SUSE: 2020:0511-1 important: the Linux Kernel
Summary
The SUSE Linux Enterprise 15 SP1 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-14615: An information disclosure vulnerability existed due to
insufficient control flow in certain data structures for some Intel(R)
Processors (bnc#1160195).
- CVE-2019-14896: A heap-based buffer overflow vulnerability was found in
the Marvell WiFi driver. A remote attacker could cause a denial of
service (system crash) or, possibly execute arbitrary code, when the
lbs_ibss_join_existing function is called after a STA connects to an AP
(bnc#1157157).
- CVE-2019-14897: A stack-based buffer overflow was found in the Marvell
WiFi driver. An attacker is able to cause a denial of service (system
crash) or, possibly execute arbitrary code, when a STA works in IBSS
mode (allows connecting stations together without the use of an AP) and
connects to another STA (bnc#1157155).
- CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c. It
did not check the length of variable elements in a beacon head, leading
to a buffer overflow (bnc#1152107).
- CVE-2019-16994: A memory leak existed in sit_init_net() in
net/ipv6/sit.c which might have caused denial of service, aka
CID-07f12b26e21a (bnc#1161523).
- CVE-2019-18808: A memory leak in drivers/crypto/ccp/ccp-ops.c allowed
attackers to cause a denial of service (memory consumption), aka
CID-128c66429247 (bnc#1156259).
- CVE-2019-19036: An issue discovered in btrfs_root_node in
fs/btrfs/ctree.c allowed a NULL pointer dereference because
rcu_dereference(root->node) can be zero (bnc#1157692).
- CVE-2019-19045: A memory leak in
drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to
cause a denial of service (memory consumption) by triggering
mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).
- CVE-2019-19051: A memory leak in drivers/net/wimax/i2400m/op-rfkill.c
allowed attackers to cause a denial of service (memory consumption), aka
CID-6f3ef5c25cc7 (bnc#1159024).
- CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in
drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a
denial of service (memory consumption) by triggering kfifo_alloc()
failures, aka CID-a7b2df76b42b (bnc#1161518).
- CVE-2019-19066: A memory leak in drivers/scsi/bfa/bfad_attr.c allowed
attackers to cause a denial of service (memory consumption), aka
CID-0e62395da2bd (bnc#1157303).
- CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a
use-after-free (bnc#1158026).
- CVE-2019-19319: A slab-out-of-bounds write access could have occured
when setxattr was called after mounting of a specially crafted ext4
image (bnc#1158021).
- CVE-2019-19332: An out-of-bounds memory write issue was found in the way
the KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request
to get CPUID features emulated by the KVM hypervisor. A user or process
able to access the '/dev/kvm' device could have used this flaw to crash
the system (bnc#1158827).
- CVE-2019-19338: There was an incomplete fix for an issue with
Transactional Synchronisation Extensions in the KVM code (bsc#1158954).
- CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing
some operations, and unmounting could have led to a use-after-free in
fs/ext4/super.c (bnc#1158819).
- CVE-2019-19523: There was a use-after-free bug that can be caused by a
malicious USB device in the drivers/usb/misc/adutux.c driver, aka
CID-44efc269db79 (bsc#1158823).
- CVE-2019-19526: There was a use-after-free bug that can be caused by a
malicious USB device in the drivers/nfc/pn533/usb.c driver, aka
CID-6af3aa57a098 (bsc#1158893).
- CVE-2019-19527: There was a use-after-free bug that can be caused by a
malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka
CID-9c09b214f30e (bsc#1158900).
- CVE-2019-19532: There were multiple out-of-bounds write bugs that can be
caused by a malicious USB HID device, aka CID-d9d4b1e46d95 (bsc#1158824).
- CVE-2019-19533: There was an info-leak bug that can be caused by a
malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c
driver, aka CID-a10feaf8c464 (bsc#1158834).
- CVE-2019-19535: There was an info-leak bug that can be caused by a
malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c
driver, aka CID-30a8beeb3042 (bsc#1158903).
- CVE-2019-19537: There was a race condition bug that could be caused by a
malicious USB character device, aka CID-303911cfc5b9. (bsc#1158904).
- CVE-2019-19767: There were multiple use-after-free errors in
__ext4_expand_extra_isize and ext4_xattr_set_entry, related to
fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163 (bnc#1159297).
- CVE-2019-19927: A slab-out-of-bounds read access could have been caused
when mounting a crafted f2fs filesystem image and performing some
operations on it, in drivers/gpu/drm/ttm/ttm_page_alloc.c (bnc#1160147).
- CVE-2019-19965: There was a NULL pointer dereference in
drivers/scsi/libsas/sas_discover.c because of mishandling of port
disconnection during discovery, related to a PHY down race condition,
aka CID-f70267f379b5 (bnc#1159911).
- CVE-2019-19966: There was a use-after-free in cpia2_exit() in
drivers/media/usb/cpia2/cpia2_v4l.c that could have caused a denial of
service, aka CID-dea37a972655 (bnc#1159841).
- CVE-2019-20054: There was a NULL pointer dereference in
drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka
CID-23da9588037e (bnc#1159910).
- CVE-2019-20095: Several memory leaks were found in
drivers/net/wireless/marvell/mwifiex/cfg80211.c, aka CID-003b686ace82
(bnc#1159909).
- CVE-2019-20096: There was a memory leak in __feat_register_sp() in
net/dccp/feat.c, aka CID-1d3ff0950e2b (bnc#1159908).
- CVE-2020-7053: There was a use-after-free (write) in the
i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka
CID-7dc40713618c (bnc#1160966).
- CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which
allowed local users to cause a denial of service (OOPS) or possibly
obtain sensitive information from kernel memory, aka CID-d0cb50185ae9
(bnc#1162109).
- CVE-2020-8648: There was a use-after-free vulnerability in the
n_tty_receive_buf_common function in drivers/tty/n_tty.c (bnc#1162928).
- CVE-2020-8992: An issue was discovered in ext4_protect_reserved_inode in
fs/ext4/block_validity.c that allowed attackers to cause a soft lockup
via a crafted journal size (bnc#1164069).
The following non-security bugs were fixed:
- 6pack,mkiss: fix possible deadlock (bsc#1051510).
- a typo in %kernel_base_conflicts macro name
- ACPI / APEI: Do not wait to serialise with oops messages when panic()ing
(bsc#1051510).
- ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).
- ACPI / LPSS: Ignore acpi_device_fix_up_power() return value
(bsc#1051510).
- ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).
- ACPI / watchdog: Fix init failure with overlapping register regions
(bsc#1162557).
- ACPI / watchdog: Set default timeout in probe (bsc#1162557).
- ACPI: bus: Fix NULL pointer check in acpi_bus_get_private_data()
(bsc#1051510).
- ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion()
(bsc#1051510).
- ACPI: OSL: only free map once in osl.c (bsc#1051510).
- ACPI: PM: Avoid attaching ACPI PM domain to certain devices
(bsc#1051510).
- ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 (bsc#1051510).
- ACPI: video: Do not export a non working backlight interface on MSI
MS-7721 boards (bsc#1051510).
- ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557).
- af_packet: set defaule value for tmo (bsc#1051510).
- ALSA: control: remove useless assignment in .info callback of PCM chmap
element (git-fixes).
- ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666).
- ALSA: echoaudio: simplify get_audio_levels (bsc#1051510).
- ALSA: fireface: fix return value in error path of isochronous resources
reservation (bsc#1051510).
- ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
(git-fixes).
- ALSA: hda - Apply sync-write workaround to old Intel platforms, too
(bsc#1111666).
- ALSA: hda - constify and cleanup static NodeID tables (bsc#1111666).
- ALSA: hda - Downgrade error message for single-cmd fallback (git-fixes).
- ALSA: hda - fixup for the bass speaker on Lenovo Carbon X1 7th gen
(git-fixes).
- ALSA: hda/analog - Minor optimization for SPDIF mux connections
(git-fixes).
- ALSA: hda/ca0132 - Avoid endless loop (git-fixes).
- ALSA: hda/ca0132 - Fix work handling in delayed HP detection (git-fixes).
- ALSA: hda/ca0132 - Keep power on during processing DSP response
(git-fixes).
- ALSA: hda/hdmi - Add new pci ids for AMD GPU display audio (git-fixes).
- ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() (git-fixes).
- ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks
(bsc#1111666).
- ALSA: hda/hdmi - fix atpx_present when CLASS is not VGA (bsc#1051510).
- ALSA: hda/hdmi - Fix duplicate unref of pci_dev (bsc#1051510).
- ALSA: hda/hdmi - fix vgaswitcheroo detection for AMD (git-fixes).
- ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker
(bsc#1111666).
- ALSA: hda/realtek - Add headset Mic no shutup for ALC283 (bsc#1051510).
- ALSA: hda/realtek - Add Headset Mic supported for HP cPC (bsc#1111666).
- ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).
- ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th
gen (bsc#1111666).
- ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too
(bsc#1111666).
- ALSA: hda/realtek - Dell headphone has noise on unmute for ALC236
(git-fixes).
- ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC
(bsc#1111666).
- ALSA: hda/realtek - Fix inverted bass GPIO pin on Acer 8951G (git-fixes).
- ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).
- ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic
supported (bsc#1111666).
- ALSA: hda/realtek - Line-out jack does not work on a Dell AIO
(bsc#1051510).
- ALSA: hda/realtek - More constifications (bsc#1111666).
- ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).
- ALSA: hda: Add Clevo W65_67SB the power_save blacklist (git-fixes).
- ALSA: hda: Add JasperLake PCI ID and codec vid (bsc#1111666).
- ALSA: hda: Clear RIRB status before reading WP (bsc#1111666).
- ALSA: hda: constify copied structure (bsc#1111666).
- ALSA: hda: Constify snd_kcontrol_new items (bsc#1111666).
- ALSA: hda: Constify snd_pci_quirk tables (bsc#1111666).
- ALSA: hda: correct kernel-doc parameter descriptions (bsc#1111666).
- ALSA: hda: hdmi - add Tigerlake support (bsc#1111666).
- ALSA: hda: hdmi - fix pin setup on Tigerlake (bsc#1111666).
- ALSA: hda: More constifications (bsc#1111666).
- ALSA: hda: patch_hdmi: remove warnings with empty body (bsc#1111666).
- ALSA: hda: patch_realtek: fix empty macro usage in if block
(bsc#1111666).
- ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666).
- ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
(git-fixes).
- ALSA: ice1724: Fix sleep-in-atomic in Infrasonic Quartet support code
(bsc#1051510).
- ALSA: oxfw: fix return value in error path of isochronous resources
reservation (bsc#1051510).
- ALSA: pcm: Avoid possible info leaks from PCM stream buffers (git-fixes).
- ALSA: pcm: oss: Avoid potential buffer overflows (git-fixes).
- ALSA: seq: Avoid concurrent access to queue flags (git-fixes).
- ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes).
- ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).
- ALSA: sh: Fix compile warning wrt const (git-fixes).
- ALSA: sh: Fix unused variable warnings (bsc#1111666).
- ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5
(bsc#1111666).
- ALSA: usb-audio: Fix endianess in descriptor validation (bsc#1111666).
- ALSA: usb-audio: fix set_format altsetting sanity check (bsc#1051510).
- ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).
- apparmor: fix unsigned len comparison with less than zero (git-fixes).
- ar5523: check NULL before memcpy() in ar5523_cmd() (bsc#1051510).
- arm64: Revert support for execute-only user mappings (bsc#1160218).
- ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).
- ASoC: compress: fix unsigned integer overflow check (bsc#1051510).
- ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' (bsc#1051510).
- ASoC: Jack: Fix NULL pointer dereference in snd_soc_jack_report
(bsc#1051510).
- ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1
(bsc#1051510).
- ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI
(bsc#1111666).
- ASoC: sun8i-codec: Fix setting DAI data format (git-fixes).
- ASoC: wm8962: fix lambda value (git-fixes).
- ata: ahci: Add shutdown to freeze hardware resources of ahci
(bsc#1164388).
- ath10k: Correct the DMA direction for management tx buffers (bsc#1111666).
- ath10k: fix fw crash by moving chip reset after napi disabled
(bsc#1051510).
- ath10k: pci: Fix comment on ath10k_pci_dump_memory_sram (bsc#1111666).
- ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe
(bsc#1111666).
- ath6kl: Fix off by one error in scan completion (bsc#1051510).
- ath9k: fix storage endpoint lookup (git-fixes).
- atl1e: checking the status of atl1e_write_phy_reg (bsc#1051510).
- audit: Allow auditd to set pid to 0 to end auditing (bsc#1158094).
- batman-adv: Fix DAT candidate selection on little endian systems
(bsc#1051510).
- bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front()
(bsc#1163762).
- bcache: add code comments for state->pool in __btree_sort()
(bsc#1163762).
- bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).
- bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).
- bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).
- bcache: add more accurate error messages in read_super() (bsc#1163762).
- bcache: add readahead cache policy options via sysfs interface
(bsc#1163762).
- bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).
- bcache: avoid unnecessary btree nodes flushing in btree_flush_write()
(bsc#1163762).
- bcache: check return value of prio_read() (bsc#1163762).
- bcache: deleted code comments for dead code in bch_data_insert_keys()
(bsc#1163762).
- bcache: do not export symbols (bsc#1163762).
- bcache: explicity type cast in bset_bkey_last() (bsc#1163762).
- bcache: fix a lost wake-up problem caused by mca_cannibalize_lock
(bsc#1163762).
- bcache: Fix an error code in bch_dump_read() (bsc#1163762).
- bcache: fix deadlock in bcache_allocator (bsc#1163762).
- bcache: fix incorrect data type usage in btree_flush_write()
(bsc#1163762).
- bcache: fix memory corruption in bch_cache_accounting_clear()
(bsc#1163762).
- bcache: fix static checker warning in bcache_device_free() (bsc#1163762).
- bcache: ignore pending signals when creating gc and allocator thread
(bsc#1163762, bsc#1112504).
- bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).
- bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan()
(bsc#1163762).
- bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762).
- bcache: remove macro nr_to_fifo_front() (bsc#1163762).
- bcache: remove member accessed from struct btree (bsc#1163762).
- bcache: remove the extra cflags for request.o (bsc#1163762).
- bcache: Revert "bcache: shrink btree node cache after bch_btree_check()"
(bsc#1163762, bsc#1112504).
- bcma: remove set but not used variable 'sizel' (git-fixes).
- blk-mq: avoid sysfs buffer overflow with too many CPU cores
(bsc#1159377).
- blk-mq: avoid sysfs buffer overflow with too many CPU cores
(bsc#1163840).
- blk-mq: make sure that line break can be printed (bsc#1159377).
- blk-mq: make sure that line break can be printed (bsc#1164098).
- Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510).
- Bluetooth: hci_bcm: Handle specific unknown packets after firmware
loading (bsc#1051510).
- bnxt: apply computed clamp value for coalece parameter (bsc#1104745).
- bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).
- bnxt_en: Return error if FW returns more data than dump length
(bsc#1104745).
- bonding: fix active-backup transition after link failure (git-fixes).
- bonding: fix potential NULL deref in bond_update_slave_arr (bsc#1051510).
- bonding: fix slave stuck in BOND_LINK_FAIL state
(networking-stable-19_11_10).
- bonding: fix state transition issue in link monitoring
(networking-stable-19_11_10).
- bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).
- bpf, offload: Unlock on error in bpf_offload_dev_create() (bsc#1109837).
- bpf/sockmap: Read psock ingress_msg before sk_receive_queue
(bsc#1083647).
- bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() (bsc#1083647).
- bpf: add self-check logic to liveness analysis (bsc#1160618).
- bpf: add verifier stats and log_level bit 2 (bsc#1160618).
- bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).
- bpf: improve stacksafe state comparison (bco#1160618).
- bpf: improve verification speed by droping states (bsc#1160618).
- bpf: improve verification speed by not remarking live_read (bsc#1160618).
- bpf: improve verifier branch analysis (bsc#1160618).
- bpf: increase complexity limit and maximum program size (bsc#1160618).
- bpf: increase verifier log limit (bsc#1160618).
- bpf: Make use of probe_user_write in probe write helper (bsc#1083647).
- bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).
- bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).
- bpf: Sanity check max value for var_off stack access (bco#1160618).
- bpf: skmsg, fix potential psock NULL pointer dereference (bsc#1109837).
- bpf: speed up stacksafe check (bco#1160618).
- bpf: Support variable offset stack access from helpers (bco#1160618).
- bpf: verifier: teach the verifier to reason about the BPF_JSET
instruction (bco#1160618).
- brcmfmac: fix interface sanity check (git-fixes).
- brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() (bsc#1111666).
- brcmfmac: Fix memory leak in brcmf_usbdev_qinit (git-fixes).
- brcmfmac: Fix use after free in brcmf_sdio_readframes() (git-fixes).
- brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362
(bsc#1111666).
- brcmfmac: set F2 watermark to 256 for 4373 (bsc#1111666).
- brcmfmac: set SDIO F1 MesBusyCtrl for CYW4373 (bsc#1111666).
- btrfs: abort transaction after failed inode updates in create_subvol
(bsc#1161936).
- btrfs: add missing extents release on file extent cluster relocation
error (bsc#1159483).
- btrfs: avoid fallback to transaction commit during fsync of files with
holes (bsc#1159569).
- btrfs: dev-replace: remove warning for unknown return codes when
finished (dependency for bsc#1162067).
- btrfs: do not call synchronize_srcu() in inode_tree_del (bsc#1161934).
- btrfs: do not double lock the subvol_sem for rename exchange
(bsc#1162943).
- btrfs: Ensure we trim ranges across block group boundary (bsc#1151910).
- btrfs: fix block group remaining RO forever after error during device
replace (bsc#1160442).
- btrfs: fix btrfs_write_inode vs delayed iput deadlock (bsc#1154243).
- btrfs: fix infinite loop during fsync after rename operations
(bsc#1163383).
- btrfs: fix infinite loop during nocow writeback due to race
(bsc#1160804).
- btrfs: fix integer overflow in calc_reclaim_items_nr (bsc#1160433).
- btrfs: fix missing data checksums after replaying a log tree
(bsc#1161931).
- btrfs: fix negative subv_writers counter and data space leak after
buffered write (bsc#1160802).
- btrfs: fix race between adding and putting tree mod seq elements and
nodes (bsc#1163384).
- btrfs: fix removal logic of the tree mod log that leads to
use-after-free issues (bsc#1160803).
- btrfs: fix selftests failure due to uninitialized i_mode in test inodes
(Fix for dependency of bsc#1157692).
- btrfs: handle ENOENT in btrfs_uuid_tree_iterate (bsc#1161937).
- btrfs: harden agaist duplicate fsid on scanned devices (bsc#1134973).
- btrfs: inode: Verify inode mode to avoid NULL pointer dereference
(dependency for bsc#1157692).
- btrfs: make tree checker detect checksum items with overlapping ranges
(bsc#1161931).
- btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it
(dependency for bsc#1157692).
- btrfs: record all roots for rename exchange on a subvol (bsc#1161933).
- btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).
- btrfs: scrub: Require mandatory block group RO for dev-replace
(bsc#1162067).
- btrfs: send, skip backreference walking for extents with many references
(bsc#1162139).
- btrfs: simplify inode locking for RWF_NOWAIT (git-fixes).
- btrfs: skip log replay on orphaned roots (bsc#1161935).
- btrfs: tree-checker: Check chunk item at tree block read time
(dependency for bsc#1157692).
- btrfs: tree-checker: Check level for leaves and nodes (dependency for
bsc#1157692).
- btrfs: tree-checker: Enhance chunk checker to validate chunk profile
(dependency for bsc#1157692).
- btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency
of bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in block_group_err (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_block_group_item
(dependency for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_csum_item (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_dev_item (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_dir_item (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_extent_data_item
(dependency for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_inode_item (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_leaf (dependency for
bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in check_leaf_item (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in chunk_err (dependency for
bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in dev_item_err (dependency for
bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in dir_item_err (dependency for
bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in file_extent_err (dependency
for bsc#1157692).
- btrfs: tree-checker: get fs_info from eb in generic_err (dependency for
bsc#1157692).
- btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN
instead of EIO (dependency for bsc#1157692).
- btrfs: tree-checker: Make chunk item checker messages more readable
(dependency for bsc#1157692).
- btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).
- btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).
- btrfs: volumes: Use more straightforward way to calculate map length
(bsc#1151910).
- can, slip: Protect tty->disc_data in write_wakeup and close with RCU
(bsc#1051510).
- can: can_dropped_invalid_skb(): ensure an initialized headroom in
outgoing CAN sk_buffs (bsc#1051510).
- can: c_can: D_CAN: c_can_chip_config(): perform a sofware reset on open
(bsc#1051510).
- can: gs_usb: gs_usb_probe(): use descriptors of current altsetting
(bsc#1051510).
- can: mscan: mscan_rx_poll(): fix rx path lockup when returning from
polling to irq mode (bsc#1051510).
- can: peak_usb: report bus recovery as well (bsc#1051510).
- can: rx-offload: can_rx_offload_irq_offload_fifo(): continue on error
(bsc#1051510).
- can: rx-offload: can_rx_offload_irq_offload_timestamp(): continue on
error (bsc#1051510).
- can: rx-offload: can_rx_offload_offload_one(): increment rx_fifo_errors on queue overflow or OOM (bsc#1051510).
- can: rx-offload: can_rx_offload_offload_one(): use ERR_PTR() to
propagate error value in case of errors (bsc#1051510).
- can: slcan: Fix use-after-free Read in slcan_open (bsc#1051510).
- CDC-NCM: handle incomplete transfer of MTU (networking-stable-19_11_10).
- cdrom: respect device capabilities during opening action (boo#1164632).
- cfg80211/mac80211: make ieee80211_send_layer2_update a public function
(bsc#1051510).
- cfg80211: check for set_wiphy_params (bsc#1051510).
- cfg80211: fix deadlocks in autodisconnect work (bsc#1111666).
- cfg80211: fix memory leak in cfg80211_cqm_rssi_update (bsc#1111666).
- cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).
- cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).
- chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849).
- cifs: add support for flock (bsc#1144333).
- cifs: Close cached root handle only if it had a lease (bsc#1144333).
- cifs: Close open handle after interrupted close (bsc#1144333).
- cifs: close the shared root handle on tree disconnect (bsc#1144333).
- cifs: Do not miss cancelled OPEN responses (bsc#1144333).
- cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).
- cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()
(bsc#1144333).
- cifs: fix mount option display for sec=krb5i (bsc#1161907).
- cifs: Fix mount options set in automount (bsc#1144333).
- cifs: Fix NULL pointer dereference in mid callback (bsc#1144333).
- cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks
(bsc#1144333).
- cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).
- cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).
- cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).
- cifs: Properly process SMB3 lease breaks (bsc#1144333).
- cifs: remove set but not used variables 'cinode' and 'netfid'
(bsc#1144333).
- cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1144333).
- clk: Do not try to enable critical clocks if prepare failed
(bsc#1051510).
- clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).
- clk: mmp2: Fix the order of timer mux parents (bsc#1051510).
- clk: qcom: rcg2: Do not crash if our parent can't be found; return an
error (bsc#1051510).
- clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).
- clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).
- clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering
(bsc#1051510).
- clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).
- clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510).
- clk: sunxi: sun9i-mmc: Implement reset callback for reset controls
(bsc#1051510).
- clk: tegra: Mark fuse clock as critical (bsc#1051510).
- clocksource/drivers/bcm2835_timer: Fix memory leak of timer
(bsc#1051510).
- clocksource: Prevent double add_timer_on() for watchdog_timer
(bsc#1051510).
- closures: fix a race on wakeup from closure_sync (bsc#1163762).
- configfs_register_group() shouldn't be (and isn't) called in rmdirable
parts (bsc#1051510).
- copy/pasted "Recommends:" instead of "Provides:", "Obsoletes:" and
"Conflicts:
- Cover up kABI breakage due to DH key verification (bsc#1155331).
- crypto: af_alg - Use bh_lock_sock in sk_destruct (bsc#1051510).
- crypto: api - Check spawn->alg under lock in crypto_drop_spawn
(bsc#1051510).
- crypto: api - Fix race condition in crypto_spawn_alg (bsc#1051510).
- crypto: atmel-sha - fix error handling when setting hmac key
(bsc#1051510).
- crypto: caam/qi2 - fix typo in algorithm's driver name (bsc#1111666).
- crypto: ccp - fix uninitialized list head (bsc#1051510).
- crypto: chelsio - fix writing tfm flags to wrong place (bsc#1051510).
- crypto: dh - add public key verification test (bsc#1155331).
- crypto: dh - fix calculating encoded key size (bsc#1155331).
- crypto: dh - fix memory leak (bsc#1155331).
- crypto: dh - update test for public key verification (bsc#1155331).
- crypto: DRBG - add FIPS 140-2 CTRNG for noise source (bsc#1155334).
- crypto: ecdh - add public key verification test (bsc#1155331).
- crypto: ecdh - fix typo of P-192 b value (bsc#1155331).
- crypto: mxc-scc - fix build warnings on ARM64 (bsc#1051510).
- crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
(bsc#1051510).
- crypto: picoxcell - adjust the position of tasklet_init and fix missed
tasklet_kill (bsc#1051510).
- crypto: reexport crypto_shoot_alg() (bsc#1051510, kABI fix).
- cxgb4: request the TX CIDX updates to status page (bsc#1127371).
- dma-buf: Fix memory leak in sync_file_merge() (git-fixes).
- dma-mapping: fix return type of dma_set_max_seg_size() (bsc#1051510).
- dmaengine: coh901318: Fix a double-lock bug (bsc#1051510).
- dmaengine: coh901318: Remove unused variable (bsc#1051510).
- dmaengine: Fix access to uninitialized dma_slave_caps (bsc#1051510).
- Documentation: Document arm64 kpti control (bsc#1162623).
- drivers/base/memory.c: cache blocks in radix tree to accelerate lookup
(bsc#1159955 ltc#182993).
- drivers/base/memory.c: do not access uninitialized memmaps in
soft_offline_page_store() (bsc#1051510).
- drivers/base/platform.c: kmemleak ignore a known leak (bsc#1051510).
- drivers/regulator: fix a missing check of return value (bsc#1051510).
- drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero
(bsc#1111666).
- drm/amd/powerplay: remove set but not used variable 'us_mvdd'
(bsc#1111666).
- drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc (bsc#1111666).
- drm/amdgpu: add function parameter description in
'amdgpu_device_set_cg_state' (bsc#1111666).
- drm/amdgpu: add function parameter description in 'amdgpu_gart_bind'
(bsc#1051510).
- drm/amdgpu: fix bad DMA from INTERRUPT_CNTL2 (bsc#1114279)
- drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2)
(bsc#1111666).
- drm/amdgpu: remove 4 set but not used variable in
amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510).
- drm/amdgpu: remove always false comparison in
'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510).
- drm/amdgpu: remove set but not used variable 'amdgpu_connector'
(bsc#1051510).
- drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).
- drm/amdgpu: remove set but not used variable 'dig_connector'
(bsc#1051510).
- drm/amdgpu: remove set but not used variable 'invalid' (bsc#1111666).
- drm/amdgpu: remove set but not used variable 'mc_shared_chmap'
(bsc#1051510).
- drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from
'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510).
- drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (bsc#1051510).
- drm/fb-helper: Round up bits_per_pixel if possible (bsc#1051510).
- drm/i810: Prevent underflow in ioctl (bsc#1114279)
- drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)
- drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)
- drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)
- drm/i915/perf: add missing delay for OA muxes configuration
(bsc#1111666).
- drm/i915: Add missing include file
References
#1046303 #1050244 #1050549 #1051510 #1051858
#1061840 #1065600 #1065729 #1071995 #1083647
#1085030 #1086301 #1086313 #1086314 #1088810
#1090888 #1103989 #1103990 #1103991 #1104353
#1104427 #1104745 #1105392 #1109837 #1111666
#1112178 #1112374 #1112504 #1113956 #1114279
#1114685 #1115026 #1118338 #1118661 #1123328
#1126206 #1127371 #1127611 #1127682 #1129551
#1133021 #1133147 #1134973 #1140025 #1142685
#1143959 #1144162 #1144333 #1151548 #1151910
#1151927 #1152107 #1152631 #1153535 #1153917
#1154243 #1154601 #1154768 #1154916 #1155331
#1155334 #1155689 #1156259 #1156286 #1156462
#1157155 #1157157 #1157169 #1157303 #1157424
#1157480 #1157692 #1157853 #1157895 #1157908
#1157966 #1158013 #1158021 #1158026 #1158071
#1158094 #1158132 #1158381 #1158533 #1158819
#1158823 #1158824 #1158827 #1158834 #1158893
#1158900 #1158903 #1158904 #1158954 #1159024
#1159028 #1159271 #1159297 #1159377 #1159394
#1159483 #1159484 #1159500 #1159569 #1159588
#1159841 #1159908 #1159909 #1159910 #1159911
#1159955 #1160147 #1160195 #1160210 #1160211
#1160218 #1160433 #1160442 #1160469 #1160470
#1160476 #1160560 #1160618 #1160678 #1160755
#1160756 #1160784 #1160787 #1160802 #1160803
#1160804 #1160917 #1160966 #1160979 #1161087
#1161243 #1161360 #1161472 #1161514 #1161518
#1161522 #1161523 #1161549 #1161552 #1161674
#1161702 #1161907 #1161931 #1161933 #1161934
#1161935 #1161936 #1161937 #1162028 #1162067
#1162109 #1162139 #1162557 #1162617 #1162618
#1162619 #1162623 #1162928 #1162943 #1163206
#1163383 #1163384 #1163762 #1163774 #1163836
#1163840 #1163841 #1163842 #1163843 #1163844
#1163845 #1163846 #1163849 #1163850 #1163851
#1163852 #1163853 #1163855 #1163856 #1163857
#1163858 #1163859 #1163860 #1163861 #1163862
#1163863 #1163867 #1163869 #1163880 #1164051
#1164069 #1164098 #1164115 #1164314 #1164315
#1164388 #1164471 #1164598 #1164632
Cross- CVE-2019-14615 CVE-2019-14896 CVE-2019-14897
CVE-2019-16746 CVE-2019-16994 CVE-2019-18808
CVE-2019-19036 CVE-2019-19045 CVE-2019-19051
CVE-2019-19054 CVE-2019-19066 CVE-2019-19318
CVE-2019-19319 CVE-2019-19332 CVE-2019-19338
CVE-2019-19447 CVE-2019-19523 CVE-2019-19526
CVE-2019-19527 CVE-2019-19532 CVE-2019-19533
CVE-2019-19535 CVE-2019-19537 CVE-2019-19767
CVE-2019-19927 CVE-2019-19965 CVE-2019-19966
CVE-2019-20054 CVE-2019-20095 CVE-2019-20096
CVE-2020-7053 CVE-2020-8428 CVE-2020-8648
CVE-2020-8992
Affected Products:
SUSE Linux Enterprise Module for Public Cloud 15-SP1
https://www.suse.com/security/cve/CVE-2019-14615.html
https://www.suse.com/security/cve/CVE-2019-14896.html
https://www.suse.com/security/cve/CVE-2019-14897.html
https://www.suse.com/security/cve/CVE-2019-16746.html
https://www.suse.com/security/cve/CVE-2019-16994.html
https://www.suse.com/security/cve/CVE-2019-18808.html
https://www.suse.com/security/cve/CVE-2019-19036.html
https://www.suse.com/security/cve/CVE-2019-19045.html
https://www.suse.com/security/cve/CVE-2019-19051.html
https://www.suse.com/security/cve/CVE-2019-19054.html
https://www.suse.com/security/cve/CVE-2019-19066.html
https://www.suse.com/security/cve/CVE-2019-19318.html
https://www.suse.com/security/cve/CVE-2019-19319.html
https://www.suse.com/security/cve/CVE-2019-19332.html
https://www.suse.com/security/cve/CVE-2019-19338.html
https://www.suse.com/security/cve/CVE-2019-19447.html
https://www.suse.com/security/cve/CVE-2019-19523.html
https://www.suse.com/security/cve/CVE-2019-19526.html
https://www.suse.com/security/cve/CVE-2019-19527.html
https://www.suse.com/security/cve/CVE-2019-19532.html
https://www.suse.com/security/cve/CVE-2019-19533.html
https://www.suse.com/security/cve/CVE-2019-19535.html
https://www.suse.com/security/cve/CVE-2019-19537.html
https://www.suse.com/security/cve/CVE-2019-19767.html
https://www.suse.com/security/cve/CVE-2019-19927.html
https://www.suse.com/security/cve/CVE-2019-19965.html
https://www.suse.com/security/cve/CVE-2019-19966.html
https://www.suse.com/security/cve/CVE-2019-20054.html
https://www.suse.com/security/cve/CVE-2019-20095.html
https://www.suse.com/security/cve/CVE-2019-20096.html
https://www.suse.com/security/cve/CVE-2020-7053.html
https://www.suse.com/security/cve/CVE-2020-8428.html
https://www.suse.com/security/cve/CVE-2020-8648.html
https://www.suse.com/security/cve/CVE-2020-8992.html
https://bugzilla.suse.com/1046303
https://bugzilla.suse.com/1050244
https://bugzilla.suse.com/1050549
https://bugzilla.suse.com/1051510
https://bugzilla.suse.com/1051858
https://bugzilla.suse.com/1061840
https://bugzilla.suse.com/1065600
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1071995
https://bugzilla.suse.com/1083647
https://bugzilla.suse.com/1085030
https://bugzilla.suse.com/1086301
https://bugzilla.suse.com/1086313
https://bugzilla.suse.com/1086314
https://bugzilla.suse.com/1088810
https://bugzilla.suse.com/1090888
https://bugzilla.suse.com/1103989
https://bugzilla.suse.com/1103990
https://bugzilla.suse.com/1103991
https://bugzilla.suse.com/1104353
https://bugzilla.suse.com/1104427
https://bugzilla.suse.com/1104745
https://bugzilla.suse.com/1105392
https://bugzilla.suse.com/1109837
https://bugzilla.suse.com/1111666
https://bugzilla.suse.com/1112178
https://bugzilla.suse.com/1112374
https://bugzilla.suse.com/1112504
https://bugzilla.suse.com/1113956
https://bugzilla.suse.com/1114279
https://bugzilla.suse.com/1114685
https://bugzilla.suse.com/1115026
https://bugzilla.suse.com/1118338
https://bugzilla.suse.com/1118661
https://bugzilla.suse.com/1123328
https://bugzilla.suse.com/1126206
https://bugzilla.suse.com/1127371
https://bugzilla.suse.com/1127611
https://bugzilla.suse.com/1127682
https://bugzilla.suse.com/1129551
https://bugzilla.suse.com/1133021
https://bugzilla.suse.com/1133147
https://bugzilla.suse.com/1134973
https://bugzilla.suse.com/1140025
https://bugzilla.suse.com/1142685
https://bugzilla.suse.com/1143959
https://bugzilla.suse.com/1144162
https://bugzilla.suse.com/1144333
https://bugzilla.suse.com/1151548
https://bugzilla.suse.com/1151910
https://bugzilla.suse.com/1151927
https://bugzilla.suse.com/1152107
https://bugzilla.suse.com/1152631
https://bugzilla.suse.com/1153535
https://bugzilla.suse.com/1153917
https://bugzilla.suse.com/1154243
https://bugzilla.suse.com/1154601
https://bugzilla.suse.com/1154768
https://bugzilla.suse.com/1154916
https://bugzilla.suse.com/1155331
https://bugzilla.suse.com/1155334
https://bugzilla.suse.com/1155689
https://bugzilla.suse.com/1156259
https://bugzilla.suse.com/1156286
https://bugzilla.suse.com/1156462
https://bugzilla.suse.com/1157155
https://bugzilla.suse.com/1157157
https://bugzilla.suse.com/1157169
https://bugzilla.suse.com/1157303
https://bugzilla.suse.com/1157424
https://bugzilla.suse.com/1157480
https://bugzilla.suse.com/1157692
https://bugzilla.suse.com/1157853
https://bugzilla.suse.com/1157895
https://bugzilla.suse.com/1157908
https://bugzilla.suse.com/1157966
https://bugzilla.suse.com/1158013
https://bugzilla.suse.com/1158021
https://bugzilla.suse.com/1158026
https://bugzilla.suse.com/1158071
https://bugzilla.suse.com/1158094
https://bugzilla.suse.com/1158132
https://bugzilla.suse.com/1158381
https://bugzilla.suse.com/1158533
https://bugzilla.suse.com/1158819
https://bugzilla.suse.com/1158823
https://bugzilla.suse.com/1158824
https://bugzilla.suse.com/1158827
https://bugzilla.suse.com/1158834
https://bugzilla.suse.com/1158893
https://bugzilla.suse.com/1158900
https://bugzilla.suse.com/1158903
https://bugzilla.suse.com/1158904
https://bugzilla.suse.com/1158954
https://bugzilla.suse.com/1159024
https://bugzilla.suse.com/1159028
https://bugzilla.suse.com/1159271
https://bugzilla.suse.com/1159297
https://bugzilla.suse.com/1159377
https://bugzilla.suse.com/1159394
https://bugzilla.suse.com/1159483
https://bugzilla.suse.com/1159484
https://bugzilla.suse.com/1159500
https://bugzilla.suse.com/1159569
https://bugzilla.suse.com/1159588
https://bugzilla.suse.com/1159841
https://bugzilla.suse.com/1159908
https://bugzilla.suse.com/1159909
https://bugzilla.suse.com/1159910
https://bugzilla.suse.com/1159911
https://bugzilla.suse.com/1159955
https://bugzilla.suse.com/1160147
https://bugzilla.suse.com/1160195
https://bugzilla.suse.com/1160210
https://bugzilla.suse.com/1160211
https://bugzilla.suse.com/1160218
https://bugzilla.suse.com/1160433
https://bugzilla.suse.com/1160442
https://bugzilla.suse.com/1160469
https://bugzilla.suse.com/1160470
https://bugzilla.suse.com/1160476
https://bugzilla.suse.com/1160560
https://bugzilla.suse.com/1160618
https://bugzilla.suse.com/1160678
https://bugzilla.suse.com/1160755
https://bugzilla.suse.com/1160756
https://bugzilla.suse.com/1160784
https://bugzilla.suse.com/1160787
https://bugzilla.suse.com/1160802
https://bugzilla.suse.com/1160803
https://bugzilla.suse.com/1160804
https://bugzilla.suse.com/1160917
https://bugzilla.suse.com/1160966
https://bugzilla.suse.com/1160979
https://bugzilla.suse.com/1161087
https://bugzilla.suse.com/1161243
https://bugzilla.suse.com/1161360
https://bugzilla.suse.com/1161472
https://bugzilla.suse.com/1161514
https://bugzilla.suse.com/1161518
https://bugzilla.suse.com/1161522
https://bugzilla.suse.com/1161523
https://bugzilla.suse.com/1161549
https://bugzilla.suse.com/1161552
https://bugzilla.suse.com/1161674
https://bugzilla.suse.com/1161702
https://bugzilla.suse.com/1161907
https://bugzilla.suse.com/1161931
https://bugzilla.suse.com/1161933
https://bugzilla.suse.com/1161934
https://bugzilla.suse.com/1161935
https://bugzilla.suse.com/1161936
https://bugzilla.suse.com/1161937
https://bugzilla.suse.com/1162028
https://bugzilla.suse.com/1162067
https://bugzilla.suse.com/1162109
https://bugzilla.suse.com/1162139
https://bugzilla.suse.com/1162557
https://bugzilla.suse.com/1162617
https://bugzilla.suse.com/1162618
https://bugzilla.suse.com/1162619
https://bugzilla.suse.com/1162623
https://bugzilla.suse.com/1162928
https://bugzilla.suse.com/1162943
https://bugzilla.suse.com/1163206
https://bugzilla.suse.com/1163383
https://bugzilla.suse.com/1163384
https://bugzilla.suse.com/1163762
https://bugzilla.suse.com/1163774
https://bugzilla.suse.com/1163836
https://bugzilla.suse.com/1163840
https://bugzilla.suse.com/1163841
https://bugzilla.suse.com/1163842
https://bugzilla.suse.com/1163843
https://bugzilla.suse.com/1163844
https://bugzilla.suse.com/1163845
https://bugzilla.suse.com/1163846
https://bugzilla.suse.com/1163849
https://bugzilla.suse.com/1163850
https://bugzilla.suse.com/1163851
https://bugzilla.suse.com/1163852
https://bugzilla.suse.com/1163853
https://bugzilla.suse.com/1163855
https://bugzilla.suse.com/1163856
https://bugzilla.suse.com/1163857
https://bugzilla.suse.com/1163858
https://bugzilla.suse.com/1163859
https://bugzilla.suse.com/1163860
https://bugzilla.suse.com/1163861
https://bugzilla.suse.com/1163862
https://bugzilla.suse.com/1163863
https://bugzilla.suse.com/1163867
https://bugzilla.suse.com/1163869
https://bugzilla.suse.com/1163880
https://bugzilla.suse.com/1164051
https://bugzilla.suse.com/1164069
https://bugzilla.suse.com/1164098
https://bugzilla.suse.com/1164115
https://bugzilla.suse.com/1164314
https://bugzilla.suse.com/1164315
https://bugzilla.suse.com/1164388
https://bugzilla.suse.com/1164471
https://bugzilla.suse.com/1164598
https://bugzilla.suse.com/1164632