#1159058).
   - nvme: provide num dword helper (bsc#1159058).
   - nvme: refactor nvme_identify_ns_descs error handling (bsc#1159058).
   - nvme: refine the Qemu Identify CNS quirk (bsc#1159058).
   - nvme: release ida resources (bsc#1159058).
   - nvme: release namespace head reference on error (bsc#1159058).
   - nvme: remove the magic 1024 constant in nvme_scan_ns_list (bsc#1159058).
   - nvme: remove unused parameter (bsc#1159058).
   - nvme: rename __nvme_find_ns_head to nvme_find_ns_head (bsc#1159058).
   - nvme: revalidate after verifying identifiers (bsc#1159058).
   - nvme: revalidate namespace stream parameters (bsc#1159058).
   - nvme: unlink head after removing last namespace (bsc#1159058).
   - openvswitch: take into account de-fragmentation/gso_size in
     execute_check_pkt_len (networking-stable-20_06_28).
   - platform/x86: ISST: Add new PCI device ids (git-fixes).
   - platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15
     (git-fixes).
   - powerpc/64s: Do not init FSCR_DSCR in __init_FSCR() (bsc#1065729).
   - powerpc/fadump: Fix build error with CONFIG_PRESERVE_FA_DUMP=y
     (bsc#1156395).
   - powerpc/iommu: Allow bypass-only for DMA (bsc#1156395).
   - powerpc/perf: Fix missing is_sier_aviable() during build (bsc#1065729).
   - powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death
     (bsc#1085030 ltC#165630).
   - powerpc/pseries: Do not initiate shutdown when system is running on UPS
     (bsc#1175440 ltc#187574).
   - pseries: Fix 64 bit logical memory block panic (bsc#1065729).
   - rocker: fix incorrect error handling in dma_rings_init
     (networking-stable-20_06_28).
   - rtc: goldfish: Enable interrupt in set_alarm() when necessary
     (git-fixes).
   - sch_cake: do not call diffserv parsing code when it is not needed
     (networking-stable-20_06_28).
   - sch_cake: do not try to reallocate or unshare skb unconditionally
     (networking-stable-20_06_28).
   - sched: consistently handle layer3 header accesses in the presence of
     VLANs (networking-stable-20_07_17).
   - scsi/fc: kABI fixes for new ELS_RPD definition (bsc#1171688 bsc#1174003).
   - scsi: Fix trivial spelling (bsc#1171688 bsc#1174003).
   - scsi: dh: Add Fujitsu device to devinfo and dh lists (bsc#1174026).
   - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be
     set anytime (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof()
     expressions (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case
     into lower case (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump()
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs()
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix the code that reads from mailbox registers     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to
     FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Indicate correct supported speeds for Mezz card
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Introduce a function for computing the debug message
     prefix (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of
     request_t.handle (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and
     fcp_hdr_le (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: SAN congestion management implementation (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use register names instead of register offsets
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688
     bsc#1174003).
   - scsi: smartpqi: Identify physical devices without issuing INQUIRY
     (bsc#1172418).
   - scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow
     (bsc#1172418).
   - scsi: smartpqi: add RAID bypass counter (bsc#1172418).
   - scsi: smartpqi: add id support for SmartRAID 3152-8i (bsc#1172418).
   - scsi: smartpqi: avoid crashing kernel for controller issues
     (bsc#1172418).
   - scsi: smartpqi: bump version to 1.2.16-010 (bsc#1172418).
   - scsi: smartpqi: support device deletion via sysfs (bsc#1172418).
   - scsi: smartpqi: update logical volume size after expansion (bsc#1172418).
   - scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790).
   - sctp: Do not advertise IPv4 addresses if ipv6only is set on the socket
     (networking-stable-20_06_28).
   - selftests/livepatch: fix mem leaks in test-klp-shadow-vars (bsc#1071995).
   - selftests/livepatch: more verification in test-klp-shadow-vars     (bsc#1071995).
   - selftests/livepatch: rework test-klp-shadow-vars (bsc#1071995).
   - selftests/livepatch: simplify test-klp-callbacks busy target tests
     (bsc#1071995).
   - serial: 8250: change lock order in serial8250_do_startup() (git-fixes).
   - serial: pl011: Do not leak amba_ports entry on driver register error
     (git-fixes).
   - serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes).
   - soc/tegra: pmc: Enable PMIC wake event on Tegra194 (bsc#1175834).
   - soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag (git-fixes).
   - spi: pxa2xx: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411).
   - spi: spidev: Align buffers for DMA (git-fixes).
   - spi: stm32: fixes suspend/resume management (git-fixes).
   - tcp: do not ignore ECN CWR on pure ACK (networking-stable-20_06_28).
   - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure
     (networking-stable-20_07_17).
   - tcp: grow window for OOO packets only for SACK flows
     (networking-stable-20_06_28).
   - tcp: make sure listeners do not initialize congestion-control state
     (networking-stable-20_07_17).
   - tcp: md5: add missing memory barriers in
     tcp_md5_do_add()/tcp_md5_hash_key() (networking-stable-20_07_17).
   - tcp: md5: do not send silly options in SYNCOOKIES
     (networking-stable-20_07_17).
   - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers     (networking-stable-20_07_17).
   - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT
     (networking-stable-20_06_28).
   - tracepoint: Mark __tracepoint_string's __used (git-fixes).
   - tracing: Use trace_sched_process_free() instead of exit() for pid
     tracing (git-fixes).
   - usb: bdc: Halt controller on suspend (git-fixes).
   - usb: gadget: net2280: fix memory leak on probe error handling paths
     (git-fixes).
   - usb: mtu3: clear dual mode of u3port when disable device (git-fixes).
   - video: fbdev: neofb: fix memory leak in neo_scan_monitor() (git-fixes).
   - video: fbdev: savage: fix memory leak on error handling path in probe
     (git-fixes).
   - vlan: consolidate VLAN parsing code and limit max parsing depth
     (networking-stable-20_07_17).
   - vmxnet3: use correct tcp hdr length when packet is encapsulated
     (bsc#1175199).
   - x86/bugs/multihit: Fix mitigation reporting when VMX is not in use
     (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.2:

      zypper in -t patch openSUSE-2020-1382=1



Package List:

   - openSUSE Leap 15.2 (noarch):

      kernel-devel-5.3.18-lp152.41.1
      kernel-docs-5.3.18-lp152.41.1
      kernel-docs-html-5.3.18-lp152.41.1
      kernel-macros-5.3.18-lp152.41.1
      kernel-source-5.3.18-lp152.41.1
      kernel-source-vanilla-5.3.18-lp152.41.1

   - openSUSE Leap 15.2 (x86_64):

      kernel-debug-5.3.18-lp152.41.1
      kernel-debug-debuginfo-5.3.18-lp152.41.1
      kernel-debug-debugsource-5.3.18-lp152.41.1
      kernel-debug-devel-5.3.18-lp152.41.1
      kernel-debug-devel-debuginfo-5.3.18-lp152.41.1
      kernel-default-5.3.18-lp152.41.1
      kernel-default-base-5.3.18-lp152.41.1.lp152.8.6.2
      kernel-default-base-rebuild-5.3.18-lp152.41.1.lp152.8.6.2
      kernel-default-debuginfo-5.3.18-lp152.41.1
      kernel-default-debugsource-5.3.18-lp152.41.1
      kernel-default-devel-5.3.18-lp152.41.1
      kernel-default-devel-debuginfo-5.3.18-lp152.41.1
      kernel-kvmsmall-5.3.18-lp152.41.1
      kernel-kvmsmall-debuginfo-5.3.18-lp152.41.1
      kernel-kvmsmall-debugsource-5.3.18-lp152.41.1
      kernel-kvmsmall-devel-5.3.18-lp152.41.1
      kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.41.1
      kernel-obs-build-5.3.18-lp152.41.1
      kernel-obs-build-debugsource-5.3.18-lp152.41.1
      kernel-obs-qa-5.3.18-lp152.41.1
      kernel-preempt-5.3.18-lp152.41.1
      kernel-preempt-debuginfo-5.3.18-lp152.41.1
      kernel-preempt-debugsource-5.3.18-lp152.41.1
      kernel-preempt-devel-5.3.18-lp152.41.1
      kernel-preempt-devel-debuginfo-5.3.18-lp152.41.1
      kernel-syms-5.3.18-lp152.41.1


References:

   https://www.suse.com/security/cve/CVE-2020-14314.html
   https://www.suse.com/security/cve/CVE-2020-14386.html
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1071995
   https://bugzilla.suse.com/1085030
   https://bugzilla.suse.com/1133021
   https://bugzilla.suse.com/1154492
   https://bugzilla.suse.com/1156395
   https://bugzilla.suse.com/1159058
   https://bugzilla.suse.com/1160634
   https://bugzilla.suse.com/1169790
   https://bugzilla.suse.com/1171634
   https://bugzilla.suse.com/1171688
   https://bugzilla.suse.com/1172108
   https://bugzilla.suse.com/1172418
   https://bugzilla.suse.com/1172871
   https://bugzilla.suse.com/1173485
   https://bugzilla.suse.com/1173798
   https://bugzilla.suse.com/1174003
   https://bugzilla.suse.com/1174026
   https://bugzilla.suse.com/1174387
   https://bugzilla.suse.com/1174699
   https://bugzilla.suse.com/1174771
   https://bugzilla.suse.com/1174777
   https://bugzilla.suse.com/1174800
   https://bugzilla.suse.com/1175128
   https://bugzilla.suse.com/1175199
   https://bugzilla.suse.com/1175232
   https://bugzilla.suse.com/1175440
   https://bugzilla.suse.com/1175493
   https://bugzilla.suse.com/1175546
   https://bugzilla.suse.com/1175550
   https://bugzilla.suse.com/1175654
   https://bugzilla.suse.com/1175691
   https://bugzilla.suse.com/1175768
   https://bugzilla.suse.com/1175769
   https://bugzilla.suse.com/1175770
   https://bugzilla.suse.com/1175771
   https://bugzilla.suse.com/1175772
   https://bugzilla.suse.com/1175774
   https://bugzilla.suse.com/1175775
   https://bugzilla.suse.com/1175834
   https://bugzilla.suse.com/1175873
   https://bugzilla.suse.com/1176069

--

openSUSE: 2020:1382-1: important: the Linux Kernel

September 8, 2020
An update that solves two vulnerabilities and has 40 fixes is now available.

Description

The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-14314: Fixed potential negative array index in do_split() in ext4 (bsc#1173798). - CVE-2020-14386: Fixed an overflow in af_packet, which could lead to local privilege escalation (bsc#1176069). The following non-security bugs were fixed: - ACPICA: Do not increment operation_region reference counts for field units (git-fixes). - ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes). - ALSA: hda: avoid reset of sdo_limit (git-fixes). - ALSA: isa: fix spelling mistakes in the comments (git-fixes). - ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1) (git-fixes). - ALSA: usb-audio: Update documentation comment for MS2109 quirk (git-fixes). - ALSA: usb-audio: ignore broken processing/extension unit (git-fixes). - ASoC: intel: Fix memleak in sst_media_open (git-fixes). - ASoC: msm8916-wcd-analog: fix register Interrupt offset (git-fixes). - ASoC: q6afe-dai: mark all widgets registers as SND_SOC_NOPM (git-fixes). - ASoC: q6routing: add dummy register read/write function (git-fixes). - ASoC: wm8994: Avoid attempts to read unreadable registers (git-fixes). - Bluetooth: add a mutex lock to avoid UAF in do_enale_set (git-fixes). - Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops (bsc#1175128). - HID: input: Fix devices that return multiple bytes in battery report (git-fixes). - Input: psmouse - add a newline when printing 'proto' by sysfs (git-fixes). - KVM: PPC: Book3S PR: Remove uninitialized_var() usage (bsc#1065729). - KVM: Reinstall old memslots if arch preparation fails (bsc#1133021). - KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART (bsc#1133021). - KVM: x86: Fix APIC page invalidation race (bsc#1133021). - PCI: hv: Fix a timing issue which causes kdump to fail occasionally (bsc#1172871, git-fixes). - RDMA/mlx5: Add missing srcu_read_lock in ODP implicit flow (jsc#SLE-8446). - RDMA/mlx5: Fix typo in enum name (git-fixes). - Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe" (bsc#1171688 bsc#1174003). - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" (bsc#1171688 bsc#1174003). - bdc: Fix bug causing crash after multiple disconnects (git-fixes). - bfq: fix blkio cgroup leakage v4 (bsc#1175775). - block: Fix the type of 'sts' in bsg_queue_rq() (git-fixes). - bnxt_en: fix NULL dereference in case SR-IOV configuration fails (networking-stable-20_07_17). - bonding: fix active-backup failover for current ARP slave (bsc#1174771). - brcmfmac: To fix Bss Info flag definition Bug (git-fixes). - brcmfmac: keep SDIO watchdog running when console_interval is non-zero (git-fixes). - brcmfmac: set state of hanger slot to FREE when flushing PSQ (git-fixes). - btrfs: add helper to get the end offset of a file extent item (bsc#1175546). - btrfs: factor out inode items copy loop from btrfs_log_inode() (bsc#1175546). - btrfs: fix memory leaks after failure to lookup checksums during inode logging (bsc#1175550). - btrfs: fix missing file extent item for hole after ranged fsync (bsc#1175546). - btrfs: make full fsyncs always operate on the entire file again (bsc#1175546). - btrfs: make ranged full fsyncs more efficient (bsc#1175546). - btrfs: remove useless check for copy_items() return value (bsc#1175546). - btrfs: treat RWF_{,D}SYNC writes as sync for CRCs (bsc#1175493). - config/x86_64: Make CONFIG_PINCTRL_AMD=y (bsc#1174800) The pinctrl driver has to be initialized before hid-i2c and others. For assuring it, change it built-in, since we can't put the module ordering. This change follows the SLE15-SP2 kernel behavior. - cpumap: Use non-locked version __ptr_ring_consume_batched (git-fixes). - crypto: aesni - Fix build with LLVM_IAS=1 (git-fixes). - crypto: aesni - add compatibility with IAS (git-fixes). - dlm: Fix kobject memleak (bsc#1175768). - drm/amd/display: Fix EDID parsing after resume from suspend (git-fixes). - drm/amd/display: fix pow() crashing when given base 0 (git-fixes). - drm/amd/powerplay: fix compile error with ARCH=arc (git-fixes). - drm/amdgpu/display bail early in dm_pp_get_static_clocks (git-fixes). - drm/amdgpu: avoid dereferencing a NULL pointer (git-fixes). - drm/debugfs: fix plain echo to connector "force" attribute (git-fixes). - drm/etnaviv: fix ref count leak via pm_runtime_get_sync (git-fixes). - drm/msm: ratelimit crtc event overflow error (git-fixes). - drm/nouveau/kms/nv50-: Fix disabling dithering (git-fixes). - drm/nouveau: fix multiple instances of reference count leaks (git-fixes). - drm/nouveau: fix reference count leak in nouveau_debugfs_strap_peek (git-fixes). - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync (git-fixes). - drm/radeon: disable AGP by default (git-fixes). - drm/tilcdc: fix leak & null ref in panel_connector_get_modes (git-fixes). - drm/ttm/nouveau: do not call tt destroy callback on alloc failure (git-fixes bsc#1175232). - drm: msm: a6xx: fix gpu failure after system resume (git-fixes). - dyndbg: fix a BUG_ON in ddebug_describe_flags (git-fixes). - enetc: Fix tx rings bitmap iteration range, irq handling (networking-stable-20_06_28). - ext2: fix missing percpu_counter_inc (bsc#1175774). - ext4: check journal inode extents more carefully (bsc#1173485). - ext4: do not BUG on inconsistent journal feature (bsc#1171634). - ext4: do not allow overlapping system zones (bsc#1173485). - ext4: fix checking of directory entry validity for inline directories (bsc#1175771). - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485). - genetlink: remove genl_bind (networking-stable-20_07_17). - gpu: host1x: debug: Fix multiple channels emitting messages simultaneously (git-fixes). - i2c: i801: Add support for Intel Comet Lake PCH-V (jsc#SLE-13411). - i2c: i801: Add support for Intel Emmitsburg PCH (jsc#SLE-13411). - i2c: i801: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411). - ibmveth: Fix use of ibmveth in a bridge (bsc#1174387 ltc#187506). - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873 ltc#187922). - ice: Clear and free XLT entries on reset (jsc#SLE-7926). - ice: Graceful error handling in HW table calloc failure (jsc#SLE-7926). - igc: Fix PTP initialization (bsc#1160634). - ip6_gre: fix null-ptr-deref in ip6gre_init_net() (git-fixes). - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() (networking-stable-20_06_28). - ip_tunnel: fix use-after-free in ip_tunnel_lookup() (networking-stable-20_06_28). - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg (networking-stable-20_07_17). - ipv6: Fix use of anycast address with loopback (networking-stable-20_07_17). - ipv6: fib6_select_path can not use out path for nexthop objects (networking-stable-20_07_17). - ipvs: fix the connection sync failed in some cases (bsc#1174699). - iwlegacy: Check the return value of pcie_capability_read_*() (git-fixes). - jbd2: add the missing unlock_buffer() in the error path of jbd2_write_superblock() (bsc#1175772). - kABI: genetlink: remove genl_bind (kabi). - kabi/severities: ignore KABI for NVMe, except nvme-fc (bsc#1174777) Exported symbols under drivers/nvme/host/ are only used by the nvme subsystem itself, except for the nvme-fc symbols. - kabi/severities: ignore qla2xxx as all symbols are internal - kernel/relay.c: fix memleak on destroy relay channel (git-fixes). - kernfs: do not call fsnotify() with name without a parent (bsc#1175770). - l2tp: remove skb_dst_set() from l2tp_xmit_skb() (networking-stable-20_07_17). - llc: make sure applications use ARPHRD_ETHER (networking-stable-20_07_17). - md-cluster: Fix potential error pointer dereference in resize_bitmaps() (git-fixes). - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5 (git-fixes). - media: budget-core: Improve exception handling in budget_register() (git-fixes). - media: camss: fix memory leaks on error handling paths in probe (git-fixes). - media: rockchip: rga: Introduce color fmt macros and refactor CSC mode logic (git-fixes). - media: rockchip: rga: Only set output CSC mode for RGB input (git-fixes). - media: vpss: clean up resources in init (git-fixes). - mfd: intel-lpss: Add Intel Tiger Lake PCH-H PCI IDs (jsc#SLE-13411). - mld: fix memory leak in ipv6_mc_destroy_dev() (networking-stable-20_06_28). - mlxsw: pci: Fix use-after-free in case of failed devlink reload (networking-stable-20_07_17). - mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON() (networking-stable-20_07_17). - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691). - mm/vunmap: add cond_resched() in vunmap_pmd_range (bsc#1175654 ltc#184617). - mm: filemap: clear idle flag for writes (bsc#1175769). - mmc: sdhci-cadence: do not use hardware tuning for SD mode (git-fixes). - mmc: sdhci-pci-o2micro: Bug fix for O2 host controller Seabird1 (git-fixes). - mvpp2: ethtool rxtx stats fix (networking-stable-20_06_28). - net/mlx5: DR, Change push vlan action sequence (jsc#SLE-8464). - net/mlx5: Fix eeprom support for SFP module (networking-stable-20_07_17). - net/mlx5e: Fix 50G per lane indication (networking-stable-20_07_17). - net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb (networking-stable-20_07_17). - net: Do not clear the sock TX queue in sk_set_socket() (networking-stable-20_06_28). - net: Fix the arp error in some cases (networking-stable-20_06_28). - net: bridge: enfore alignment for ethernet address (networking-stable-20_06_28). - net: core: reduce recursion limit value (networking-stable-20_06_28). - net: dsa: microchip: set the correct number of ports (networking-stable-20_07_17). - net: ena: Change WARN_ON expression in ena_del_napi_in_range() (bsc#1154492). - net: ena: Make missed_tx stat incremental (git-fixes). - net: ena: Prevent reset after device destruction (git-fixes). - net: fix memleak in register_netdevice() (networking-stable-20_06_28). - net: increment xmit_recursion level in dev_direct_xmit() (networking-stable-20_06_28). - net: mvneta: fix use of state->speed (networking-stable-20_07_17). - net: qrtr: Fix an out of bounds read qrtr_endpoint_post() (networking-stable-20_07_17). - net: usb: ax88179_178a: fix packet alignment padding (networking-stable-20_06_28). - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem (networking-stable-20_07_17). - net_sched: fix a memory leak in atm_tc_init() (networking-stable-20_07_17). - nvme-multipath: do not fall back to __nvme_find_path() for non-optimized paths (bsc#1172108). - nvme-multipath: fix logic for non-optimized paths (bsc#1172108). - nvme-multipath: round-robin: eliminate "fallback" variable (bsc#1172108). - nvme-multipath: set bdi capabilities once (bsc#1159058). - nvme-pci: Re-order nvme_pci_free_ctrl (bsc#1159058). - nvme-rdma: Add warning on state change failure at (bsc#1159058). - nvme-tcp: Add warning on state change failure at (bsc#1159058). - nvme-tcp: fix possible crash in write_zeroes processing (bsc#1159058). - nvme: Fix controller creation races with teardown flow (bsc#1159058). - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1159058). - nvme: Make nvme_uninit_ctrl symmetric to nvme_init_ctrl (bsc#1159058). - nvme: Remove unused return code from nvme_delete_ctrl_sync (bsc#1159058). - nvme: add a Identify Namespace Identification Descriptor list quirk (git-fixes). - nvme: always search for namespace head (bsc#1159058). - nvme: avoid an Identify Controller command for each namespace (bsc#1159058). - nvme: check namespace head shared property (bsc#1159058). - nvme: clean up nvme_scan_work (bsc#1159058). - nvme: cleanup namespace identifier reporting in (bsc#1159058). - nvme: consolidate chunk_sectors settings (bsc#1159058). - nvme: consolodate io settings (bsc#1159058). - nvme: expose hostid via sysfs for fabrics controllers (bsc#1159058). - nvme: expose hostnqn via sysfs for fabrics controllers (bsc#1159058). - nvme: factor out a nvme_ns_remove_by_nsid helper (bsc#1159058). - nvme: fix a crash in nvme_mpath_add_disk (git-fixes, bsc#1159058). - nvme: fix identify error status silent ignore (git-fixes, bsc#1159058). - nvme: fix possible hang when ns scanning fails during error (bsc#1159058). - nvme: kABI fixes for nvme_ctrl (bsc#1159058). - nvme: multipath: round-robin: fix single non-optimized path case (bsc#1172108). - nvme: prevent double free in nvme_alloc_ns() error handling (bsc#1159058). - nvme: provide num dword helper (bsc#1159058). - nvme: refactor nvme_identify_ns_descs error handling (bsc#1159058). - nvme: refine the Qemu Identify CNS quirk (bsc#1159058). - nvme: release ida resources (bsc#1159058). - nvme: release namespace head reference on error (bsc#1159058). - nvme: remove the magic 1024 constant in nvme_scan_ns_list (bsc#1159058). - nvme: remove unused parameter (bsc#1159058). - nvme: rename __nvme_find_ns_head to nvme_find_ns_head (bsc#1159058). - nvme: revalidate after verifying identifiers (bsc#1159058). - nvme: revalidate namespace stream parameters (bsc#1159058). - nvme: unlink head after removing last namespace (bsc#1159058). - openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len (networking-stable-20_06_28). - platform/x86: ISST: Add new PCI device ids (git-fixes). - platform/x86: asus-nb-wmi: add support for ASUS ROG Zephyrus G14 and G15 (git-fixes). - powerpc/64s: Do not init FSCR_DSCR in __init_FSCR() (bsc#1065729). - powerpc/fadump: Fix build error with CONFIG_PRESERVE_FA_DUMP=y (bsc#1156395). - powerpc/iommu: Allow bypass-only for DMA (bsc#1156395). - powerpc/perf: Fix missing is_sier_aviable() during build (bsc#1065729). - powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death (bsc#1085030 ltC#165630). - powerpc/pseries: Do not initiate shutdown when system is running on UPS (bsc#1175440 ltc#187574). - pseries: Fix 64 bit logical memory block panic (bsc#1065729). - rocker: fix incorrect error handling in dma_rings_init (networking-stable-20_06_28). - rtc: goldfish: Enable interrupt in set_alarm() when necessary (git-fixes). - sch_cake: do not call diffserv parsing code when it is not needed (networking-stable-20_06_28). - sch_cake: do not try to reallocate or unshare skb unconditionally (networking-stable-20_06_28). - sched: consistently handle layer3 header accesses in the presence of VLANs (networking-stable-20_07_17). - scsi/fc: kABI fixes for new ELS_RPD definition (bsc#1171688 bsc#1174003). - scsi: Fix trivial spelling (bsc#1171688 bsc#1174003). - scsi: dh: Add Fujitsu device to devinfo and dh lists (bsc#1174026). - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case into lower case (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix a condition in qla2x00_find_all_fabric_devs() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Indicate correct supported speeds for Mezz card (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Introduce a function for computing the debug message prefix (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (bsc#1171688 bsc#1174003). - scsi: qla2xxx: SAN congestion management implementation (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use register names instead of register offsets (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688 bsc#1174003). - scsi: smartpqi: Identify physical devices without issuing INQUIRY (bsc#1172418). - scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow (bsc#1172418). - scsi: smartpqi: add RAID bypass counter (bsc#1172418). - scsi: smartpqi: add id support for SmartRAID 3152-8i (bsc#1172418). - scsi: smartpqi: avoid crashing kernel for controller issues (bsc#1172418). - scsi: smartpqi: bump version to 1.2.16-010 (bsc#1172418). - scsi: smartpqi: support device deletion via sysfs (bsc#1172418). - scsi: smartpqi: update logical volume size after expansion (bsc#1172418). - scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790). - sctp: Do not advertise IPv4 addresses if ipv6only is set on the socket (networking-stable-20_06_28). - selftests/livepatch: fix mem leaks in test-klp-shadow-vars (bsc#1071995). - selftests/livepatch: more verification in test-klp-shadow-vars (bsc#1071995). - selftests/livepatch: rework test-klp-shadow-vars (bsc#1071995). - selftests/livepatch: simplify test-klp-callbacks busy target tests (bsc#1071995). - serial: 8250: change lock order in serial8250_do_startup() (git-fixes). - serial: pl011: Do not leak amba_ports entry on driver register error (git-fixes). - serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes). - soc/tegra: pmc: Enable PMIC wake event on Tegra194 (bsc#1175834). - soc: qcom: rpmh-rsc: Set suppress_bind_attrs flag (git-fixes). - spi: pxa2xx: Add support for Intel Tiger Lake PCH-H (jsc#SLE-13411). - spi: spidev: Align buffers for DMA (git-fixes). - spi: stm32: fixes suspend/resume management (git-fixes). - tcp: do not ignore ECN CWR on pure ACK (networking-stable-20_06_28). - tcp: fix SO_RCVLOWAT possible hangs under high mem pressure (networking-stable-20_07_17). - tcp: grow window for OOO packets only for SACK flows (networking-stable-20_06_28). - tcp: make sure listeners do not initialize congestion-control state (networking-stable-20_07_17). - tcp: md5: add missing memory barriers in tcp_md5_do_add()/tcp_md5_hash_key() (networking-stable-20_07_17). - tcp: md5: do not send silly options in SYNCOOKIES (networking-stable-20_07_17). - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers (networking-stable-20_07_17). - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT (networking-stable-20_06_28). - tracepoint: Mark __tracepoint_string's __used (git-fixes). - tracing: Use trace_sched_process_free() instead of exit() for pid tracing (git-fixes). - usb: bdc: Halt controller on suspend (git-fixes). - usb: gadget: net2280: fix memory leak on probe error handling paths (git-fixes). - usb: mtu3: clear dual mode of u3port when disable device (git-fixes). - video: fbdev: neofb: fix memory leak in neo_scan_monitor() (git-fixes). - video: fbdev: savage: fix memory leak on error handling path in probe (git-fixes). - vlan: consolidate VLAN parsing code and limit max parsing depth (networking-stable-20_07_17). - vmxnet3: use correct tcp hdr length when packet is encapsulated (bsc#1175199). - x86/bugs/multihit: Fix mitigation reporting when VMX is not in use (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1382=1


Package List

- openSUSE Leap 15.2 (noarch): kernel-devel-5.3.18-lp152.41.1 kernel-docs-5.3.18-lp152.41.1 kernel-docs-html-5.3.18-lp152.41.1 kernel-macros-5.3.18-lp152.41.1 kernel-source-5.3.18-lp152.41.1 kernel-source-vanilla-5.3.18-lp152.41.1 - openSUSE Leap 15.2 (x86_64): kernel-debug-5.3.18-lp152.41.1 kernel-debug-debuginfo-5.3.18-lp152.41.1 kernel-debug-debugsource-5.3.18-lp152.41.1 kernel-debug-devel-5.3.18-lp152.41.1 kernel-debug-devel-debuginfo-5.3.18-lp152.41.1 kernel-default-5.3.18-lp152.41.1 kernel-default-base-5.3.18-lp152.41.1.lp152.8.6.2 kernel-default-base-rebuild-5.3.18-lp152.41.1.lp152.8.6.2 kernel-default-debuginfo-5.3.18-lp152.41.1 kernel-default-debugsource-5.3.18-lp152.41.1 kernel-default-devel-5.3.18-lp152.41.1 kernel-default-devel-debuginfo-5.3.18-lp152.41.1 kernel-kvmsmall-5.3.18-lp152.41.1 kernel-kvmsmall-debuginfo-5.3.18-lp152.41.1 kernel-kvmsmall-debugsource-5.3.18-lp152.41.1 kernel-kvmsmall-devel-5.3.18-lp152.41.1 kernel-kvmsmall-devel-debuginfo-5.3.18-lp152.41.1 kernel-obs-build-5.3.18-lp152.41.1 kernel-obs-build-debugsource-5.3.18-lp152.41.1 kernel-obs-qa-5.3.18-lp152.41.1 kernel-preempt-5.3.18-lp152.41.1 kernel-preempt-debuginfo-5.3.18-lp152.41.1 kernel-preempt-debugsource-5.3.18-lp152.41.1 kernel-preempt-devel-5.3.18-lp152.41.1 kernel-preempt-devel-debuginfo-5.3.18-lp152.41.1 kernel-syms-5.3.18-lp152.41.1


References

https://www.suse.com/security/cve/CVE-2020-14314.html https://www.suse.com/security/cve/CVE-2020-14386.html https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1071995 https://bugzilla.suse.com/1085030 https://bugzilla.suse.com/1133021 https://bugzilla.suse.com/1154492 https://bugzilla.suse.com/1156395 https://bugzilla.suse.com/1159058 https://bugzilla.suse.com/1160634 https://bugzilla.suse.com/1169790 https://bugzilla.suse.com/1171634 https://bugzilla.suse.com/1171688 https://bugzilla.suse.com/1172108 https://bugzilla.suse.com/1172418 https://bugzilla.suse.com/1172871 https://bugzilla.suse.com/1173485 https://bugzilla.suse.com/1173798 https://bugzilla.suse.com/1174003 https://bugzilla.suse.com/1174026 https://bugzilla.suse.com/1174387 https://bugzilla.suse.com/1174699 https://bugzilla.suse.com/1174771 https://bugzilla.suse.com/1174777 https://bugzilla.suse.com/1174800 https://bugzilla.suse.com/1175128 https://bugzilla.suse.com/1175199 https://bugzilla.suse.com/1175232 https://bugzilla.suse.com/1175440 https://bugzilla.suse.com/1175493 https://bugzilla.suse.com/1175546 https://bugzilla.suse.com/1175550 https://bugzilla.suse.com/1175654 https://bugzilla.suse.com/1175691 https://bugzilla.suse.com/1175768 https://bugzilla.suse.com/1175769 https://bugzilla.suse.com/1175770 https://bugzilla.suse.com/1175771 https://bugzilla.suse.com/1175772 https://bugzilla.suse.com/1175774 https://bugzilla.suse.com/1175775 https://bugzilla.suse.com/1175834 https://bugzilla.suse.com/1175873 https://bugzilla.suse.com/1176069--


Severity
Announcement ID: openSUSE-SU-2020:1382-1
Rating: important
Affected Products: openSUSE Leap 15.2 le.

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved