SUSE: 2019:1744-1 important: the Linux Kernel

    Date04 Jul 2019
    CategorySuSE
    410
    Posted ByLinuxSecurity Advisories
    Suse Large
    An update that solves three vulnerabilities and has 26 fixes is now available.
    
       SUSE Security Update: Security update for the Linux Kernel
    ______________________________________________________________________________
    
    Announcement ID:    SUSE-SU-2019:1744-1
    Rating:             important
    References:         #1051510 #1071995 #1094555 #1111666 #1112374 
                        #1114279 #1128432 #1134730 #1134738 #1135153 
                        #1135296 #1135642 #1136156 #1136157 #1136271 
                        #1136333 #1137103 #1137194 #1137366 #1137884 
                        #1137985 #1138263 #1138336 #1138374 #1138375 
                        #1138589 #1138681 #1138719 #1138732 
    Cross-References:   CVE-2018-16871 CVE-2019-12614 CVE-2019-12817
                       
    Affected Products:
                        SUSE Linux Enterprise Module for Live Patching 15-SP1
    ______________________________________________________________________________
    
       An update that solves three vulnerabilities and has 26
       fixes is now available.
    
    Description:
    
    
    
       The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various
       security and bugfixes.
    
       This update adds support for the Hygon Dhyana CPU (fate#327735).
    
       The following security bugs were fixed:
    
       - CVE-2019-12614: An issue was discovered in dlpar_parse_cc_property in
         arch/powerpc/platforms/pseries/dlpar.c. There was an unchecked kstrdup
         of prop->name, which might allow an attacker to cause a denial of
         service (NULL pointer dereference and system crash) (bnc#1137194).
       - CVE-2018-16871: A NULL pointer dereference due to an anomalized NFS
         message sequence was fixed. (bnc#1137103).
       - CVE-2019-12817: On the PowerPC architecture, local attackers could
         access other users processes memory (bnc#1138263).
    
       The following non-security bugs were fixed:
    
       - 6lowpan: Off by one handling ->nexthdr (bsc#1051510).
       - acpi: Add Hygon Dhyana support (fate#327735).
       - af_key: unconditionally clone on broadcast (bsc#1051510).
       - alsa: firewire-motu: fix destruction of data for isochronous resources
         (bsc#1051510).
       - alsa: hda/realtek - Update headset mode for ALC256 (bsc#1051510).
       - alsa: oxfw: allow PCM capture for Stanton SCS.1m (bsc#1051510).
       - ASoC: cs42xx8: Add regcache mask dirty (bsc#1051510).
       - ASoC: fsl_asrc: Fix the issue about unsupported rate (bsc#1051510).
       - audit: fix a memory leak bug (bsc#1051510).
       - blk-mq: fix hang caused by freeze/unfreeze sequence (bsc#1128432).
       - ceph: factor out ceph_lookup_inode() (bsc#1138681).
       - ceph: fix NULL pointer deref when debugging is enabled (bsc#1138681).
       - ceph: fix potential use-after-free in ceph_mdsc_build_path (bsc#1138681).
       - ceph: flush dirty inodes before proceeding with remount (bsc#1138681).
       - ceph: print inode number in __caps_issued_mask debugging messages
         (bsc#1138681).
       - ceph: quota: fix quota subdir mounts (bsc#1138681).
       - ceph: remove duplicated filelock ref increase (bsc#1138681).
       - cfg80211: fix memory leak of wiphy device name (bsc#1051510).
       - cpufreq: Add Hygon Dhyana support (fate#327735).
       - cpufreq: AMD: Ignore the check for ProcFeedback in ST/CZ  (fate#327735).
       - cpu/topology: Export die_id (jsc#SLE-5454).
       - Do not restrict NFSv4.2 on openSUSE (bsc#1138719).
       - drbd: Avoid Clang warning about pointless switch statment (bsc#1051510).
       - drbd: disconnect, if the wrong UUIDs are attached on a connected peer
         (bsc#1051510).
       - drbd: narrow rcu_read_lock in drbd_sync_handshake (bsc#1051510).
       - drbd: skip spurious timeout (ping-timeo) when failing promote
         (bsc#1051510).
       - drivers: depend on HAS_IOMEM for devm_platform_ioremap_resource()
         (bsc#1136333 jsc#SLE-4994).
       - drivers: fix a typo in the kernel doc for
         devm_platform_ioremap_resource() (bsc#1136333 jsc#SLE-4994).
       - drivers: provide devm_platform_ioremap_resource() (bsc#1136333
         jsc#SLE-4994).
       - drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error
         handling path in 'rio_dma_transfer()' (bsc#1051510).
       - drivers/rapidio/rio_cm.c: fix potential oops in riocm_ch_listen()
         (bsc#1051510).
       - drivers: thermal: tsens: Do not print error message on -EPROBE_DEFER
         (bsc#1051510).
       - drm: add fallback override/firmware EDID modes workaround (bsc#1111666).
       - drm/amd/display: Use plane->color_space for dpp if specified
         (bsc#1111666).
       - drm/edid: abstract override/firmware EDID retrieval (bsc#1111666).
       - drm/i915: Add new AML_ULX support list (jsc#SLE-4986).
       - drm/i915: Add new ICL PCI ID (jsc#SLE-4986).
       - drm/i915/aml: Add new Amber Lake PCI ID (jsc#SLE-4986).
       - drm/i915: Apply correct ddi translation table for AML device
         (jsc#SLE-4986).
       - drm/i915: Attach the pci match data to the device upon creation
         (jsc#SLE-4986).
       - drm/i915/cfl: Adding another PCI Device ID (jsc#SLE-4986).
       - drm/i915/cml: Add CML PCI IDS (jsc#SLE-4986).
       - drm/i915: Fix uninitialized mask in intel_device_info_subplatform_init
         (jsc#SLE-4986).
       - drm/i915/icl: Adding few more device IDs for Ice Lake (jsc#SLE-4986).
       - drm/i915: Introduce concept of a sub-platform (jsc#SLE-4986).
       - drm/i915: Mark AML 0x87CA as ULX (jsc#SLE-4986).
       - drm/i915: Move final cleanup of drm_i915_private to i915_driver_destroy
         (jsc#SLE-4986).
       - drm/i915/perf: fix whitelist on Gen10+ (bsc#1051510).
       - drm/i915: Remove redundant device id from IS_IRONLAKE_M macro
         (jsc#SLE-4986).
       - drm/i915/sdvo: Implement proper HDMI audio support for SDVO
         (bsc#1051510).
       - drm/i915: Split Pineview device info into desktop and mobile
         (jsc#SLE-4986).
       - drm/i915: Split some PCI ids into separate groups (jsc#SLE-4986).
       - drm/i915: start moving runtime device info to a separate struct
         (jsc#SLE-4986).
       - drm/mediatek: call drm_atomic_helper_shutdown() when unbinding driver
         (bsc#1111666).
       - drm/mediatek: call mtk_dsi_stop() after mtk_drm_crtc_atomic_disable()
         (bsc#1111666).
       - drm/mediatek: clear num_pipes when unbind driver (bsc#1111666).
       - drm/mediatek: fix unbind functions (bsc#1111666).
       - drm/mediatek: unbind components in mtk_drm_unbind() (bsc#1111666).
       - drm/nouveau/disp/dp: respect sink limits when selecting failsafe link
         configuration (bsc#1051510).
       - drm/nouveau/kms/gf119-gp10x: push HeadSetControlOutputResource() mthd
         when encoders change (bsc#1111666).
       - drm/nouveau/kms/gv100-: fix spurious window immediate interlocks
         (bsc#1111666).
       - EDAC, amd64: Add Hygon Dhyana support (fate#327735).
       - EDAC/mc: Fix edac_mc_find() in case no device is found (bsc#1114279).
       - HID: wacom: Add ability to provide explicit battery status info
         (bsc#1051510).
       - HID: wacom: Add support for 3rd generation Intuos BT (bsc#1051510).
       - HID: wacom: Add support for Pro Pen slim (bsc#1051510).
       - HID: wacom: convert Wacom custom usages to standard HID usages
         (bsc#1051510).
       - HID: wacom: Correct button numbering 2nd-gen Intuos Pro over Bluetooth
         (bsc#1051510).
       - HID: wacom: Do not report anything prior to the tool entering range
         (bsc#1051510).
       - HID: wacom: Do not set tool type until we're in range (bsc#1051510).
       - HID: wacom: fix mistake in printk (bsc#1051510).
       - HID: wacom: generic: add the "Report Valid" usage (bsc#1051510).
       - HID: wacom: generic: Ignore HID_DG_BATTERYSTRENTH == 0 (bsc#1051510).
       - HID: wacom: generic: Leave tool in prox until it completely leaves sense
         (bsc#1051510).
       - HID: wacom: generic: Refactor generic battery handling (bsc#1051510).
       - HID: wacom: generic: Report AES battery information (bsc#1051510).
       - HID: wacom: generic: Reset events back to zero when pen leaves
         (bsc#1051510).
       - HID: wacom: generic: Scale battery capacity measurements to percentages
         (bsc#1051510).
       - HID: wacom: generic: Send BTN_STYLUS3 when both barrel switches are set
         (bsc#1051510).
       - HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen enters range
         (bsc#1051510).
       - HID: wacom: generic: Support multiple tools per report (bsc#1051510).
       - HID: wacom: generic: Use generic codepath terminology in
         wacom_wac_pen_report (bsc#1051510).
       - HID: wacom: Mark expected switch fall-through (bsc#1051510).
       - HID: wacom: Move handling of HID quirks into a dedicated function
         (bsc#1051510).
       - HID: wacom: Move HID fix for AES serial number into
         wacom_hid_usage_quirk (bsc#1051510).
       - HID: wacom: Properly handle AES serial number and tool type
         (bsc#1051510).
       - HID: wacom: Queue events with missing type/serial data for later
         processing (bsc#1051510).
       - HID: wacom: Remove comparison of u8 mode with zero and simplify
         (bsc#1051510).
       - HID: wacom: Replace touch_max fixup code with static touch_max
         definitions (bsc#1051510).
       - HID: wacom: Send BTN_TOUCH in response to INTUOSP2_BT eraser contact
         (bsc#1051510).
       - HID: wacom: Support "in range" for Intuos/Bamboo tablets where possible
         (bsc#1051510).
       - HID: Wacom: switch Dell canvas into highres mode (bsc#1051510).
       - HID: wacom: Sync INTUOSP2_BT touch state after each frame if necessary
         (bsc#1051510).
       - HID: wacom: wacom_wac_collection() is local to wacom_wac.c (bsc#1051510).
       - HID: wacom: Work around HID descriptor bug in DTK-2451 and DTH-2452
         (bsc#1051510).
       - hwmon/coretemp: Cosmetic: Rename internal variables to zones from
         packages (jsc#SLE-5454).
       - hwmon/coretemp: Support multi-die/package (jsc#SLE-5454).
       - hwmon: (k10temp) 27C Offset needed for Threadripper2  (FATE#327735).
       - hwmon: (k10temp) Add Hygon Dhyana support (FATE#327735).
       - hwmon: (k10temp) Add support for AMD Ryzen w/ Vega graphics
         (FATE#327735).
       - hwmon: (k10temp) Add support for family 17h (FATE#327735).
       - hwmon: (k10temp) Add support for Stoney Ridge and Bristol  Ridge CPUs
         (FATE#327735).
       - hwmon: (k10temp) Add support for temperature offsets  (FATE#327735).
       - hwmon: (k10temp) Add temperature offset for Ryzen 1900X  (FATE#327735).
       - hwmon: (k10temp) Add temperature offset for Ryzen 2700X  (FATE#327735).
       - hwmon: (k10temp) Correct model name for Ryzen 1600X  (FATE#327735).
       - hwmon: (k10temp) Display both Tctl and Tdie (FATE#327735).
       - hwmon: (k10temp) Fix reading critical temperature register
         (FATE#327735).
       - hwmon: (k10temp) Make function get_raw_temp static  (FATE#327735).
       - hwmon: (k10temp) Move chip specific code into probe function
         (FATE#327735).
       - hwmon: (k10temp) Only apply temperature offset if result is  positive
         (FATE#327735).
       - hwmon: (k10temp) Support all Family 15h Model 6xh and Model  7xh
         processors (FATE#327735).
       - hwmon: k10temp: Support Threadripper 2920X, 2970WX; simplify  offset
         table (FATE#327735).
       - hwmon: (k10temp) Use API function to access System Management  Network
         (FATE#327735).
       - hwmon/k10temp, x86/amd_nb: Consolidate shared device IDs  (FATE#327735).
       - i2c-piix4: Add Hygon Dhyana SMBus support (FATE#327735).
       - ibmveth: Update ethtool settings to reflect virtual properties
         (bsc#1136157, LTC#177197).
       - ipv6: fib: Do not assume only nodes hold a reference on routes
         (bsc#1138732).
       - kabi: Mask no_vf_scan in struct pci_dev (jsc#SLE-5803  FATE#327056).
       - kabi: s390: enum interruption_class (jsc#SLE-5789 bsc#1134730
         LTC#173388).
       - kabi: s390: enum interruption_class (jsc#SLE-5789 FATE#327042
         bsc#1134730 LTC#173388).
       - kabi/severities: Whitelist airq_iv_* (s390-specific)
       - kABI workaround for asus-wmi changes (bsc#1051510).
       - kABI workaround for the new pci_dev.skip_bus_pm field addition
         (bsc#1051510).
       - kabi: x86/topology: Add CPUID.1F multi-die/package support
         (jsc#SLE-5454).
       - kabi: x86/topology: Define topology_logical_die_id() (jsc#SLE-5454).
       - kvm: x86: Include CPUID leaf 0x8000001e in kvm's supported CPUID
         (bsc#1114279).
       - kvm: x86: Include multiple indices with CPUID leaf 0x8000001d
         (bsc#1114279).
       - mfd: intel-lpss: Set the device in reset state when init (bsc#1051510).
       - mfd: tps65912-spi: Add missing of table registration (bsc#1051510).
       - mfd: twl6040: Fix device init errors for ACCCTL register (bsc#1051510).
       - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers
         (bsc#1051510).
       - mmc: mmci: Prevent polling for busy detection in IRQ context
         (bsc#1051510).
       - mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support
         (bsc#1051510).
       - module: Fix livepatch/ftrace module text permissions race  (bsc#1071995
         fate#323487).
       - new primitive: vmemdup_user() (jsc#SLE-4712 bsc#1136156).
       - nl80211: fix station_info pertid memory leak (bsc#1051510).
       - {nl,mac}80211: allow 4addr AP operation on crypto controlled devices
         (bsc#1051510).
       - nvmem: allow to select i.MX nvmem driver for i.MX 7D (bsc#1051510).
       - nvmem: core: fix read buffer in place (bsc#1051510).
       - nvmem: correct Broadcom OTP controller driver writes (bsc#1051510).
       - nvmem: Do not let a NULL cell_id for nvmem_cell_get() crash us
         (bsc#1051510).
       - nvmem: imx-ocotp: Add i.MX7D timing write clock setup support
         (bsc#1051510).
       - nvmem: imx-ocotp: Add support for banked OTP addressing (bsc#1051510).
       - nvmem: imx-ocotp: Enable i.MX7D OTP write support (bsc#1051510).
       - nvmem: imx-ocotp: Move i.MX6 write clock setup to dedicated function
         (bsc#1051510).
       - nvmem: imx-ocotp: Pass parameters via a struct (bsc#1051510).
       - nvmem: imx-ocotp: Restrict OTP write to IMX6 processors (bsc#1051510).
       - nvmem: imx-ocotp: Update module description (bsc#1051510).
       - nvmem: properly handle returned value nvmem_reg_read (bsc#1051510).
       - nvme: skip nvme_update_disk_info() if the controller is not live
         (bsc#1128432).
       - PCI: Disable VF decoding before pcibios_sriov_disable() updates
         resources (jsc#SLE-5803).
       - PCI/IOV: Add flag so platforms can skip VF scanning  (jsc#SLE-5803
         FATE#327056).
       - PCI/IOV: Factor out sriov_add_vfs() (jsc#SLE-5803 FATE#327056).
       - PCI: PM: Avoid possible suspend-to-idle issue (bsc#1051510).
       - perf tools: Add Hygon Dhyana support (fate#327735).
       - perf/x86/intel/cstate: Support multi-die/package (jsc#SLE-5454).
       - perf/x86/intel/rapl: Cosmetic rename internal variables in response to
         multi-die/pkg support (jsc#SLE-5454).
       - perf/x86/intel/rapl: Support multi-die/package (jsc#SLE-5454).
       - perf/x86/intel/uncore: Cosmetic renames in response to multi-die/pkg
         support (jsc#SLE-5454).
       - perf/x86/intel/uncore: Support multi-die/package (jsc#SLE-5454).
       - platform/chrome: cros_ec_proto: check for NULL transfer function
         (bsc#1051510).
       - platform_data/mlxreg: Add capability field to core platform data
         (bsc#1112374).
       - platform_data/mlxreg: additions for Mellanox watchdog driver
         (bsc#1112374).
       - platform_data/mlxreg: Document fixes for core platform data
         (bsc#1112374).
       - platform/mellanox: Add new ODM system types to mlx-platform
         (bsc#1112374).
       - platform/mellanox: Add TmFifo driver for Mellanox BlueField Soc
         (bsc#1136333 jsc#SLE-4994).
       - platform/mellanox: mlxreg-hotplug: Add devm_free_irq call to remove flow
         (bsc#1111666).
       - platform/x86: asus-wmi: Only Tell EC the OS will handle display hotkeys
         from asus_nb_wmi (bsc#1051510).
       - platform/x86: intel_pmc_core: Add ICL platform support (jsc#SLE-5226).
       - platform/x86: intel_pmc_core: Add Package cstates residency info
         (jsc#SLE-5226).
       - platform/x86: intel_pmc_core: Avoid a u32 overflow (jsc#SLE-5226).
       - platform/x86: intel_pmc_core: Include Reserved IP for LTR (jsc#SLE-5226).
       - platform/x86: intel_pmc_core: Mark local function static (jsc#SLE-5226).
       - platform/x86: intel_pmc_core: Quirk to ignore XTAL shutdown
         (jsc#SLE-5226).
       - platform/x86: mlx-platform: Add ASIC hotplug device configuration
         (bsc#1112374).
       - platform/x86: mlx-platform: Add definitions for new registers
         (bsc#1112374).
       - platform/x86: mlx-platform: Add extra CPLD for next generation systems
         (bsc#1112374).
       - platform/x86: mlx-platform: Add LED platform driver activation
         (bsc#1112374).
       - platform/x86: mlx-platform: Add mlxreg-fan platform driver activation
         (bsc#1112374).
       - platform/x86: mlx-platform: Add mlxreg-io platform driver activation
         (bsc#1112374).
       - platform/x86: mlx-platform: Add mlx-wdt platform driver activation
         (bsc#1112374).
       - platform/x86: mlx-platform: Add support for fan capability registers
         (bsc#1112374).
       - platform/x86: mlx-platform: Add support for fan direction register
         (bsc#1112374).
       - platform/x86: mlx-platform: Add support for new VMOD0007 board name
         (bsc#1112374).
       - platform/x86: mlx-platform: Add support for tachometer speed register
         (bsc#1112374).
       - platform/x86: mlx-platform: Add UID LED for the next generation systems
         (bsc#1112374).
       - platform/x86: mlx-platform: Allow mlxreg-io driver activation for more
         systems (bsc#1112374).
       - platform/x86: mlx-platform: Allow mlxreg-io driver activation for new
         systems (bsc#1112374).
       - platform/x86: mlx-platform: Change mlxreg-io configuration for MSN274x
         systems (bsc#1112374).
       - platform/x86: mlx-platform: Convert to use SPDX identifier (bsc#1112374).
       - platform/x86: mlx-platform: Fix access mode for fan_dir attribute
         (bsc#1112374).
       - platform/x86: mlx-platform: Fix copy-paste error in mlxplat_init()
         (bsc#1112374).
       - platform/x86: mlx-platform: Fix LED configuration (bsc#1112374).
       - platform/x86: mlx-platform: Fix parent device in i2c-mux-reg device
         registration (bsc#1051510).
       - platform/x86: mlx-platform: Fix tachometer registers (bsc#1112374).
       - platform/x86: mlx-platform: Remove unused define (bsc#1112374).
       - platform/x86: mlx-platform: Rename new systems product names
         (bsc#1112374).
       - PM / core: Propagate dev->power.wakeup_path when no callbacks
         (bsc#1051510).
       - powercap/intel_rapl: Simplify rapl_find_package() (jsc#SLE-5454).
       - powercap/intel_rapl: Support multi-die/package (jsc#SLE-5454).
       - powercap/intel_rapl: Update RAPL domain name and debug messages
         (jsc#SLE-5454).
       - powerpc/cacheinfo: add cacheinfo_teardown, cacheinfo_rebuild
         (bsc#1138374, LTC#178199).
       - powerpc/pseries: Fix oops in hotplug memory notifier (bsc#1138375,
         LTC#178204).
       - powerpc/pseries/mobility: prevent cpu hotplug during DT update
         (bsc#1138374, LTC#178199).
       - powerpc/pseries/mobility: rebuild cacheinfo hierarchy post-migration
         (bsc#1138374, LTC#178199).
       - power: supply: max14656: fix potential use-before-alloc (bsc#1051510).
       - power: supply: sysfs: prevent endless uevent loop with
         CONFIG_POWER_SUPPLY_DEBUG (bsc#1051510).
       - qlcnic: Avoid potential NULL pointer dereference (bsc#1051510).
       - qmi_wwan: add network device usage statistics for qmimux devices
         (bsc#1051510).
       - qmi_wwan: Add quirk for Quectel dynamic config (bsc#1051510).
       - qmi_wwan: add support for QMAP padding in the RX path (bsc#1051510).
       - qmi_wwan: avoid RCU stalls on device disconnect when in QMAP mode
         (bsc#1051510).
       - qmi_wwan: extend permitted QMAP mux_id value range (bsc#1051510).
       - rapidio: fix a NULL pointer dereference when create_workqueue() fails
         (bsc#1051510).
       - RAS/CEC: Convert the timer callback to a workqueue (bsc#1114279).
       - RAS/CEC: Fix binary search function (bsc#1114279).
       - rbd: do not assert on writes to snapshots (bsc#1137985 bsc#1138681).
       - Revert "ALSA: hda/realtek - Improve the headset mic for Acer Aspire
         laptops" (bsc#1051510).
       - Revert "HID: wacom: generic: Send BTN_TOOL_PEN in prox once the pen
         enters range" (bsc#1051510).
       - Revert "s390/jump_label: Use "jdd" constraint on gcc9 (bsc#1138589)."
         This broke the build with older gcc instead.
       - s390/airq: provide cacheline aligned ivs (jsc#SLE-5789  FATE#327042
         bsc#1134730 LTC#173388).
       - s390/airq: recognize directed interrupts (jsc#SLE-5789  FATE#327042
         bsc#1134730 LTC#173388).
       - s390/dasd: fix using offset into zero size array error (bsc#1051510).
       - s390: enable processes for mio instructions (jsc#SLE-5802  FATE#327055
         bsc#1134738 LTC#173387).
       - s390/ism: move oddities of device IO to wrapper function  (jsc#SLE-5802
         FATE#327055 bsc#1134738 LTC#173387).
       - s390/jump_label: Use "jdd" constraint on gcc9 (bsc#1138589).
       - s390/pci: add parameter to disable usage of MIO instructions
         (jsc#SLE-5802 FATE#327055 bsc#1134738 LTC#173387).
       - s390/pci: add parameter to force floating irqs (jsc#SLE-5789
         FATE#327042 bsc#1134730 LTC#173388).
       - s390/pci: clarify interrupt vector usage (jsc#SLE-5789  FATE#327042
         bsc#1134730 LTC#173388).
       - s390/pci: fix assignment of bus resources (jsc#SLE-5802  FATE#327055
         bsc#1134738 LTC#173387).
       - s390/pci: fix struct definition for set PCI function  (jsc#SLE-5802
         FATE#327055 bsc#1134738 LTC#173387).
       - s390/pci: gather statistics for floating vs directed irqs  (jsc#SLE-5789
         FATE#327042 bsc#1134730 LTC#173388).
       - s390/pci: improve bar check (jsc#SLE-5803 FATE#327056).
       - s390/pci: map IOV resources (jsc#SLE-5803 FATE#327056).
       - s390/pci: mark command line parser data __initdata (jsc#SLE-5789
         FATE#327042 bsc#1134730 LTC#173388).
       - s390/pci: move everything irq related to pci_irq.c (jsc#SLE-5789
         FATE#327042 bsc#1134730 LTC#173388).
       - s390/pci: move io address mapping code to pci_insn.c  (jsc#SLE-5802
         FATE#327055 bsc#1134738 LTC#173387).
       - s390/pci: provide support for CPU directed interrupts  (jsc#SLE-5789
         FATE#327042 bsc#1134730 LTC#173388).
       - s390/pci: provide support for MIO instructions (jsc#SLE-5802
         FATE#327055 bsc#1134738 LTC#173387).
       - s390/pci: remove stale rc (jsc#SLE-5789 FATE#327042 bsc#1134730
         LTC#173388).
       - s390/pci: remove unused define (jsc#SLE-5789 FATE#327042  bsc#1134730
         LTC#173388).
       - s390/pci: skip VF scanning (jsc#SLE-5803 FATE#327056).
       - s390/protvirt: add memory sharing for diag 308 set/store  (jsc#SLE-5759
         FATE#327003 bsc#1135153 LTC#173151).
       - s390/protvirt: block kernel command line alteration  (jsc#SLE-5759
         FATE#327003 bsc#1135153 LTC#173151).
       - s390/qeth: fix race when initializing the IP address table (bsc#1051510).
       - s390/qeth: fix VLAN attribute in bridge_hostnotify udev event
         (bsc#1051510).
       - s390/sclp: detect DIRQ facility (jsc#SLE-5789 FATE#327042  bsc#1134730
         LTC#173388).
       - s390/setup: fix early warning messages (bsc#1051510).
       - s390: show statistics for MSI IRQs (jsc#SLE-5789 FATE#327042
         bsc#1134730 LTC#173388).
       - s390/uv: introduce guest side ultravisor code (jsc#SLE-5759  FATE#327003
         bsc#1135153 LTC#173151).
       - s390/virtio: handle find on invalid queue gracefully (bsc#1051510).
       - sched/topology: Improve load balancing on AMD EPYC (bsc#1137366).
       - scsi: hpsa: bump driver version (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: check for lv removal (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: clean up two indentation issues (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: correct device id issues (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: correct device resets (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: correct ioaccel2 chaining (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: correct simple mode (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: fix an uninitialized read and dereference of pointer dev
         (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: mark expected switch fall-throughs (jsc#SLE-4712
         bsc#1136156).
       - scsi: hpsa: remove timeout from TURs (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: switch to generic DMA API (jsc#SLE-4712 bsc#1136156).
       - scsi: hpsa: Use vmemdup_user to replace the open code (jsc#SLE-4712
         bsc#1136156).
       - scsi: megaraid_sas: Add support for DEVICE_LIST DCMD in driver
         (bsc#1136271).
       - scsi: megaraid_sas: correct an info message (bsc#1136271).
       - scsi: megaraid_sas: driver version update (bsc#1136271).
       - scsi: megaraid_sas: Retry reads of outbound_intr_status reg
         (bsc#1136271).
       - scsi: megaraid_sas: Rework code to get PD and LD list (bsc#1136271).
       - scsi: megaraid_sas: Rework device add code in AEN path (bsc#1136271).
       - scsi: megaraid_sas: Update structures for HOST_DEVICE_LIST DCMD
         (bsc#1136271).
       - scsi: qla2xxx: Fix FC-AL connection target discovery (bsc#1094555).
       - scsi: qla2xxx: Fix N2N target discovery with Local loop (bsc#1094555).
       - scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck() (bsc#1135296).
       - scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from
         port_remove (bsc#1051510).
       - scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host
         (bsc#1051510).
       - scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP
         devices (bsc#1051510).
       - scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only
         sdevs) (bsc#1051510).
       - serial: sh-sci: disable DMA for uart_console (bsc#1051510).
       - SMB3: Fix endian warning (bsc#1137884).
       - soc: mediatek: pwrap: Zero initialize rdata in pwrap_init_cipher
         (bsc#1051510).
       - soc: rockchip: Set the proper PWM for rk3288 (bsc#1051510).
       - spi: bitbang: Fix NULL pointer dereference in spi_unregister_master
         (bsc#1051510).
       - spi: Fix zero length xfer bug (bsc#1051510).
       - spi: pxa2xx: fix SCR (divisor) calculation (bsc#1051510).
       - spi: spi-fsl-spi: call spi_finalize_current_message() at the end
         (bsc#1051510).
       - spi : spi-topcliff-pch: Fix to handle empty DMA buffers (bsc#1051510).
       - spi: tegra114: reset controller on probe (bsc#1051510).
       - supported.conf: added mlxbf_tmfifo (bsc#1136333 jsc#SLE-4994)
       - thermal: rcar_gen3_thermal: disable interrupt in .remove (bsc#1051510).
       - thermal/x86_pkg_temp_thermal: Cosmetic: Rename internal variables to
         zones from packages (jsc#SLE-5454).
       - thermal/x86_pkg_temp_thermal: Support multi-die/package (jsc#SLE-5454).
       - tmpfs: fix link accounting when a tmpfile is linked in (bsc#1051510).
       - tmpfs: fix uninitialized return value in shmem_link (bsc#1051510).
       - tools/cpupower: Add Hygon Dhyana support (fate#327735).
       - topology: Create core_cpus and die_cpus sysfs attributes (jsc#SLE-5454).
       - topology: Create package_cpus sysfs attribute (jsc#SLE-5454).
       - tty: max310x: Fix external crystal register setup (bsc#1051510).
       - usb: dwc2: Fix DMA cache alignment issues (bsc#1051510).
       - usb: serial: pl2303: fix tranceiver suspend mode (bsc#1135642).
       - usb: xhci: avoid null pointer deref when bos field is NULL (bsc#1135642).
       - vfio: ccw: only free cp on final interrupt (bsc#1051510).
       - video: hgafb: fix potential NULL pointer dereference (bsc#1051510).
       - video: imsttfb: fix potential NULL pointer dereferences (bsc#1051510).
       - virtio_console: initialize vtermno value for ports (bsc#1051510).
       - vlan: disable SIOCSHWTSTAMP in container (bsc#1051510).
       - watchdog: imx2_wdt: Fix set_timeout for big timeout values (bsc#1051510).
       - x86/alternative: Init ideal_nops for Hygon Dhyana (fate#327735).
       - x86/amd_nb: Add support for Raven Ridge CPUs (FATE#327735).
       - x86/amd_nb: Check vendor in AMD-only functions (fate#327735).
       - x86/apic: Add Hygon Dhyana support (fate#327735).
       - x86/bugs: Add Hygon Dhyana to the respective mitigation  machinery
         (fate#327735).
       - x86/cpu: Add Icelake model number (jsc#SLE-5226).
       - x86/cpu/amd: Do not force the CPB cap when running under a hypervisor
         (bsc#1114279).
       - x86/cpu: Create Hygon Dhyana architecture support file  (fate#327735).
       - x86/cpufeatures: Carve out CQM features retrieval (jsc#SLE-5382).
       - x86/cpufeatures: Combine word 11 and 12 into a new scattered features
         word (jsc#SLE-5382).
       - x86/cpufeatures: Enumerate the new AVX512 BFLOAT16 instructions
         (jsc#SLE-5382).
       - x86/cpu: Get cache info and setup cache cpumap for Hygon Dhyana
         (fate#327735).
       - x86/cpu/hygon: Fix phys_proc_id calculation logic for multi-die
         processors ().
       - x86/cpu/mtrr: Support TOP_MEM2 and get MTRR number  (fate#327735).
       - x86/events: Add Hygon Dhyana support to PMU infrastructure
         (fate#327735).
       - x86/kvm: Add Hygon Dhyana support to KVM (fate#327735).
       - x86/mce: Add Hygon Dhyana support to the MCA infrastructure
         (fate#327735).
       - x86/mce: Do not disable MCA banks when offlining a CPU on AMD
         (fate#327735).
       - x86/mce: Fix machine_check_poll() tests for error types (bsc#1114279).
       - x86/microcode, cpuhotplug: Add a microcode loader CPU hotplug callback
         (bsc#1114279).
       - x86/microcode: Fix microcode hotplug state (bsc#1114279).
       - x86/microcode: Fix the ancient deprecated microcode loading method
         (bsc#1114279).
       - x86/mm/mem_encrypt: Disable all instrumentation for early SME setup
         (bsc#1114279).
       - x86/pci, x86/amd_nb: Add Hygon Dhyana support to PCI and  northbridge
         (fate#327735).
       - x86/smpboot: Do not use BSP INIT delay and MWAIT to idle on  Dhyana
         (fate#327735).
       - x86/smpboot: Rename match_die() to match_pkg() (jsc#SLE-5454).
       - x86/speculation/mds: Revert CPU buffer clear on double fault exit
         (bsc#1114279).
       - x86/topology: Add CPUID.1F multi-die/package support (jsc#SLE-5454).
       - x86/topology: Create topology_max_die_per_package() (jsc#SLE-5454).
       - x86/topology: Define topology_die_id() (jsc#SLE-5454).
       - x86/topology: Define topology_logical_die_id() (jsc#SLE-5454).
       - x86/umip: Make the UMIP activated message generic (bsc#1138336).
       - x86/umip: Print UMIP line only once (bsc#1138336).
       - x86/xen: Add Hygon Dhyana support to Xen (fate#327735).
       - x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die
         processors (fate#327735).
    
    
    Special Instructions and Notes:
    
       Please reboot the system after installing this update.
    
    Patch Instructions:
    
       To install this SUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
    
       Alternatively you can run the command listed for your product:
    
       - SUSE Linux Enterprise Module for Live Patching 15-SP1:
    
          zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2019-1744=1
    
    
    
    Package List:
    
       - SUSE Linux Enterprise Module for Live Patching 15-SP1 (ppc64le x86_64):
    
          kernel-default-debuginfo-4.12.14-197.7.1
          kernel-default-debugsource-4.12.14-197.7.1
          kernel-default-livepatch-4.12.14-197.7.1
          kernel-default-livepatch-devel-4.12.14-197.7.1
          kernel-livepatch-4_12_14-197_7-default-1-3.3.1
    
    
    References:
    
       https://www.suse.com/security/cve/CVE-2018-16871.html
       https://www.suse.com/security/cve/CVE-2019-12614.html
       https://www.suse.com/security/cve/CVE-2019-12817.html
       https://bugzilla.suse.com/1051510
       https://bugzilla.suse.com/1071995
       https://bugzilla.suse.com/1094555
       https://bugzilla.suse.com/1111666
       https://bugzilla.suse.com/1112374
       https://bugzilla.suse.com/1114279
       https://bugzilla.suse.com/1128432
       https://bugzilla.suse.com/1134730
       https://bugzilla.suse.com/1134738
       https://bugzilla.suse.com/1135153
       https://bugzilla.suse.com/1135296
       https://bugzilla.suse.com/1135642
       https://bugzilla.suse.com/1136156
       https://bugzilla.suse.com/1136157
       https://bugzilla.suse.com/1136271
       https://bugzilla.suse.com/1136333
       https://bugzilla.suse.com/1137103
       https://bugzilla.suse.com/1137194
       https://bugzilla.suse.com/1137366
       https://bugzilla.suse.com/1137884
       https://bugzilla.suse.com/1137985
       https://bugzilla.suse.com/1138263
       https://bugzilla.suse.com/1138336
       https://bugzilla.suse.com/1138374
       https://bugzilla.suse.com/1138375
       https://bugzilla.suse.com/1138589
       https://bugzilla.suse.com/1138681
       https://bugzilla.suse.com/1138719
       https://bugzilla.suse.com/1138732
    
    _______________________________________________
    sle-security-updates mailing list
    This email address is being protected from spambots. You need JavaScript enabled to view it.
    	
    http://lists.suse.com/mailman/listinfo/sle-security-updates
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"36","type":"x","order":"1","pct":50.7,"resources":[]},{"id":"88","title":"Should be more technical","votes":"10","type":"x","order":"2","pct":14.08,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"25","type":"x","order":"3","pct":35.21,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.