SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2999-1 Rating: important References: #1055186 #1058115 #1065600 #1065729 #1094244 #1112178 #1113956 #1136666 #1152148 #1154366 #1163524 #1165629 #1166965 #1167527 #1168468 #1169790 #1169972 #1170232 #1171558 #1171675 #1171688 #1171742 #1172073 #1172538 #1172873 #1173060 #1173115 #1174003 #1174354 #1174899 #1175228 #1175515 #1175520 #1175528 #1175667 #1175691 #1175716 #1175749 #1175873 #1175882 #1176011 #1176022 #1176038 #1176069 #1176235 #1176242 #1176278 #1176316 #1176317 #1176318 #1176319 #1176320 #1176321 #1176381 #1176395 #1176410 #1176423 #1176482 #1176507 #1176536 #1176544 #1176545 #1176546 #1176548 #1176659 #1176698 #1176699 #1176700 #1176721 #1176722 #1176725 #1176732 #1176788 #1176789 #1176869 #1176877 #1176935 #1176946 #1176950 #1176962 #1176966 #1176990 #1177027 #1177030 #1177041 #1177042 #1177043 #1177044 #1177121 #1177206 #1177258 #1177291 #1177293 #1177294 #1177295 #1177296 #1177340 #1177511 #802154 Cross-References: CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-14381 CVE-2020-14386 CVE-2020-14390 CVE-2020-1749 CVE-2020-2521 CVE-2020-25212 CVE-2020-25284 CVE-2020-25641 CVE-2020-25643 CVE-2020-25645 CVE-2020-26088 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP5 ______________________________________________________________________________ An update that solves 15 vulnerabilities and has 84 fixes is now available. Description: The SUSE Linux Enterprise 12 SP5 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423). - CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725). - CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722). - CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721). - CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011). - CVE-2020-14386: Fixed a memory corruption which could have been exploited to gain root privileges from unprivileged processes (bsc#1176069). - CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235). - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1165629). - CVE-2020-25212: Fixed A TOCTOU mismatch in the NFS client code which could have been used by local attackers to corrupt memory (bsc#1176381). - CVE-2020-2521: Fixed getxattr kernel panic and memory overflow (bsc#1176381). - CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). - CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206). - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511). - CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990). The following non-security bugs were fixed: - ACPI: EC: Reference count query handlers under lock (git-fixes). - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - airo: Fix read overflows sending packets (git-fixes). - ALSA: asihpi: fix iounmap in error handler (git-fixes). - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes). - ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes). - ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes). - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes). - ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes). - altera-stapl: altera_get_note: prevent write beyond end of 'key' (git-fixes). - amd-xgbe: Add a check for an skb in the timestamp path (git-fixes). - amd-xgbe: Add additional dynamic debug messages (git-fixes). - amd-xgbe: Add additional ethtool statistics (git-fixes). - amd-xgbe: Add ethtool show/set channels support (git-fixes). - amd-xgbe: Add ethtool show/set ring parameter support (git-fixes). - amd-xgbe: Add ethtool support to retrieve SFP module info (git-fixes). - amd-xgbe: Add hardware features debug output (git-fixes). - amd-xgbe: Add NUMA affinity support for IRQ hints (git-fixes). - amd-xgbe: Add NUMA affinity support for memory allocations (git-fixes). - amd-xgbe: Add per queue Tx and Rx statistics (git-fixes). - amd-xgbe: Advertise FEC support with the KR re-driver (git-fixes). - amd-xgbe: Always attempt link training in KR mode (git-fixes). - amd-xgbe: Be sure driver shuts down cleanly on module removal (git-fixes). - amd-xgbe: Convert to generic power management (git-fixes). - amd-xgbe: Fix debug output of max channel counts (git-fixes). - amd-xgbe: Fix error path in xgbe_mod_init() (git-fixes). - amd-xgbe: Fixes for working with PHYs that support 2.5GbE (git-fixes). - amd-xgbe: Fix SFP PHY supported/advertised settings (git-fixes). - amd-xgbe: fix spelling mistake: "avialable" -> "available" (git-fixes). - amd-xgbe: Handle return code from software reset function (git-fixes). - amd-xgbe: Improve SFP 100Mbps auto-negotiation (git-fixes). - amd-xgbe: Interrupt summary bits are h/w version dependent (git-fixes). - amd-xgbe: Limit the I2C error messages that are output (git-fixes). - amd-xgbe: Mark expected switch fall-throughs (git-fixes). - amd-xgbe: Optimize DMA channel interrupt enablement (git-fixes). - amd-xgbe: Prepare for ethtool set-channel support (git-fixes). - amd-xgbe: Read and save the port property registers during probe (git-fixes). - amd-xgbe: Remove field that indicates SFP diagnostic support (git-fixes). - amd-xgbe: remove unnecessary conversion to bool (git-fixes). - amd-xgbe: Remove use of comm_owned field (git-fixes). - amd-xgbe: Set the MDIO mode for 10000Base-T configuration (git-fixes). - amd-xgbe: Simplify the burst length settings (git-fixes). - amd-xgbe: use devm_platform_ioremap_resource() to simplify code (git-fixes). - amd-xgbe: use dma_mapping_error to check map errors (git-fixes). - amd-xgbe: Use __napi_schedule() in BH context (git-fixes). - amd-xgbe: Use the proper register during PTP initialization (git-fixes). - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes). - arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#SLE-4084). - arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084). - asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178). - ASoC: intel: Fix memleak in sst_media_open (git-fixes). - ASoC: kirkwood: fix IRQ error handling (git-fixes). - ASoC: tegra: Fix reference count leaks (git-fixes). - ath10k: fix array out-of-bounds access (git-fixes). - ath10k: fix memory leak for tpc_stats_final (git-fixes). - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes). - batman-adv: Add missing include for in_interrupt() (git-fixes). - batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes). - batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes). - batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes). - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes). - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes). - bcache: allocate meta data pages as compound pages (bsc#1172873). - bcache: allocate meta data pages as compound pages (bsc#1172873). - bcache: Convert pr_<level> uses to a more typical style (git fixes (block drivers)). - bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)). - bcm63xx_enet: correct clock usage (git-fixes). - bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes). - bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes (bitfield)). - blktrace: fix debugfs use after free (git fixes (block drivers)). - block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)). - block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148). - block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148). - block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148). - block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148). - block: revert back to synchronous request_queue removal (git fixes (block drivers)). - block: Use non _rcu version of list functions for tag_set_list (git-fixes). - Bluetooth: Fix refcount use-after-free issue (git-fixes). - Bluetooth: guard against controllers sending zero'd events (git-fixes). - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes). - Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes). - Bluetooth: prefetch channel before killing sock (git-fixes). - bnxt_en: Fix completion ring sizing with TPA enabled (networking-stable-20_07_29). - bonding: check error value of register_netdevice() immediately (git-fixes). - bonding: check return value of register_netdevice() in bond_newlink() (git-fixes). - bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM (git-fixes). - btrfs: avoid possible signal interruption of btrfs_drop_snapshot() on relocation tree (bsc#1174354). - btrfs: balance: print to system log when balance ends or is paused (bsc#1174354). - btrfs: relocation: allow signal to cancel balance (bsc#1174354). - btrfs: relocation: review the call sites which can be interrupted by signal (bsc#1174354). - btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789). - btrfs: take overcommit into account in inc_block_group_ro (bsc#1174354). - btrfs: tree-checker: fix the error message for transid error (bsc#1176788). - ceph: do not allow setlease on cephfs (bsc#1177041). - ceph: fix potential mdsc use-after-free crash (bsc#1177042). - ceph: fix use-after-free for fsc->mdsc (bsc#1177043). - ceph: handle zero-length feature mask in session messages (bsc#1177044). - cfg80211: regulatory: reject invalid hints (bsc#1176699). - char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667). - cifs: Fix leak when handling lease break for cached root fid (bsc#1176242). - cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544). - cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536). - clk: Add (devm_)clk_get_optional() functions (git-fixes). - clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes). - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes). - clk/ti/adpll: allocate room for terminating null (git-fixes). - clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes). - constrants: fix malformed XML Closing tag of an element is "</foo>", not "<foo/>". Fixes: 8b37de2eb835 ("rpm/constraints.in: Increase memory for kernel-docs") - cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#1176966). - Created new preempt kernel flavor (jsc#SLE-11309) Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel. - crypto: dh - check validity of Z before export (bsc#1175716). - crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175716). - crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175716). - crypto: ecdh - check validity of Z before export (bsc#1175716). - device property: Fix the secondary firmware node handling in set_primary_fwnode() (git-fixes). - Disable CONFIG_LIVEPATCH_IPA_CLONES where not needed Explicitly disable CONFIG_LIVEPATCH_IPA_CLONES in configs where it is not needed to avoid confusion and unwanted values due to fragment config files. - dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate() (git-fixes). - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling (git-fixes). - dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes). - dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes). - dmaengine: zynqmp_dma: fix burst length configuration (git-fixes). - dm crypt: avoid truncating the logical block size (git fixes (block drivers)). - dm: fix redundant IO accounting for bios that need splitting (git fixes (block drivers)). - dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block drivers)). - dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)). - dm: report suspended device during destroy (git fixes (block drivers)). - dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes (block drivers)). - dm: use noio when sending kobject event (git fixes (block drivers)). - dm writecache: add cond_resched to loop in persistent_memory_claim() (git fixes (block drivers)). - dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)). - dm zoned: assign max_io_len correctly (git fixes (block drivers)). - Drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes). - Drivers: hv: balloon: Remove dependencies on guest page size (git-fixes). - Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877). - Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes). - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (git-fixes). - Drivers: net: add missing interrupt.h include (git-fixes). - Drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (git-fixes). - drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29). - drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic (git-fixes). - drm/amd/display: fix pow() crashing when given base 0 (git-fixes). - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes). - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails (git-fixes). - drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes). - drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes). - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes). - drm/amdgpu: increase atombios cmd timeout (git-fixes). - drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table (git-fixes). - drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table (git-fixes). - drm/amdkfd: fix a memory leak issue (git-fixes). - drm/amdkfd: Fix reference count leaks (git-fixes). - drm/amd/pm: correct Vega10 swctf limit setting (git-fixes). - drm/amd/pm: correct Vega12 swctf limit setting (git-fixes). - drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context changes - drm/mediatek: Add exception handing in mtk_drm_probe() if component init fail (git-fixes). - drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata() (git-fixes). - drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes). - drm/msm: add shutdown support for display platform_driver (git-fixes). - drm/msm/adreno: fix updating ring fence (git-fixes). - drm/msm: Disable preemption on all 5xx targets (git-fixes). - drm/msm: fix leaks if initialization fails (git-fixes). - drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes - drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes). - drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes). - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open (git-fixes). - drm/nouveau: Fix reference count leak in nouveau_connector_detect (git-fixes). - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit (git-fixes). - drm/nouveau: fix runtime pm imbalance on error (git-fixes). - drm/omap: fix possible object reference leak (git-fixes). - drm/radeon: fix multiple reference count leak (git-fixes). - drm/radeon: Prefer lower feedback dividers (git-fixes). - drm/radeon: revert "Prefer lower feedback dividers" (git-fixes). - drm/sun4i: Fix dsi dcs long write function (git-fixes). - drm/sun4i: mixer: Extend regmap max_register (git-fixes). - drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes). - drm/tve200: Stabilize enable/disable (git-fixes). - drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes). - drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600). - Drop wrongly inserted end-of-sorted marker - e1000: Do not perform reset in reset_task if we are already down (git-fixes). - EDAC: Fix reference count leaks (bsc#1112178). - fbcon: prevent user font height or width change from causing (bsc#1112178) - Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950). - fsl/fman: check dereferencing null pointer (git-fixes). - fsl/fman: fix dereference null return value (git-fixes). - fsl/fman: fix eth hash table allocation (git-fixes). - fsl/fman: fix unreachable code (git-fixes). - fsl/fman: use 32-bit unsigned integer (git-fixes). - ftrace: Move RCU is watching check after recursion check (git-fixes). - ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes). - gma/gma500: fix a memory disclosure bug due to uninitialized bytes (git-fixes). - gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes). - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() (git-fixes). - gtp: fix Illegal context switch in RCU read-side critical section (git-fixes). - gtp: fix use-after-free in gtp_newlink() (git-fixes). - Hide e21a4f3a930c as of its duplication - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() (git-fixes). - hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes). - hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659). - hv_balloon: Balloon up according to request page number (git-fixes). - hv_balloon: Use a static page for the balloon_up send buffer (git-fixes). - hv_netvsc: Allow scatter-gather feature to be tunable (git-fixes). - hv_netvsc: do not use VF device if link is down (git-fixes). - hv_netvsc: Fix a warning of suspicious RCU usage (git-fixes). - hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() (git-fixes). - hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() (git-fixes). - hv_netvsc: flag software created hash value (git-fixes). - hv_netvsc: Remove "unlikely" from netvsc_select_queue (git-fixes). - hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877). - hv_utils: return error if host timesysnc update is stale (bsc#1176877). - hwmon: (applesmc) check status earlier (git-fixes). - i2c: core: Do not fail PRP0001 enumeration when no ID table exist (git-fixes). - i2c: cpm: Fix i2c_ram structure (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - i2c: rcar: in slave mode, clear NACK earlier (git-fixes). - ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140). - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873 ltc#187922). - ieee802154/adf7242: check status of adf7242_read_reg (git-fixes). - ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes). - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes). - iio: accel: kxsd9: Fix alignment of local buffer (git-fixes). - iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes). - iio:adc:ina2xx Fix timestamp alignment issue (git-fixes). - iio: adc: mcp3422: fix locking on error path (git-fixes). - iio: adc: mcp3422: fix locking scope (git-fixes). - iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes). - iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes). - iio: improve IIO_CONCENTRATION channel type description (git-fixes). - iio:light:ltr501 Fix timestamp alignment issue (git-fixes). - iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes). - iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes). - include: add additional sizes (bsc#1094244 ltc#168122). - Input: psmouse - add a newline when printing 'proto' by sysfs (git-fixes). - iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177293). - iommu/amd: Fix potential @entry null deref (bsc#1177294). - iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176316). - iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291). - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317). - iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177295). - iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318). - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177296). - iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#1176319). - iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320). - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL (bsc#1175515). - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL (bsc#1175515). - kabi: hide new parameter of ip6_dst_lookup_flow() (bsc#1165629). - kabi: mask changes to struct ipv6_stub (bsc#1165629). - kernel-binary.spec.in: Package the obj_install_dir as explicit filelist. - kernel-binary.spec.in: SLE12 tar does not understand --verbatim-files-from - kernel-docs: Change Requires on python-Sphinx to earlier than version 3 References: bsc#1166965 From 3 on the internal API that the build system uses was rewritten in an incompatible way. See https://github.com/sphinx-doc/sphinx/issues/7421 and https://bugzilla.suse.com/show_bug.cgi?id=1166965#c16 for some details. - kernel/relay.c: fix memleak on destroy relay channel (git-fixes). - kernel-syms.spec.in: Also use bz compression (boo#1175882). - KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084). - KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and non-VHE (jsc#SLE-4084). - KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put for VHE (jsc#SLE-4084). - KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put (jsc#SLE-4084). - KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on VHE (jsc#SLE-4084). - KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions (jsc#SLE-4084). - KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084). - KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems (jsc#SLE-4084). - KVM: arm64: Factor out fault info population and gic workarounds (jsc#SLE-4084). - KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084). - KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084). - KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084). - KVM: arm64: Introduce framework for accessing deferred sysregs (jsc#SLE-4084). - KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions (jsc#SLE-4084). - KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084). - KVM: arm64: Move common VHE/non-VHE trap config in separate functions (jsc#SLE-4084). - KVM: arm64: Move debug dirty flag calculation out of world switch (jsc#SLE-4084). - KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag (jsc#SLE-4084). - KVM: arm64: Move userspace system registers into separate function (jsc#SLE-4084). - KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers (jsc#SLE-4084). - KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1 (jsc#SLE-4084). - KVM: arm64: Remove kern_hyp_va() use in VHE switch function (jsc#SLE-4084). - KVM: arm64: Remove noop calls to timer save/restore from VHE switch (jsc#SLE-4084). - KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084). - KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084). - KVM: arm64: Rewrite system register accessors to read/write functions (jsc#SLE-4084). - KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084). - KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions (jsc#SLE-4084). - KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE (jsc#SLE-4084). - KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN (jsc#SLE-4084). - KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs (jsc#SLE-4084). - KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084). - KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on VHE (jsc#SLE-4084). - KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init (jsc#SLE-4084). - KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load (jsc#SLE-4084). - KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1 (jsc#SLE-4084). - KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe (jsc#SLE-4084). - KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs (jsc#SLE-4084). - KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate (jsc#SLE-4084). - KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n (jsc#SLE-4084). - KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code (jsc#SLE-4084). - KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178). - KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM (bsc#1176321). - KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast() (bsc#1112178). - KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084). - libceph: allow setting abort_on_full for rbd (bsc#1169972). - lib/mpi: Add mpi_sub_ui() (bsc#1175716). - libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742). - libnvdimm: cover up struct nvdimm changes (bsc#1171742). - libnvdimm/security, acpi/nfit: unify zero-key for all security commands (bsc#1171742). - libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527). - libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742). - lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block drivers)). - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - mac802154: tx: fix use-after-free (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - md: raid0/linear: fix dereference before null check on pointer mddev (git fixes (block drivers)). - media: budget-core: Improve exception handling in budget_register() (git-fixes). - media: davinci: vpif_capture: fix potential double free (git-fixes). - media: pci: ttpci: av7110: fix possible buffer overflow caused by bad DMA value in debiirq() (git-fixes). - media: smiapp: Fix error handling at NVM reading (git-fixes). - media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes). - media: vpss: clean up resources in init (git-fixes). - mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes). - mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes). - mlx4: disable device on shutdown (git-fixes). - mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes). - mlxsw: core: Increase scope of RCU read-side critical section (git-fixes). - mm: Avoid calling build_all_zonelists_init under hotplug context (bsc#1154366). - mmc: core: do not set limits.discard_granularity as 0 (git-fixes). - mmc: cqhci: Add cqhci_deactivate() (git-fixes). - mmc: sdhci-msm: Add retries when all tuning phases are found valid (git-fixes). - mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based controllers (git-fixes). - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes). - mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes (mm/pgalloc)). - mm/vmalloc.c: move 'area->pages' after if statement (git fixes (mm/vmalloc)). - mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (bsc#1175691). - mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes). - mtd: lpddr: Fix a double free in probe() (git-fixes). - mtd: phram: fix a double free issue in error path (git-fixes). - mtd: properly check all write ioctls for permissions (git-fixes). - net: 8390: Fix manufacturer name in Kconfig help text (git-fixes). - net: amd: fix return type of ndo_start_xmit function (git-fixes). - net/amd: Remove useless driver version (git-fixes). - net: amd-xgbe: fix comparison to bitshift when dealing with a mask (git-fixes). - net: amd-xgbe: Get rid of custom hex_dump_to_buffer() (git-fixes). - net: apple: Fix manufacturer name in Kconfig help text (git-fixes). - net: broadcom: Fix manufacturer name in Kconfig help text (git-fixes). - net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes). - net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes). - net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes). - net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes). - net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes). - net: dsa: mv88e6xxx: fix shift of FID bits in mv88e6185_g1_vtu_loadpurge() (git-fixes). - net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes). - net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes). - net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes). - net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes). - net: ethernet: aquantia: Fix wrong return value (git-fixes). - net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (git-fixes). - net: fs_enet: do not call phy_stop() in interrupts (git-fixes). - net: initialize fastreuse on inet_inherit_port (networking-stable-20_08_15). - net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes). - net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08). - net: lio_core: fix potential sign-extension overflow on large shift (git-fixes). - net/mlx5: Add meaningful return codes to status_to_err function (git-fixes). - net/mlx5e: Fix error path of device attach (git-fixes). - net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes). - net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes). - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded (git-fixes). - net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes). - net: mvmdio: defer probe of orion-mdio if a clock is not ready (git-fixes). - net: mvneta: fix mtu change on port without link (git-fixes). - net: mvpp2: fix memory leak in mvpp2_rx (git-fixes). - net-next: ax88796: Do not free IRQ in ax_remove() (already freed in ax_close()) (git-fixes). - net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15). - net: qca_spi: Avoid packet drop during initial sync (git-fixes). - net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes). - net: qcom/emac: add missed clk_disable_unprepare in error path of emac_clks_phase1_init (git-fixes). - net: refactor bind_bucket fastreuse into helper (networking-stable-20_08_15). - net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes). - net/smc: fix dmb buffer shortage (git-fixes). - net/smc: fix restoring of fallback changes (git-fixes). - net/smc: fix sock refcounting in case of termination (git-fixes). - net/smc: improve close of terminated socket (git-fixes). - net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes). - net/smc: remove freed buffer from list (git-fixes). - net/smc: reset sndbuf_desc if freed (git-fixes). - net/smc: set rx_off for SMCR explicitly (git-fixes). - net/smc: switch smcd_dev_list spinlock to mutex (git-fixes). - net/smc: tolerate future SMCD versions (git-fixes). - net: spider_net: Fix the size used in a 'dma_free_coherent()' call (git-fixes). - net: stmmac: call correct function in stmmac_mac_config_rx_queues_routing() (git-fixes). - net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes). - net: stmmac: do not stop NAPI processing when dropping a packet (git-fixes). - net: stmmac: dwmac4: fix flow control issue (git-fixes). - net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA reset function (git-fixes). - net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array (git-fixes). - net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration (git-fixes). - net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b (git-fixes). - net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs (git-fixes). - net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode (git-fixes). - net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock (git-fixes). - net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()' (git-fixes). - net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()' (git-fixes). - net: stmmac: Fix RX packet size > 8191 (git-fixes). - net: stmmac: rename dwmac4_tx_queue_routing() to match reality (git-fixes). - net: stmmac: set MSS for each tx DMA channel (git-fixes). - net: stmmac: Use correct values in TQS/RQS fields (git-fixes). - net-sysfs: add a newline when printing 'tx_timeout' by sysfs (networking-stable-20_07_29). - net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes). - net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb() (git-fixes). - net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx (git-fixes). - net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes). - net: ucc_geth - fix Oops when changing number of buffers in the ring (git-fixes). - netvsc: unshare skb in VF rx handler (git-fixes). - NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340). - NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340). - NFSv4: do not mark all open state for recovery when handling recallable state revoked flag (bsc#1176935). - nvme-fc: set max_segments to lldd max value (bsc#1176038). - nvme-pci: override the value of the controller's numa node (bsc#1176507). - obsolete_kmp: provide newer version than the obsoleted one (boo#1170232). - ocfs2: give applications more IO opportunities during fstrim (bsc#1175228). - omapfb: fix multiple reference count leaks due to pm_runtime_get_sync (git-fixes). - PCI/ASPM: Allow re-enabling Clock PM (git-fixes). - PCI: Fix pci_create_slot() reference count leak (git-fixes). - PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes). - PCI: qcom: Add missing reset for ipq806x (git-fixes). - PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes). - PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes). - PCI: rcar: Fix incorrect programming of OB windows (git-fixes). - phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes). - pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes). - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes). - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes). - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes). - PM: sleep: core: Fix the handling of pending runtime resume requests (git-fixes). - powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244 ltc#168122). - powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244 ltc#168122). - powerpc/64s: Fix unrelocated interrupt trampoline address test (bsc#1094244 ltc#168122). - powerpc/64s: Include <asm/nmi.h> header file to fix a warning (bsc#1094244 ltc#168122). - powerpc/64s: machine check do not trace real-mode handler (bsc#1094244 ltc#168122). - powerpc/64s: sreset panic if there is no debugger or crash dump handlers (bsc#1094244 ltc#168122). - powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244 ltc#168122). - powerpc: Add cputime_to_nsecs() (bsc#1065729). - powerpc/book3s64/radix: Add kernel command line option to disable radix GTSE (bsc#1055186 ltc#153436). - powerpc/book3s64/radix: Fix boot failure with large amount of guest memory (bsc#1176022 ltc#187208). - powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122). - powerpc/init: Do not advertise radix during client-architecture-support (bsc#1055186 ltc#153436 ). - powerpc/kernel: Cleanup machine check function declarations (bsc#1065729). - powerpc/kernel: Enables memory hot-remove after reboot on pseries guests (bsc#1177030 ltc#187588). - powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436). - powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only (bsc#1177030 ltc#187588). - powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64 (bsc#1176022 ltc#187208). - powerpc/powernv: Remove real mode access limit for early allocations (bsc#1176022 ltc#187208). - powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186 ltc#153436). - powerpc/pseries/le: Work around a firmware quirk (bsc#1094244 ltc#168122). - powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208). - powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244 ltc#168122). - powerpc/pseries: Machine check use rtas_call_unlocked() with args on stack (bsc#1094244 ltc#168122). - powerpc/pseries: radix is not subject to RMA limit, remove it (bsc#1176022 ltc#187208). - powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths (bsc#1094244 ltc#168122). - powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122). - powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244 ltc#168122). - powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244 ltc#168122). - powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122). - powerpc/traps: fix recoverability of machine check handling on book3s/32 (bsc#1094244 ltc#168122). - powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244 ltc#168122). - powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S (bsc#1065729). - power: supply: max17040: Correct voltage reading (git-fixes). - rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes (rcu)). - regulator: push allocation in set_consumer_device_supply() out of lock (git-fixes). - Revert "ALSA: hda: Add support for Loongson 7A1000 controller" (git-fixes). - Revert "ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume control" (git-fixes). - Revert "i2c: cadence: Fix the hold bit setting" (git-fixes). - Revert "rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857" - Revert "rxrpc: Fix race between recvmsg and sendmsg on immediate call" This reverts commit 04f6b8ac00d839c61b79667685d97a5ecef35a93. We do not enable AF_RXRPC on SLE, but we do on openSUSE (arm 32bit -- why?) kernels. And there, it causes build failures as RXRPC_CALL_DISCONNECTED is not defined in 4.12 yet. So stay on the safe side and drop this. - Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe" (bsc#1171688 bsc#1174003). - Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command" (bsc#1171688 bsc#1174003). - Revert "sign also s390x kernel images (bsc#1163524)" - Revert "sign also s390x kernel images (bsc#1163524)" - Revert "xen/balloon: Fix crash when ballooning on x86 32 bit PAE" (bsc#1065600). - rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules (bsc#1176869 ltc#188243). - rpm/check-for-config-changes: Ignore CONFIG_CC_VERSION_TEXT - rpm/check-for-config-changes: Ignore CONFIG_LD_VERSION - rpm/constraints.in: Increase memory for kernel-docs References: https://build.opensuse.org/request/show/792664 - rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732) - rpm: drop execute permissions on source files Sometimes a source file with execute permission appears in upstream repository and makes it into our kernel-source packages. This is caught by OBS build checks and may even result in build failures. Sanitize the source tree by removing execute permissions from all C source and header files. - rpm/kabi.pl: account for namespace field being moved last Upstream is moving the namespace field in Module.symvers last in order to preserve backwards compatibility with kmod tools (depmod, etc). Fix the kabi.pl script to expect the namespace field last. Since split() ignores trailing empty fields and delimeters, switch to using tr to count how many fields/tabs are in a line. Also, in load_symvers(), pass LIMIT of -1 to split() so it does not strip trailing empty fields, as namespace is an optional field. - rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857 jsc#SLE-13618). - rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115) To avoid the unnecessary key enrollment, when enrolling the signing key of the kernel package, "--ca-check" is added to mokutil so that mokutil will ignore the request if the CA of the signing key already exists in MokList or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is only defined in a kernel module package (KMP), it's used to determine whether the %post script is running in a kernel package, or a kernel module package. - rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup Co-Authored-By: Adam Spiers <aspiers@suse.com> - rpm/kernel-obs-build.spec.in: Enable overlayfs Overlayfs is needed for podman or docker builds when no more specific driver can be used (like lvm or btrfs). As the default build fs is ext4 currently, we need overlayfs kernel modules to be available. - rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073). - rpm/kernel-source.spec.in: Also use bz compression (boo#1175882). - rpm/macros.kernel-source: pass -c proerly in kernel module package (bsc#1176698) The "-c" option wasn't passed down to %_kernel_module_package so the ueficert subpackage wasn't generated even if the certificate is specified in the spec file. - rpm/mkspec-dtb: add mt76 based dtb package - rpm/package-descriptions: garbege collection remove old ARM and Xen flavors. - rtc: ds1374: fix possible race condition (git-fixes). - rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes). - rxrpc: Fix race between recvmsg and sendmsg on immediate call failure (networking-stable-20_08_08). - rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA (networking-stable-20_07_29). - s390/mm: fix huge pte soft dirty copying (git-fixes). - s390/qeth: do not process empty bridge port events (git-fixes). - s390/qeth: integrate RX refill worker with NAPI (git-fixes). - s390/qeth: tolerate pre-filled RX buffer (git-fixes). - sched/deadline: Initialize ->dl_boosted (bsc#1112178). - scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899). - scsi: Fix trivial spelling (bsc#1171688 bsc#1174003). - scsi: fnic: Do not call 'scsi_done()' for unhandled commands (bsc#1168468, bsc#1171675). - scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962 ltc#188304). - scsi: ibmvfc: Use compiler attribute defines instead of __attribute__() (bsc#1176962 ltc#188304). - scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258). - scsi: libfc: Fix for double free() (bsc#1174899). - scsi: libfc: free response frame from GPN_ID (bsc#1174899). - scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases (bsc#1174899). - scsi: libfc: free skb when receiving invalid flogi resp (bsc#1175528). - scsi: libfc: Handling of extra kref (bsc#1175528). - scsi: libfc: If PRLI rejected, move rport to PLOGI state (bsc#1175528). - scsi: libfc: rport state move to PLOGI if all PRLI retry exhausted (bsc#1175528). - scsi: libfc: Skip additional kref updating work event (bsc#1175528). - scsi: lpfc: Add and rename a whole bunch of function parameter descriptions (bsc#1171558 bsc#1136666). - scsi: lpfc: Add dependency on CPU_FREQ (git-fixes). - scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param (bsc#1171558 bsc#1136666). - scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558 bsc#1136666). - scsi: lpfc: Ensure variable has the same stipulations as code using it (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix oops when unloading driver while running mds diags (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix retry of PRLI when status indicates its unsupported (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes). - scsi: lpfc: Fix some function parameter descriptions (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558 bsc#1136666). - scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558 bsc#1136666). - scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558 bsc#1136666 bsc#1173060). - scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying targetport (bsc#1171558 bsc#1136666). - scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param (bsc#1171558 bsc#1136666). - scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666). - scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666). - scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666). - scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case into lower case (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof() expressions (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix regression on sparc64 (git-fixes). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix the return value (bsc#1171688). - scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call (bsc#1171688). - scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (bsc#1171688). - scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (bsc#1171688). - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Indicate correct supported speeds for Mezz card (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Introduce a function for computing the debug message prefix (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (bsc#1171688). - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688). - scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688). - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove superfluous memset() (bsc#1171688). - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: SAN congestion management implementation (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (bsc#1171688). - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Suppress two recently introduced compiler warnings (git-fixes). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use register names instead of register offsets (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (bsc#1171688). - scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790). - sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186 (git-fixes). - sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210 (git-fixes). - serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes). - serial: 8250: change lock order in serial8250_do_startup() (git-fixes). - serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes). - serial: 8250_port: Do not service RX FIFO if throttled (git-fixes). - serial: pl011: Do not leak amba_ports entry on driver register error (git-fixes). - serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes). - Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084). - Set VIRTIO_CONSOLE=y (bsc#1175667). - sign also s390x kernel images (bsc#1163524) - SMB3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546). - SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545). - SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548). - stmmac: Do not access tx_q->dirty_tx before netif_tx_lock (git-fixes). - tcp: apply a floor of 1 for RTT samples from TCP timestamps (networking-stable-20_08_08). - thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430 (git-fixes). - tools/power/cpupower: Fix initializer override in hsw_ext_cstates (bsc#1112178). - Update patch reference for a tipc fix patch (bsc#1175515) - USB: cdc-acm: rework notification_buffer resizing (git-fixes). - USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes). - USB: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes). - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes). - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes). - USB: Fix out of sync data toggle if a configured device is reconfigured (git-fixes). - USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes). - USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes). - USB: gadget: f_tcm: Fix some resource leaks in some error paths (git-fixes). - USB: gadget: u_f: add overflow checks to VLA macros (git-fixes). - USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes). - USB: host: ohci-exynos: Fix error handling in exynos_ohci_probe() (git-fixes). - USB: hso: check for return value in hso_serial_common_create() (networking-stable-20_08_08). - USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge (git-fixes). - usblp: fix race between disconnect() and read() (git-fixes). - USB: lvtest: return proper error code in probe (git-fixes). - usbnet: ipheth: fix potential null pointer dereference in ipheth_carrier_set (git-fixes). - USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes). - USB: quirks: Add no-lpm quirk for another Raydium touchscreen (git-fixes). - USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook (git-fixes). - USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D (git-fixes). - USB: rename USB quirk to USB_QUIRK_ENDPOINT_IGNORE (git-fixes). - USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes). - USB: serial: ftdi_sio: clean up receive processing (git-fixes). - USB: serial: ftdi_sio: fix break and sysrq handling (git-fixes). - USB: serial: ftdi_sio: make process-packet buffer unsigned (git-fixes). - USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules (git-fixes). - USB: serial: option: support dynamic Quectel USB compositions (git-fixes). - USB: serial: qcserial: add EM7305 QDL product ID (git-fixes). - USB: sisusbvga: Fix a potential UB casued by left shifting a negative value (git-fixes). - USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes). - USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes). - USB: uas: Add quirk for PNY Pro Elite (git-fixes). - USB: UAS: fix disconnect by unplugging a hub (git-fixes). - USB: xhci: define IDs for various ASMedia host controllers (git-fixes). - USB: xhci: Fix ASMedia ASM1142 DMA addressing (git-fixes). - USB: yurex: Fix bad gfp argument (git-fixes). - vgacon: remove software scrollback support (bsc#1176278). - video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes). - virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes (block drivers)). - vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes). - vrf: prevent adding upper devices (git-fixes). - vxge: fix return of a free'd memblock on a failed dma mapping (git-fixes). - vxlan: Ensure FDB dump is performed under RCU (git-fixes). - x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1112178). - x86/hyperv: Create and use Hyper-V page definitions (git-fixes). - x86/hyperv: Make hv_vcpu_is_preempted() visible (git-fixes). - x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178). - x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115). - xen/balloon: fix accounting in alloc_xenballooned_pages error path (bsc#1065600). - xen/balloon: make the balloon wait interruptible (bsc#1065600). - xen: do not reschedule in preemption off sections (bsc#1175749). - xen/events: do not use chip_data for legacy IRQs (bsc#1065600). - xen uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (bsc#1065600). - xgbe: no need to check return value of debugfs_create functions (git-fixes). - xgbe: switch to more generic VxLAN detection (git-fixes). - xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes). - yam: fix possible memory leak in yam_init_driver (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 12-SP5: zypper in -t patch SUSE-SLE-RT-12-SP5-2020-2999=1 Package List: - SUSE Linux Enterprise Real Time Extension 12-SP5 (x86_64): cluster-md-kmp-rt-4.12.14-10.19.1 dlm-kmp-rt-4.12.14-10.19.1 gfs2-kmp-rt-4.12.14-10.19.1 kernel-rt-4.12.14-10.19.1 kernel-rt-base-4.12.14-10.19.1 kernel-rt-devel-4.12.14-10.19.1 kernel-rt_debug-4.12.14-10.19.1 kernel-rt_debug-devel-4.12.14-10.19.1 kernel-syms-rt-4.12.14-10.19.1 ocfs2-kmp-rt-4.12.14-10.19.1 - SUSE Linux Enterprise Real Time Extension 12-SP5 (noarch): kernel-devel-rt-4.12.14-10.19.1 kernel-source-rt-4.12.14-10.19.1 References: https://www.suse.com/security/cve/CVE-2020-0404.html https://www.suse.com/security/cve/CVE-2020-0427.html https://www.suse.com/security/cve/CVE-2020-0431.html https://www.suse.com/security/cve/CVE-2020-0432.html https://www.suse.com/security/cve/CVE-2020-14381.html https://www.suse.com/security/cve/CVE-2020-14386.html https://www.suse.com/security/cve/CVE-2020-14390.html https://www.suse.com/security/cve/CVE-2020-1749.html https://www.suse.com/security/cve/CVE-2020-2521.html https://www.suse.com/security/cve/CVE-2020-25212.html https://www.suse.com/security/cve/CVE-2020-25284.html https://www.suse.com/security/cve/CVE-2020-25641.html https://www.suse.com/security/cve/CVE-2020-25643.html https://www.suse.com/security/cve/CVE-2020-25645.html https://www.suse.com/security/cve/CVE-2020-26088.html https://bugzilla.suse.com/1055186 https://bugzilla.suse.com/1058115 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1112178 https://bugzilla.suse.com/1113956 https://bugzilla.suse.com/1136666 https://bugzilla.suse.com/1152148 https://bugzilla.suse.com/1154366 https://bugzilla.suse.com/1163524 https://bugzilla.suse.com/1165629 https://bugzilla.suse.com/1166965 https://bugzilla.suse.com/1167527 https://bugzilla.suse.com/1168468 https://bugzilla.suse.com/1169790 https://bugzilla.suse.com/1169972 https://bugzilla.suse.com/1170232 https://bugzilla.suse.com/1171558 https://bugzilla.suse.com/1171675 https://bugzilla.suse.com/1171688 https://bugzilla.suse.com/1171742 https://bugzilla.suse.com/1172073 https://bugzilla.suse.com/1172538 https://bugzilla.suse.com/1172873 https://bugzilla.suse.com/1173060 https://bugzilla.suse.com/1173115 https://bugzilla.suse.com/1174003 https://bugzilla.suse.com/1174354 https://bugzilla.suse.com/1174899 https://bugzilla.suse.com/1175228 https://bugzilla.suse.com/1175515 https://bugzilla.suse.com/1175520 https://bugzilla.suse.com/1175528 https://bugzilla.suse.com/1175667 https://bugzilla.suse.com/1175691 https://bugzilla.suse.com/1175716 https://bugzilla.suse.com/1175749 https://bugzilla.suse.com/1175873 https://bugzilla.suse.com/1175882 https://bugzilla.suse.com/1176011 https://bugzilla.suse.com/1176022 https://bugzilla.suse.com/1176038 https://bugzilla.suse.com/1176069 https://bugzilla.suse.com/1176235 https://bugzilla.suse.com/1176242 https://bugzilla.suse.com/1176278 https://bugzilla.suse.com/1176316 https://bugzilla.suse.com/1176317 https://bugzilla.suse.com/1176318 https://bugzilla.suse.com/1176319 https://bugzilla.suse.com/1176320 https://bugzilla.suse.com/1176321 https://bugzilla.suse.com/1176381 https://bugzilla.suse.com/1176395 https://bugzilla.suse.com/1176410 https://bugzilla.suse.com/1176423 https://bugzilla.suse.com/1176482 https://bugzilla.suse.com/1176507 https://bugzilla.suse.com/1176536 https://bugzilla.suse.com/1176544 https://bugzilla.suse.com/1176545 https://bugzilla.suse.com/1176546 https://bugzilla.suse.com/1176548 https://bugzilla.suse.com/1176659 https://bugzilla.suse.com/1176698 https://bugzilla.suse.com/1176699 https://bugzilla.suse.com/1176700 https://bugzilla.suse.com/1176721 https://bugzilla.suse.com/1176722 https://bugzilla.suse.com/1176725 https://bugzilla.suse.com/1176732 https://bugzilla.suse.com/1176788 https://bugzilla.suse.com/1176789 https://bugzilla.suse.com/1176869 https://bugzilla.suse.com/1176877 https://bugzilla.suse.com/1176935 https://bugzilla.suse.com/1176946 https://bugzilla.suse.com/1176950 https://bugzilla.suse.com/1176962 https://bugzilla.suse.com/1176966 https://bugzilla.suse.com/1176990 https://bugzilla.suse.com/1177027 https://bugzilla.suse.com/1177030 https://bugzilla.suse.com/1177041 https://bugzilla.suse.com/1177042 https://bugzilla.suse.com/1177043 https://bugzilla.suse.com/1177044 https://bugzilla.suse.com/1177121 https://bugzilla.suse.com/1177206 https://bugzilla.suse.com/1177258 https://bugzilla.suse.com/1177291 https://bugzilla.suse.com/1177293 https://bugzilla.suse.com/1177294 https://bugzilla.suse.com/1177295 https://bugzilla.suse.com/1177296 https://bugzilla.suse.com/1177340 https://bugzilla.suse.com/1177511 https://bugzilla.suse.com/802154

SUSE: 2020:2999-1 important: the Linux Kernel

October 22, 2020

An update that solves 15 vulnerabilities and has 84 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 kernel RT was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0404: Fixed a linked list corruption due to an unusual root cause (bsc#1176423). - CVE-2020-0427: Fixed an out of bounds read due to a use after free (bsc#1176725). - CVE-2020-0431: Fixed an out of bounds write due to a missing bounds check (bsc#1176722). - CVE-2020-0432: Fixed an out of bounds write due to an integer overflow (bsc#1176721). - CVE-2020-14381: Fixed requeue paths such that filp was valid when dropping the references (bsc#1176011). - CVE-2020-14386: Fixed a memory corruption which could have been exploited to gain root privileges from unprivileged processes (bsc#1176069). - CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory corruption or a denial of service when changing screen size (bnc#1176235). - CVE-2020-1749: Use ip6_dst_lookup_flow instead of ip6_dst_lookup (bsc#1165629). - CVE-2020-25212: Fixed A TOCTOU mismatch in the NFS client code which could have been used by local attackers to corrupt memory (bsc#1176381). - CVE-2020-2521: Fixed getxattr kernel panic and memory overflow (bsc#1176381). - CVE-2020-25284: Fixed an incomplete permission checking for access to rbd devices, which could have been leveraged by local attackers to map or unmap rbd block devices (bsc#1176482). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). - CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206). - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511). - CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket creation could have been used by local attackers to create raw sockets, bypassing security mechanisms (bsc#1176990). The following non-security bugs were fixed: - ACPI: EC: Reference count query handlers under lock (git-fixes). - airo: Add missing CAP_NET_ADMIN check in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - airo: Fix possible info leak in AIROOLDIOCTL/SIOCDEVPRIVATE (git-fixes). - airo: Fix read overflows sending packets (git-fixes). - ALSA: asihpi: fix iounmap in error handler (git-fixes). - ALSA: firewire-digi00x: exclude Avid Adrenaline from detection (git-fixes). - ALSA; firewire-tascam: exclude Tascam FE-8 from detection (git-fixes). - ALSA: hda: Fix 2 channel swapping for Tegra (git-fixes). - ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled (git-fixes). - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion NT950XCJ-X716A (git-fixes). - ALSA: hda/realtek - Improved routing for Thinkpad X1 7th/8th Gen (git-fixes). - altera-stapl: altera_get_note: prevent write beyond end of 'key' (git-fixes). - amd-xgbe: Add a check for an skb in the timestamp path (git-fixes). - amd-xgbe: Add additional dynamic debug messages (git-fixes). - amd-xgbe: Add additional ethtool statistics (git-fixes). - amd-xgbe: Add ethtool show/set channels support (git-fixes). - amd-xgbe: Add ethtool show/set ring parameter support (git-fixes). - amd-xgbe: Add ethtool support to retrieve SFP module info (git-fixes). - amd-xgbe: Add hardware features debug output (git-fixes). - amd-xgbe: Add NUMA affinity support for IRQ hints (git-fixes). - amd-xgbe: Add NUMA affinity support for memory allocations (git-fixes). - amd-xgbe: Add per queue Tx and Rx statistics (git-fixes). - amd-xgbe: Advertise FEC support with the KR re-driver (git-fixes). - amd-xgbe: Always attempt link training in KR mode (git-fixes). - amd-xgbe: Be sure driver shuts down cleanly on module removal (git-fixes). - amd-xgbe: Convert to generic power management (git-fixes). - amd-xgbe: Fix debug output of max channel counts (git-fixes). - amd-xgbe: Fix error path in xgbe_mod_init() (git-fixes). - amd-xgbe: Fixes for working with PHYs that support 2.5GbE (git-fixes). - amd-xgbe: Fix SFP PHY supported/advertised settings (git-fixes). - amd-xgbe: fix spelling mistake: "avialable" -> "available" (git-fixes). - amd-xgbe: Handle return code from software reset function (git-fixes). - amd-xgbe: Improve SFP 100Mbps auto-negotiation (git-fixes). - amd-xgbe: Interrupt summary bits are h/w version dependent (git-fixes). - amd-xgbe: Limit the I2C error messages that are output (git-fixes). - amd-xgbe: Mark expected switch fall-throughs (git-fixes). - amd-xgbe: Optimize DMA channel interrupt enablement (git-fixes). - amd-xgbe: Prepare for ethtool set-channel support (git-fixes). - amd-xgbe: Read and save the port property registers during probe (git-fixes). - amd-xgbe: Remove field that indicates SFP diagnostic support (git-fixes). - amd-xgbe: remove unnecessary conversion to bool (git-fixes). - amd-xgbe: Remove use of comm_owned field (git-fixes). - amd-xgbe: Set the MDIO mode for 10000Base-T configuration (git-fixes). - amd-xgbe: Simplify the burst length settings (git-fixes). - amd-xgbe: use devm_platform_ioremap_resource() to simplify code (git-fixes). - amd-xgbe: use dma_mapping_error to check map errors (git-fixes). - amd-xgbe: Use __napi_schedule() in BH context (git-fixes). - amd-xgbe: Use the proper register during PTP initialization (git-fixes). - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes). - arm64: KVM: Do not generate UNDEF when LORegion feature is present (jsc#SLE-4084). - arm64: KVM: regmap: Fix unexpected switch fall-through (jsc#SLE-4084). - asm-generic: fix -Wtype-limits compiler warnings (bsc#1112178). - ASoC: intel: Fix memleak in sst_media_open (git-fixes). - ASoC: kirkwood: fix IRQ error handling (git-fixes). - ASoC: tegra: Fix reference count leaks (git-fixes). - ath10k: fix array out-of-bounds access (git-fixes). - ath10k: fix memory leak for tpc_stats_final (git-fixes). - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes). - batman-adv: Add missing include for in_interrupt() (git-fixes). - batman-adv: Avoid uninitialized chaddr when handling DHCP (git-fixes). - batman-adv: bla: fix type misuse for backbone_gw hash indexing (git-fixes). - batman-adv: bla: use netif_rx_ni when not in interrupt context (git-fixes). - batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh (git-fixes). - batman-adv: mcast/TT: fix wrongly dropped or rerouted packets (git-fixes). - bcache: allocate meta data pages as compound pages (bsc#1172873). - bcache: allocate meta data pages as compound pages (bsc#1172873). - bcache: Convert pr_<level> uses to a more typical style (git fixes (block drivers)). - bcache: fix overflow in offset_to_stripe() (git fixes (block drivers)). - bcm63xx_enet: correct clock usage (git-fixes). - bcm63xx_enet: do not write to random DMA channel on BCM6345 (git-fixes). - bitfield.h: do not compile-time validate _val in FIELD_FIT (git fixes (bitfield)). - blktrace: fix debugfs use after free (git fixes (block drivers)). - block: add docs for gendisk / request_queue refcount helpers (git fixes (block drivers)). - block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148). - block: check queue's limits.discard_granularity in __blkdev_issue_discard() (bsc#1152148). - block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148). - block: improve discard bio alignment in __blkdev_issue_discard() (bsc#1152148). - block: revert back to synchronous request_queue removal (git fixes (block drivers)). - block: Use non _rcu version of list functions for tag_set_list (git-fixes). - Bluetooth: Fix refcount use-after-free issue (git-fixes). - Bluetooth: guard against controllers sending zero'd events (git-fixes). - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes). - Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes). - Bluetooth: prefetch channel before killing sock (git-fixes). - bnxt_en: Fix completion ring sizing with TPA enabled (networking-stable-20_07_29). - bonding: check error value of register_netdevice() immediately (git-fixes). - bonding: check return value of register_netdevice() in bond_newlink() (git-fixes). - bonding: use nla_get_u64 to extract the value for IFLA_BOND_AD_ACTOR_SYSTEM (git-fixes). - btrfs: avoid possible signal interruption of btrfs_drop_snapshot() on relocation tree (bsc#1174354). - btrfs: balance: print to system log when balance ends or is paused (bsc#1174354). - btrfs: relocation: allow signal to cancel balance (bsc#1174354). - btrfs: relocation: review the call sites which can be interrupted by signal (bsc#1174354). - btrfs: require only sector size alignment for parent eb bytenr (bsc#1176789). - btrfs: take overcommit into account in inc_block_group_ro (bsc#1174354). - btrfs: tree-checker: fix the error message for transid error (bsc#1176788). - ceph: do not allow setlease on cephfs (bsc#1177041). - ceph: fix potential mdsc use-after-free crash (bsc#1177042). - ceph: fix use-after-free for fsc->mdsc (bsc#1177043). - ceph: handle zero-length feature mask in session messages (bsc#1177044). - cfg80211: regulatory: reject invalid hints (bsc#1176699). - char: virtio: Select VIRTIO from VIRTIO_CONSOLE (bsc#1175667). - cifs: Fix leak when handling lease break for cached root fid (bsc#1176242). - cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544). - cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536). - clk: Add (devm_)clk_get_optional() functions (git-fixes). - clk: rockchip: Fix initialization of mux_pll_src_4plls_p (git-fixes). - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes). - clk/ti/adpll: allocate room for terminating null (git-fixes). - clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes). - constrants: fix malformed XML Closing tag of an element is "</foo>", not "<foo/>". Fixes: 8b37de2eb835 ("rpm/constraints.in: Increase memory for kernel-docs") - cpufreq: intel_pstate: Fix EPP setting via sysfs in active mode (bsc#1176966). - Created new preempt kernel flavor (jsc#SLE-11309) Configs are cloned from the respective $arch/default configs. All changed configs appart from CONFIG_PREEMPT->y are a result of dependencies, namely many lock/unlock primitives are no longer inlined in the preempt kernel. TREE_RCU has been also changed to PREEMPT_RCU which is the default implementation for PREEMPT kernel. - crypto: dh - check validity of Z before export (bsc#1175716). - crypto: dh - SP800-56A rev 3 local public key validation (bsc#1175716). - crypto: ecc - SP800-56A rev 3 local public key validation (bsc#1175716). - crypto: ecdh - check validity of Z before export (bsc#1175716). - device property: Fix the secondary firmware node handling in set_primary_fwnode() (git-fixes). - Disable CONFIG_LIVEPATCH_IPA_CLONES where not needed Explicitly disable CONFIG_LIVEPATCH_IPA_CLONES in configs where it is not needed to avoid confusion and unwanted values due to fragment config files. - dmaengine: at_hdmac: check return value of of_find_device_by_node() in at_dma_xlate() (git-fixes). - dmaengine: of-dma: Fix of_dma_router_xlate's of_dma_xlate handling (git-fixes). - dmaengine: pl330: Fix burst length if burst size is smaller than bus width (git-fixes). - dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes). - dmaengine: zynqmp_dma: fix burst length configuration (git-fixes). - dm crypt: avoid truncating the logical block size (git fixes (block drivers)). - dm: fix redundant IO accounting for bios that need splitting (git fixes (block drivers)). - dm integrity: fix a deadlock due to offloading to an incorrect workqueue (git fixes (block drivers)). - dm integrity: fix integrity recalculation that is improperly skipped (git fixes (block drivers)). - dm: report suspended device during destroy (git fixes (block drivers)). - dm rq: do not call blk_mq_queue_stopped() in dm_stop_queue() (git fixes (block drivers)). - dm: use noio when sending kobject event (git fixes (block drivers)). - dm writecache: add cond_resched to loop in persistent_memory_claim() (git fixes (block drivers)). - dm writecache: correct uncommitted_block when discarding uncommitted entry (git fixes (block drivers)). - dm zoned: assign max_io_len correctly (git fixes (block drivers)). - Drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes). - Drivers: hv: balloon: Remove dependencies on guest page size (git-fixes). - Drivers: hv: Specify receive buffer size using Hyper-V page size (bsc#1176877). - Drivers: hv: vmbus: Add timeout to vmbus_wait_for_unload (git-fixes). - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (git-fixes). - Drivers: net: add missing interrupt.h include (git-fixes). - Drivers/net/ethernet/marvell/mvmdio.c: Fix non OF case (git-fixes). - drivers/net/wan/x25_asy: Fix to make it work (networking-stable-20_07_29). - drm/amd/display: dal_ddc_i2c_payloads_create can fail causing panic (git-fixes). - drm/amd/display: fix pow() crashing when given base 0 (git-fixes). - drm/amd/display: fix ref count leak in amdgpu_drm_ioctl (git-fixes). - drm/amdgpu/display: fix ref count leak when pm_runtime_get_sync fails (git-fixes). - drm/amdgpu: Fix buffer overflow in INFO ioctl (git-fixes). - drm/amdgpu: Fix bug in reporting voltage for CIK (git-fixes). - drm/amdgpu: fix ref count leak in amdgpu_driver_open_kms (git-fixes). - drm/amdgpu: increase atombios cmd timeout (git-fixes). - drm/amdgpu/powerplay: fix AVFS handling with custom powerplay table (git-fixes). - drm/amdgpu/powerplay/smu7: fix AVFS handling with custom powerplay table (git-fixes). - drm/amdkfd: fix a memory leak issue (git-fixes). - drm/amdkfd: Fix reference count leaks (git-fixes). - drm/amd/pm: correct Vega10 swctf limit setting (git-fixes). - drm/amd/pm: correct Vega12 swctf limit setting (git-fixes). - drm/ast: Initialize DRAM type before posting GPU (bsc#1113956) * context changes - drm/mediatek: Add exception handing in mtk_drm_probe() if component init fail (git-fixes). - drm/mediatek: Add missing put_device() call in mtk_hdmi_dt_parse_pdata() (git-fixes). - drm/msm/a5xx: Always set an OPP supported hardware value (git-fixes). - drm/msm: add shutdown support for display platform_driver (git-fixes). - drm/msm/adreno: fix updating ring fence (git-fixes). - drm/msm: Disable preemption on all 5xx targets (git-fixes). - drm/msm: fix leaks if initialization fails (git-fixes). - drm/msm/gpu: make ringbuffer readonly (bsc#1112178) * context changes - drm/nouveau/debugfs: fix runtime pm imbalance on error (git-fixes). - drm/nouveau/dispnv50: fix runtime pm imbalance on error (git-fixes). - drm/nouveau/drm/noveau: fix reference count leak in nouveau_fbcon_open (git-fixes). - drm/nouveau: Fix reference count leak in nouveau_connector_detect (git-fixes). - drm/nouveau: fix reference count leak in nv50_disp_atomic_commit (git-fixes). - drm/nouveau: fix runtime pm imbalance on error (git-fixes). - drm/omap: fix possible object reference leak (git-fixes). - drm/radeon: fix multiple reference count leak (git-fixes). - drm/radeon: Prefer lower feedback dividers (git-fixes). - drm/radeon: revert "Prefer lower feedback dividers" (git-fixes). - drm/sun4i: Fix dsi dcs long write function (git-fixes). - drm/sun4i: mixer: Extend regmap max_register (git-fixes). - drm/sun4i: sun8i-csc: Secondary CSC register correction (git-fixes). - drm/tve200: Stabilize enable/disable (git-fixes). - drm/vc4/vc4_hdmi: fill ASoC card owner (git-fixes). - drm/xen-front: Fix misused IS_ERR_OR_NULL checks (bsc#1065600). - Drop wrongly inserted end-of-sorted marker - e1000: Do not perform reset in reset_task if we are already down (git-fixes). - EDAC: Fix reference count leaks (bsc#1112178). - fbcon: prevent user font height or width change from causing (bsc#1112178) - Fix error in kabi fix for: NFSv4: Fix OPEN / CLOSE race (bsc#1176950). - fsl/fman: check dereferencing null pointer (git-fixes). - fsl/fman: fix dereference null return value (git-fixes). - fsl/fman: fix eth hash table allocation (git-fixes). - fsl/fman: fix unreachable code (git-fixes). - fsl/fman: use 32-bit unsigned integer (git-fixes). - ftrace: Move RCU is watching check after recursion check (git-fixes). - ftrace: Setup correct FTRACE_FL_REGS flags for module (git-fixes). - gma/gma500: fix a memory disclosure bug due to uninitialized bytes (git-fixes). - gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes). - gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable() (git-fixes). - gtp: fix Illegal context switch in RCU read-side critical section (git-fixes). - gtp: fix use-after-free in gtp_newlink() (git-fixes). - Hide e21a4f3a930c as of its duplication - HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage() (git-fixes). - hippi: Fix a size used in a 'pci_free_consistent()' in an error handling path (git-fixes). - hsr: use netdev_err() instead of WARN_ONCE() (bsc#1176659). - hv_balloon: Balloon up according to request page number (git-fixes). - hv_balloon: Use a static page for the balloon_up send buffer (git-fixes). - hv_netvsc: Allow scatter-gather feature to be tunable (git-fixes). - hv_netvsc: do not use VF device if link is down (git-fixes). - hv_netvsc: Fix a warning of suspicious RCU usage (git-fixes). - hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() (git-fixes). - hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() (git-fixes). - hv_netvsc: flag software created hash value (git-fixes). - hv_netvsc: Remove "unlikely" from netvsc_select_queue (git-fixes). - hv_utils: drain the timesync packets on onchannelcallback (bsc#1176877). - hv_utils: return error if host timesysnc update is stale (bsc#1176877). - hwmon: (applesmc) check status earlier (git-fixes). - i2c: core: Do not fail PRP0001 enumeration when no ID table exist (git-fixes). - i2c: cpm: Fix i2c_ram structure (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - i2c: rcar: in slave mode, clear NACK earlier (git-fixes). - ibmvnic: add missing parenthesis in do_reset() (bsc#1176700 ltc#188140). - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873 ltc#187922). - ieee802154/adf7242: check status of adf7242_read_reg (git-fixes). - ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes). - iio:accel:bmc150-accel: Fix timestamp alignment and prevent data leak (git-fixes). - iio: accel: kxsd9: Fix alignment of local buffer (git-fixes). - iio:accel:mma7455: Fix timestamp alignment and prevent data leak (git-fixes). - iio:adc:ina2xx Fix timestamp alignment issue (git-fixes). - iio: adc: mcp3422: fix locking on error path (git-fixes). - iio: adc: mcp3422: fix locking scope (git-fixes). - iio:adc:ti-adc081c Fix alignment and data leak issues (git-fixes). - iio: adc: ti-ads1015: fix conversion when CONFIG_PM is not set (git-fixes). - iio: improve IIO_CONCENTRATION channel type description (git-fixes). - iio:light:ltr501 Fix timestamp alignment issue (git-fixes). - iio:light:max44000 Fix timestamp alignment and prevent data leak (git-fixes). - iio:magnetometer:ak8975 Fix alignment and data leak issues (git-fixes). - include: add additional sizes (bsc#1094244 ltc#168122). - Input: psmouse - add a newline when printing 'proto' by sysfs (git-fixes). - iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177293). - iommu/amd: Fix potential @entry null deref (bsc#1177294). - iommu/amd: Print extended features in one line to fix divergent log levels (bsc#1176316). - iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177291). - iommu/amd: Restore IRTE.RemapEn bit after programming IRTE (bsc#1176317). - iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177295). - iommu/amd: Use cmpxchg_double() when updating 128-bit IRTE (bsc#1176318). - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177296). - iommu/omap: Check for failure of a call to omap_iommu_dump_ctx (bsc#1176319). - iommu/vt-d: Serialize IOMMU GCMD register modifications (bsc#1176320). - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL (bsc#1175515). - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL (bsc#1175515). - kabi: hide new parameter of ip6_dst_lookup_flow() (bsc#1165629). - kabi: mask changes to struct ipv6_stub (bsc#1165629). - kernel-binary.spec.in: Package the obj_install_dir as explicit filelist. - kernel-binary.spec.in: SLE12 tar does not understand --verbatim-files-from - kernel-docs: Change Requires on python-Sphinx to earlier than version 3

References

#1055186 #1058115 #1065600 #1065729 #1094244

#1112178 #1113956 #1136666 #1152148 #1154366

#1163524 #1165629 #1166965 #1167527 #1168468

#1169790 #1169972 #1170232 #1171558 #1171675

#1171688 #1171742 #1172073 #1172538 #1172873

#1173060 #1173115 #1174003 #1174354 #1174899

#1175228 #1175515 #1175520 #1175528 #1175667

#1175691 #1175716 #1175749 #1175873 #1175882

#1176011 #1176022 #1176038 #1176069 #1176235

#1176242 #1176278 #1176316 #1176317 #1176318

#1176319 #1176320 #1176321 #1176381 #1176395

#1176410 #1176423 #1176482 #1176507 #1176536

#1176544 #1176545 #1176546 #1176548 #1176659

#1176698 #1176699 #1176700 #1176721 #1176722

#1176725 #1176732 #1176788 #1176789 #1176869

#1176877 #1176935 #1176946 #1176950 #1176962

#1176966 #1176990 #1177027 #1177030 #1177041

#1177042 #1177043 #1177044 #1177121 #1177206

#1177258 #1177291 #1177293 #1177294 #1177295

#1177296 #1177340 #1177511 #802154

Cross- CVE-2020-0404 CVE-2020-0427 CVE-2020-0431

CVE-2020-0432 CVE-2020-14381 CVE-2020-14386

CVE-2020-14390 CVE-2020-1749 CVE-2020-2521

CVE-2020-25212 CVE-2020-25284 CVE-2020-25641

CVE-2020-25643 CVE-2020-25645 CVE-2020-26088

Affected Products:

SUSE Linux Enterprise Real Time Extension 12-SP5

bsc#1166965 From 3 on the internal API that the build system

uses was rewritten in an incompatible way. See

https://github.com/sphinx-doc/sphinx/issues/7421 and

https://bugzilla.suse.com/show_bug.cgi?id=1166965#c16 for some details.

- kernel/relay.c: fix memleak on destroy relay channel (git-fixes).

- kernel-syms.spec.in: Also use bz compression (boo#1175882).

- KVM: arm64: Change 32-bit handling of VM system registers (jsc#SLE-4084).

- KVM: arm64: Cleanup __activate_traps and __deactive_traps for VHE and

non-VHE (jsc#SLE-4084).

- KVM: arm64: Configure c15, PMU, and debug register traps on cpu load/put

for VHE (jsc#SLE-4084).

- KVM: arm64: Defer saving/restoring 32-bit sysregs to vcpu load/put

(jsc#SLE-4084).

- KVM: arm64: Defer saving/restoring 64-bit sysregs to vcpu load/put on

VHE (jsc#SLE-4084).

- KVM: arm64: Directly call VHE and non-VHE FPSIMD enabled functions

(jsc#SLE-4084).

- KVM: arm64: Do not deactivate VM on VHE systems (jsc#SLE-4084).

- KVM: arm64: Do not save the host ELR_EL2 and SPSR_EL2 on VHE systems

(jsc#SLE-4084).

- KVM: arm64: Factor out fault info population and gic workarounds

(jsc#SLE-4084).

- KVM: arm64: Fix order of vcpu_write_sys_reg() arguments (jsc#SLE-4084).

- KVM: arm64: Forbid kprobing of the VHE world-switch code (jsc#SLE-4084).

- KVM: arm64: Improve debug register save/restore flow (jsc#SLE-4084).

- KVM: arm64: Introduce framework for accessing deferred sysregs

(jsc#SLE-4084).

- KVM: arm64: Introduce separate VHE/non-VHE sysreg save/restore functions

(jsc#SLE-4084).

- KVM: arm64: Introduce VHE-specific kvm_vcpu_run (jsc#SLE-4084).

- KVM: arm64: Move common VHE/non-VHE trap config in separate functions

(jsc#SLE-4084).

- KVM: arm64: Move debug dirty flag calculation out of world switch

(jsc#SLE-4084).

- KVM: arm64: Move HCR_INT_OVERRIDE to default HCR_EL2 guest flag

(jsc#SLE-4084).

- KVM: arm64: Move userspace system registers into separate function

(jsc#SLE-4084).

- KVM: arm64: Prepare to handle deferred save/restore of 32-bit registers (jsc#SLE-4084).

- KVM: arm64: Prepare to handle deferred save/restore of ELR_EL1

(jsc#SLE-4084).

- KVM: arm64: Remove kern_hyp_va() use in VHE switch function

(jsc#SLE-4084).

- KVM: arm64: Remove noop calls to timer save/restore from VHE switch

(jsc#SLE-4084).

- KVM: arm64: Rework hyp_panic for VHE and non-VHE (jsc#SLE-4084).

- KVM: arm64: Rewrite sysreg alternatives to static keys (jsc#SLE-4084).

- KVM: arm64: Rewrite system register accessors to read/write functions

(jsc#SLE-4084).

- KVM: arm64: Slightly improve debug save/restore functions (jsc#SLE-4084).

- KVM: arm64: Unify non-VHE host/guest sysreg save and restore functions

(jsc#SLE-4084).

- KVM: arm64: Write arch.mdcr_el2 changes since last vcpu_load on VHE

(jsc#SLE-4084).

- KVM: arm/arm64: Avoid vcpu_load for other vcpu ioctls than KVM_RUN

(jsc#SLE-4084).

- KVM: arm/arm64: Avoid VGICv3 save/restore on VHE with no IRQs

(jsc#SLE-4084).

- KVM: arm/arm64: Get rid of vcpu->arch.irq_lines (jsc#SLE-4084).

- KVM: arm/arm64: Handle VGICv3 save/restore from the main VGIC code on

VHE (jsc#SLE-4084).

- KVM: arm/arm64: Move vcpu_load call after kvm_vcpu_first_run_init

(jsc#SLE-4084).

- KVM: arm/arm64: Move VGIC APR save/restore to vgic put/load

(jsc#SLE-4084).

- KVM: arm/arm64: Prepare to handle deferred save/restore of SPSR_EL1

(jsc#SLE-4084).

- KVM: arm/arm64: Remove leftover comment from kvm_vcpu_run_vhe

(jsc#SLE-4084).

- KVM: introduce kvm_arch_vcpu_async_ioctl (jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_fpu

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_mpstate

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_get_regs

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl (jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_run

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_fpu

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_guest_debug

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_mpstate

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_regs

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_set_sregs

(jsc#SLE-4084).

- KVM: Move vcpu_load to arch-specific kvm_arch_vcpu_ioctl_translate

(jsc#SLE-4084).

- KVM: PPC: Fix compile error that occurs when CONFIG_ALTIVEC=n

(jsc#SLE-4084).

- KVM: Prepare for moving vcpu_load/vcpu_put into arch specific code

(jsc#SLE-4084).

- KVM: SVM: Add a dedicated INVD intercept routine (bsc#1112178).

- KVM: SVM: Fix disable pause loop exit/pause filtering capability on SVM

(bsc#1176321).

- KVM: SVM: fix svn_pin_memory()'s use of get_user_pages_fast()

(bsc#1112178).

- KVM: Take vcpu->mutex outside vcpu_load (jsc#SLE-4084).

- libceph: allow setting abort_on_full for rbd (bsc#1169972).

- lib/mpi: Add mpi_sub_ui() (bsc#1175716).

- libnvdimm: cover up nvdimm_security_ops changes (bsc#1171742).

- libnvdimm: cover up struct nvdimm changes (bsc#1171742).

- libnvdimm/security, acpi/nfit: unify zero-key for all security commands

(bsc#1171742).

- libnvdimm/security: fix a typo (bsc#1171742 bsc#1167527).

- libnvdimm/security: Introduce a 'frozen' attribute (bsc#1171742).

- lib/raid6: use vdupq_n_u8 to avoid endianness warnings (git fixes (block

drivers)).

- mac80211: do not allow bigger VHT MPDUs than the hardware supports

(git-fixes).

- mac802154: tx: fix use-after-free (git-fixes).

- macsec: avoid use-after-free in macsec_handle_frame() (git-fixes).

- md: raid0/linear: fix dereference before null check on pointer mddev

(git fixes (block drivers)).

- media: budget-core: Improve exception handling in budget_register()

(git-fixes).

- media: davinci: vpif_capture: fix potential double free (git-fixes).

- media: pci: ttpci: av7110: fix possible buffer overflow caused by bad

DMA value in debiirq() (git-fixes).

- media: smiapp: Fix error handling at NVM reading (git-fixes).

- media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes).

- media: vpss: clean up resources in init (git-fixes).

- mfd: intel-lpss: Add Intel Emmitsburg PCH PCI IDs (git-fixes).

- mfd: mfd-core: Protect against NULL call-back function pointer

(git-fixes).

- mlx4: disable device on shutdown (git-fixes).

- mlxsw: core: Free EMAD transactions using kfree_rcu() (git-fixes).

- mlxsw: core: Increase scope of RCU read-side critical section

(git-fixes).

- mm: Avoid calling build_all_zonelists_init under hotplug context

(bsc#1154366).

- mmc: core: do not set limits.discard_granularity as 0 (git-fixes).

- mmc: cqhci: Add cqhci_deactivate() (git-fixes).

- mmc: sdhci-msm: Add retries when all tuning phases are found valid

(git-fixes).

- mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based

controllers (git-fixes).

- mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS

models (git-fixes).

- mm/page_alloc.c: fix a crash in free_pages_prepare() (git fixes

(mm/pgalloc)).

- mm/vmalloc.c: move 'area->pages' after if statement (git fixes

(mm/vmalloc)).

- mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo

(bsc#1175691).

- mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of

cfi_amdstd_setup() (git-fixes).

- mtd: lpddr: Fix a double free in probe() (git-fixes).

- mtd: phram: fix a double free issue in error path (git-fixes).

- mtd: properly check all write ioctls for permissions (git-fixes).

- net: 8390: Fix manufacturer name in Kconfig help text (git-fixes).

- net: amd: fix return type of ndo_start_xmit function (git-fixes).

- net/amd: Remove useless driver version (git-fixes).

- net: amd-xgbe: fix comparison to bitshift when dealing with a mask

(git-fixes).

- net: amd-xgbe: Get rid of custom hex_dump_to_buffer() (git-fixes).

- net: apple: Fix manufacturer name in Kconfig help text (git-fixes).

- net: broadcom: Fix manufacturer name in Kconfig help text (git-fixes).

- net: dsa: b53: Fix sparse warnings in b53_mmap.c (git-fixes).

- net: dsa: b53: Use strlcpy() for ethtool::get_strings (git-fixes).

- net: dsa: mv88e6xxx: fix 6085 frame mode masking (git-fixes).

- net: dsa: mv88e6xxx: Fix interrupt masking on removal (git-fixes).

- net: dsa: mv88e6xxx: Fix name of switch 88E6141 (git-fixes).

- net: dsa: mv88e6xxx: fix shift of FID bits in

mv88e6185_g1_vtu_loadpurge() (git-fixes).

- net: dsa: mv88e6xxx: Unregister MDIO bus on error path (git-fixes).

- net: dsa: qca8k: Allow overwriting CPU port setting (git-fixes).

- net: dsa: qca8k: Enable RXMAC when bringing up a port (git-fixes).

- net: dsa: qca8k: Force CPU port to its highest bandwidth (git-fixes).

- net: ethernet: aquantia: Fix wrong return value (git-fixes).

- net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init()

(git-fixes).

- net: fs_enet: do not call phy_stop() in interrupts (git-fixes).

- net: initialize fastreuse on inet_inherit_port

(networking-stable-20_08_15).

- net: lan78xx: Bail out if lan78xx_get_endpoints fails (git-fixes).

- net: lan78xx: replace bogus endpoint lookup (networking-stable-20_08_08).

- net: lio_core: fix potential sign-extension overflow on large shift

(git-fixes).

- net/mlx5: Add meaningful return codes to status_to_err function

(git-fixes).

- net/mlx5e: Fix error path of device attach (git-fixes).

- net/mlx5: E-Switch, Use correct flags when configuring vlan (git-fixes).

- net/mlx5e: vxlan: Use RCU for vxlan table lookup (git-fixes).

- net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded

(git-fixes).

- net/mlx5: Fix a bug of using ptp channel index as pin index (git-fixes).

- net: mvmdio: defer probe of orion-mdio if a clock is not ready

(git-fixes).

- net: mvneta: fix mtu change on port without link (git-fixes).

- net: mvpp2: fix memory leak in mvpp2_rx (git-fixes).

- net-next: ax88796: Do not free IRQ in ax_remove() (already freed in

ax_close()) (git-fixes).

- net/nfc/rawsock.c: add CAP_NET_RAW check (networking-stable-20_08_15).

- net: qca_spi: Avoid packet drop during initial sync (git-fixes).

- net: qca_spi: Make sure the QCA7000 reset is triggered (git-fixes).

- net: qcom/emac: add missed clk_disable_unprepare in error path of

emac_clks_phase1_init (git-fixes).

- net: refactor bind_bucket fastreuse into helper

(networking-stable-20_08_15).

- net: smc91x: Fix possible memory leak in smc_drv_probe() (git-fixes).

- net/smc: fix dmb buffer shortage (git-fixes).

- net/smc: fix restoring of fallback changes (git-fixes).

- net/smc: fix sock refcounting in case of termination (git-fixes).

- net/smc: improve close of terminated socket (git-fixes).

- net/smc: Prevent kernel-infoleak in __smc_diag_dump() (git-fixes).

- net/smc: remove freed buffer from list (git-fixes).

- net/smc: reset sndbuf_desc if freed (git-fixes).

- net/smc: set rx_off for SMCR explicitly (git-fixes).

- net/smc: switch smcd_dev_list spinlock to mutex (git-fixes).

- net/smc: tolerate future SMCD versions (git-fixes).

- net: spider_net: Fix the size used in a 'dma_free_coherent()' call

(git-fixes).

- net: stmmac: call correct function in

stmmac_mac_config_rx_queues_routing() (git-fixes).

- net: stmmac: Disable ACS Feature for GMAC >= 4 (git-fixes).

- net: stmmac: do not stop NAPI processing when dropping a packet

(git-fixes).

- net: stmmac: dwmac4: fix flow control issue (git-fixes).

- net: stmmac: dwmac_lib: fix interchanged sleep/timeout values in DMA

reset function (git-fixes).

- net: stmmac: dwmac-meson8b: Add missing boundary to RGMII TX clock array

(git-fixes).

- net: stmmac: dwmac-meson8b: fix internal RGMII clock configuration

(git-fixes).

- net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b

(git-fixes).

- net: stmmac: dwmac-meson8b: Fix the RGMII TX delay on Meson8b/8m2 SoCs

(git-fixes).

- net: stmmac: dwmac-meson8b: only configure the clocks in RGMII mode

(git-fixes).

- net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock

(git-fixes).

- net: stmmac: Fix error handling path in 'alloc_dma_rx_desc_resources()'

(git-fixes).

- net: stmmac: Fix error handling path in 'alloc_dma_tx_desc_resources()'

(git-fixes).

- net: stmmac: Fix RX packet size > 8191 (git-fixes).

- net: stmmac: rename dwmac4_tx_queue_routing() to match reality

(git-fixes).

- net: stmmac: set MSS for each tx DMA channel (git-fixes).

- net: stmmac: Use correct values in TQS/RQS fields (git-fixes).

- net-sysfs: add a newline when printing 'tx_timeout' by sysfs

(networking-stable-20_07_29).

- net: systemport: Fix software statistics for SYSTEMPORT Lite (git-fixes).

- net: systemport: Fix sparse warnings in bcm_sysport_insert_tsb()

(git-fixes).

- net: tc35815: Explicitly check NET_IP_ALIGN is not zero in tc35815_rx

(git-fixes).

- net: tulip: de4x5: Drop redundant MODULE_DEVICE_TABLE() (git-fixes).

- net: ucc_geth - fix Oops when changing number of buffers in the ring

(git-fixes).

- netvsc: unshare skb in VF rx handler (git-fixes).

- NFS: On fatal writeback errors, we need to call

nfs_inode_remove_request() (bsc#1177340).

- NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340).

- NFSv4: do not mark all open state for recovery when handling recallable

state revoked flag (bsc#1176935).

- nvme-fc: set max_segments to lldd max value (bsc#1176038).

- nvme-pci: override the value of the controller's numa node (bsc#1176507).

- obsolete_kmp: provide newer version than the obsoleted one (boo#1170232).

- ocfs2: give applications more IO opportunities during fstrim

(bsc#1175228).

- omapfb: fix multiple reference count leaks due to pm_runtime_get_sync

(git-fixes).

- PCI/ASPM: Allow re-enabling Clock PM (git-fixes).

- PCI: Fix pci_create_slot() reference count leak (git-fixes).

- PCI: qcom: Add missing ipq806x clocks in PCIe driver (git-fixes).

- PCI: qcom: Add missing reset for ipq806x (git-fixes).

- PCI: qcom: Add support for tx term offset for rev 2.1.0 (git-fixes).

- PCI: qcom: Define some PARF params needed for ipq8064 SoC (git-fixes).

- PCI: rcar: Fix incorrect programming of OB windows (git-fixes).

- phy: samsung: s5pv210-usb2: Add delay after reset (git-fixes).

- pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes).

- platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP

(git-fixes).

- platform/x86: thinkpad_acpi: initialize tp_nvram_state variable

(git-fixes).

- platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse

(git-fixes).

- PM: sleep: core: Fix the handling of pending runtime resume requests

(git-fixes).

- powerpc/64s: Blacklist functions invoked on a trap (bsc#1094244

ltc#168122).

- powerpc/64s: Fix HV NMI vs HV interrupt recoverability test (bsc#1094244

ltc#168122).

- powerpc/64s: Fix unrelocated interrupt trampoline address test

(bsc#1094244 ltc#168122).

- powerpc/64s: Include <asm/nmi.h> header file to fix a warning

(bsc#1094244 ltc#168122).

- powerpc/64s: machine check do not trace real-mode handler (bsc#1094244

ltc#168122).

- powerpc/64s: sreset panic if there is no debugger or crash dump handlers (bsc#1094244 ltc#168122).

- powerpc/64s: system reset interrupt preserve HSRRs (bsc#1094244

ltc#168122).

- powerpc: Add cputime_to_nsecs() (bsc#1065729).

- powerpc/book3s64/radix: Add kernel command line option to disable radix

GTSE (bsc#1055186 ltc#153436).

- powerpc/book3s64/radix: Fix boot failure with large amount of guest

memory (bsc#1176022 ltc#187208).

- powerpc: Implement ftrace_enabled() helpers (bsc#1094244 ltc#168122).

- powerpc/init: Do not advertise radix during client-architecture-support

(bsc#1055186 ltc#153436 ).

- powerpc/kernel: Cleanup machine check function declarations

(bsc#1065729).

- powerpc/kernel: Enables memory hot-remove after reboot on pseries guests

(bsc#1177030 ltc#187588).

- powerpc/mm: Enable radix GTSE only if supported (bsc#1055186 ltc#153436).

- powerpc/mm: Limit resize_hpt_for_hotplug() call to hash guests only

(bsc#1177030 ltc#187588).

- powerpc/mm: Move book3s64 specifics in subdirectory mm/book3s64

(bsc#1176022 ltc#187208).

- powerpc/powernv: Remove real mode access limit for early allocations

(bsc#1176022 ltc#187208).

- powerpc/prom: Enable Radix GTSE in cpu pa-features (bsc#1055186

ltc#153436).

- powerpc/pseries/le: Work around a firmware quirk (bsc#1094244

ltc#168122).

- powerpc/pseries: lift RTAS limit for radix (bsc#1176022 ltc#187208).

- powerpc/pseries: Limit machine check stack to 4GB (bsc#1094244

ltc#168122).

- powerpc/pseries: Machine check use rtas_call_unlocked() with args on

stack (bsc#1094244 ltc#168122).

- powerpc/pseries: radix is not subject to RMA limit, remove it

(bsc#1176022 ltc#187208).

- powerpc/pseries/ras: Avoid calling rtas_token() in NMI paths

(bsc#1094244 ltc#168122).

- powerpc/pseries/ras: Fix FWNMI_VALID off by one (bsc#1094244 ltc#168122).

- powerpc/pseries/ras: fwnmi avoid modifying r3 in error case (bsc#1094244

ltc#168122).

- powerpc/pseries/ras: fwnmi sreset should not interlock (bsc#1094244

ltc#168122).

- powerpc/traps: Do not trace system reset (bsc#1094244 ltc#168122).

- powerpc/traps: fix recoverability of machine check handling on book3s/32

(bsc#1094244 ltc#168122).

- powerpc/traps: Make unrecoverable NMIs die instead of panic (bsc#1094244

ltc#168122).

- powerpc/xmon: Use `dcbf` inplace of `dcbi` instruction for 64bit Book3S

(bsc#1065729).

- power: supply: max17040: Correct voltage reading (git-fixes).

- rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (git fixes

(rcu)).

- regulator: push allocation in set_consumer_device_supply() out of lock

(git-fixes).

- Revert "ALSA: hda: Add support for Loongson 7A1000 controller"

(git-fixes).

- Revert "ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume

control" (git-fixes).

- Revert "i2c: cadence: Fix the hold bit setting" (git-fixes).

- Revert "rpm/kernel-binary.spec.in: Also sign ppc64 kernels

(jsc#SLE-15857"

- Revert "rxrpc: Fix race between recvmsg and sendmsg on immediate call"

This reverts commit 04f6b8ac00d839c61b79667685d97a5ecef35a93. We do not

enable AF_RXRPC on SLE, but we do on openSUSE (arm 32bit -- why?)

kernels. And there, it causes build failures as RXRPC_CALL_DISCONNECTED

is not defined in 4.12 yet. So stay on the safe side and drop this.

- Revert "scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during

probe" (bsc#1171688 bsc#1174003).

- Revert "scsi: qla2xxx: Fix crash on qla2x00_mailbox_command"

(bsc#1171688 bsc#1174003).

- Revert "sign also s390x kernel images (bsc#1163524)"

- Revert "xen/balloon: Fix crash when ballooning on x86 32 bit PAE"

(bsc#1065600).

- rpadlpar_io: Add MODULE_DESCRIPTION entries to kernel modules

(bsc#1176869 ltc#188243).

- rpm/check-for-config-changes: Ignore CONFIG_CC_VERSION_TEXT

- rpm/check-for-config-changes: Ignore CONFIG_LD_VERSION

- rpm/constraints.in: Increase memory for kernel-docs

https://build.opensuse.org/request/show/792664

- rpm/constraints.in: recognize also kernel-source-azure (bsc#1176732)

- rpm: drop execute permissions on source files Sometimes a source file

with execute permission appears in upstream repository and makes it into

our kernel-source packages. This is caught by OBS build checks and may

even result in build failures. Sanitize the source tree by removing

execute permissions from all C source and header files.

- rpm/kabi.pl: account for namespace field being moved last Upstream is

moving the namespace field in Module.symvers last in order to preserve

backwards compatibility with kmod tools (depmod, etc). Fix the kabi.pl

script to expect the namespace field last. Since split() ignores

trailing empty fields and delimeters, switch to using tr to count how

many fields/tabs are in a line. Also, in load_symvers(), pass LIMIT of

-1 to split() so it does not strip trailing empty fields, as namespace

is an optional field.

- rpm/kernel-binary.spec.in: Also sign ppc64 kernels (jsc#SLE-15857

jsc#SLE-13618).

- rpm/kernel-cert-subpackage: add CA check on key enrollment (bsc#1173115)

To avoid the unnecessary key enrollment, when enrolling the signing key

of the kernel package, "--ca-check" is added to mokutil so that mokutil

will ignore the request if the CA of the signing key already exists in

MokList or UEFI db. Since the macro, %_suse_kernel_module_subpackage, is

only defined in a kernel module package (KMP), it's used to determine

whether the %post script is running in a kernel package, or a kernel

module package.

- rpm/kernel-obs-build.spec.in: add dm-crypt for building with cryptsetup

Co-Authored-By: Adam Spiers <aspiers@suse.com>

- rpm/kernel-obs-build.spec.in: Enable overlayfs Overlayfs is needed for

podman or docker builds when no more specific driver can be used (like

lvm or btrfs). As the default build fs is ext4 currently, we need

overlayfs kernel modules to be available.

- rpm/kernel-source.spec.in: Add obsolete_rebuilds (boo#1172073).

- rpm/kernel-source.spec.in: Also use bz compression (boo#1175882).

- rpm/macros.kernel-source: pass -c proerly in kernel module package

(bsc#1176698) The "-c" option wasn't passed down to

%_kernel_module_package so the ueficert subpackage wasn't generated even

if the certificate is specified in the spec file.

- rpm/mkspec-dtb: add mt76 based dtb package

- rpm/package-descriptions: garbege collection remove old ARM and Xen

flavors.

- rtc: ds1374: fix possible race condition (git-fixes).

- rtlwifi: rtl8192cu: Prevent leaking urb (git-fixes).

- rxrpc: Fix race between recvmsg and sendmsg on immediate call failure

(networking-stable-20_08_08).

- rxrpc: Fix sendmsg() returning EPIPE due to recvmsg() returning ENODATA

(networking-stable-20_07_29).

- s390/mm: fix huge pte soft dirty copying (git-fixes).

- s390/qeth: do not process empty bridge port events (git-fixes).

- s390/qeth: integrate RX refill worker with NAPI (git-fixes).

- s390/qeth: tolerate pre-filled RX buffer (git-fixes).

- sched/deadline: Initialize ->dl_boosted (bsc#1112178).

- scsi: fcoe: Memory leak fix in fcoe_sysfs_fcf_del() (bsc#1174899).

- scsi: Fix trivial spelling (bsc#1171688 bsc#1174003).

- scsi: fnic: Do not call 'scsi_done()' for unhandled commands

(bsc#1168468, bsc#1171675).

- scsi: ibmvfc: Avoid link down on FS9100 canister reboot (bsc#1176962

ltc#188304).

- scsi: ibmvfc: Use compiler attribute defines instead of __attribute__()

(bsc#1176962 ltc#188304).

- scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling

getpeername() (bsc#1177258).

- scsi: libfc: Fix for double free() (bsc#1174899).

- scsi: libfc: free response frame from GPN_ID (bsc#1174899).

- scsi: libfc: Free skb in fc_disc_gpn_id_resp() for valid cases

(bsc#1174899).

- scsi: libfc: free skb when receiving invalid flogi resp (bsc#1175528).

- scsi: libfc: Handling of extra kref (bsc#1175528).

- scsi: libfc: If PRLI rejected, move rport to PLOGI state (bsc#1175528).

- scsi: libfc: rport state move to PLOGI if all PRLI retry exhausted

(bsc#1175528).

- scsi: libfc: Skip additional kref updating work event (bsc#1175528).

- scsi: lpfc: Add and rename a whole bunch of function parameter

descriptions (bsc#1171558 bsc#1136666).

- scsi: lpfc: Add dependency on CPU_FREQ (git-fixes).

- scsi: lpfc: Add description for lpfc_release_rpi()'s 'ndlpl param

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Add missing misc_deregister() for lpfc_init() (bsc#1171558

bsc#1136666).

- scsi: lpfc: Ensure variable has the same stipulations as code using it

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix a bunch of kerneldoc misdemeanors (bsc#1171558

bsc#1136666).

- scsi: lpfc: Fix FCoE speed reporting (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix kerneldoc parameter formatting/misnaming/missing issues

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix LUN loss after cable pull (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix no message shown for lpfc_hdw_queue out of range value

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix oops when unloading driver while running mds diags

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix retry of PRLI when status indicates its unsupported

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix RSCN timeout due to incorrect gidft counter (bsc#1171558

bsc#1136666).

- scsi: lpfc: Fix setting IRQ affinity with an empty CPU mask (git-fixes).

- scsi: lpfc: Fix some function parameter descriptions (bsc#1171558

bsc#1136666).

- scsi: lpfc: Fix typo in comment for ULP (bsc#1171558 bsc#1136666).

- scsi: lpfc: Fix-up around 120 documentation issues (bsc#1171558

bsc#1136666).

- scsi: lpfc: Fix-up formatting/docrot where appropriate (bsc#1171558

bsc#1136666).

- scsi: lpfc: Fix validation of bsg reply lengths (bsc#1171558

bsc#1136666).

- scsi: lpfc: NVMe remote port devloss_tmo from lldd (bsc#1171558

bsc#1136666 bsc#1173060).

- scsi: lpfc: nvmet: Avoid hang / use-after-free again when destroying

targetport (bsc#1171558 bsc#1136666).

- scsi: lpfc: Provide description for lpfc_mem_alloc()'s 'align' param

(bsc#1171558 bsc#1136666).

- scsi: lpfc: Quieten some printks (bsc#1171558 bsc#1136666).

- scsi: lpfc: Remove unused variable 'pg_addr' (bsc#1171558 bsc#1136666).

- scsi: lpfc: Update lpfc version to 12.8.0.3 (bsc#1171558 bsc#1136666).

- scsi: lpfc: Use __printf() format notation (bsc#1171558 bsc#1136666).

- scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be

set anytime (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case

into lower case (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof()

expressions (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Check the size of struct fcp_hdr at compile time

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump()

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix I/O failures during remote port toggle testing

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Fix null pointer access during disconnect from subsystem

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Fix regression on sparc64 (git-fixes).

- scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Fix the code that reads from mailbox registers (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Fix the return value (bsc#1171688).

- scsi: qla2xxx: Fix the size used in a 'dma_free_coherent()' call

(bsc#1171688).

- scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba()

(bsc#1171688).

- scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg()

(bsc#1171688).

- scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1171688).

- scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to

FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Indicate correct supported speeds for Mezz card

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Introduce a function for computing the debug message

prefix (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle()

(bsc#1171688).

- scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of

request_t.handle (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Make tgt_port_database available in initiator mode

(bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Remove pci-dma-compat wrapper API (bsc#1171688).

- scsi: qla2xxx: Remove redundant variable initialization (bsc#1171688).

- scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Remove superfluous memset() (bsc#1171688).

- scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and

fcp_hdr_le (bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: SAN congestion management implementation (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946

bsc#1175520 bsc#1172538).

- scsi: qla2xxx: Simplify return value logic in

qla2x00_get_sp_from_handle() (bsc#1171688).

- scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Suppress two recently introduced compiler warnings

(git-fixes).

- scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520

bsc#1172538).

- scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Use register names instead of register offsets

(bsc#1171688 bsc#1174003).

- scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688

bsc#1174003).

- scsi: qla2xxx: Warn if done() or free() are called on an already freed

srb (bsc#1171688).

- scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790).

- sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra186

(git-fixes).

- sdhci: tegra: Remove SDHCI_QUIRK_DATA_TIMEOUT_USES_SDCLK for Tegra210

(git-fixes).

- serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout

(git-fixes).

- serial: 8250: change lock order in serial8250_do_startup() (git-fixes).

- serial: 8250_omap: Fix sleeping function called from invalid context

during probe (git-fixes).

- serial: 8250_port: Do not service RX FIFO if throttled (git-fixes).

- serial: pl011: Do not leak amba_ports entry on driver register error

(git-fixes).

- serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes).

- Set CONFIG_HAVE_KVM_VCPU_ASYNC_IOCTL=y (jsc#SLE-4084).

- Set VIRTIO_CONSOLE=y (bsc#1175667).

- sign also s390x kernel images (bsc#1163524)

- SMB3: Honor persistent/resilient handle flags for multiuser mounts

(bsc#1176546).

- SMB3: Honor 'seal' flag for multiuser mounts (bsc#1176545).

- SMB3: warn on confusing error scenario with sec=krb5 (bsc#1176548).

- stmmac: Do not access tx_q->dirty_tx before netif_tx_lock (git-fixes).

- tcp: apply a floor of 1 for RTT samples from TCP timestamps

(networking-stable-20_08_08).

- thermal: ti-soc-thermal: Fix bogus thermal shutdowns for omap4430

(git-fixes).

- tools/power/cpupower: Fix initializer override in hsw_ext_cstates

(bsc#1112178).

- Update patch reference for a tipc fix patch (bsc#1175515)

- USB: cdc-acm: rework notification_buffer resizing (git-fixes).

- USB: core: fix slab-out-of-bounds Read in read_descriptors (git-fixes).

- USB: dwc3: Increase timeout for CmdAct cleared by device controller

(git-fixes).

- USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes).

- USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int

(git-fixes).

- USB: Fix out of sync data toggle if a configured device is reconfigured

(git-fixes).

- USB: gadget: f_ncm: add bounds checks to ncm_unwrap_ntb() (git-fixes).

- USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes).

- USB: gadget: f_tcm: Fix some resource leaks in some error paths

(git-fixes).

- USB: gadget: u_f: add overflow checks to VLA macros (git-fixes).

- USB: gadget: u_f: Unbreak offset calculation in VLAs (git-fixes).

- USB: host: ohci-exynos: Fix error handling in exynos_ohci_probe()

(git-fixes).

- USB: hso: check for return value in hso_serial_common_create()

(networking-stable-20_08_08).

- USB: Ignore UAS for JMicron JMS567 ATA/ATAPI Bridge (git-fixes).

- usblp: fix race between disconnect() and read() (git-fixes).

- USB: lvtest: return proper error code in probe (git-fixes).

- usbnet: ipheth: fix potential null pointer dereference in

ipheth_carrier_set (git-fixes).

- USB: qmi_wwan: add D-Link DWM-222 A2 device ID (git-fixes).

- USB: quirks: Add no-lpm quirk for another Raydium touchscreen

(git-fixes).

- USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin

notebook (git-fixes).

- USB: quirks: Ignore duplicate endpoint on Sound Devices MixPre-D

(git-fixes).

- USB: rename USB quirk to USB_QUIRK_ENDPOINT_IGNORE (git-fixes).

- USB: serial: ftdi_sio: add IDs for Xsens Mti USB converter (git-fixes).

- USB: serial: ftdi_sio: clean up receive processing (git-fixes).

- USB: serial: ftdi_sio: fix break and sysrq handling (git-fixes).

- USB: serial: ftdi_sio: make process-packet buffer unsigned (git-fixes).

- USB: serial: option: add support for SIM7070/SIM7080/SIM7090 modules

(git-fixes).

- USB: serial: option: support dynamic Quectel USB compositions

(git-fixes).

- USB: serial: qcserial: add EM7305 QDL product ID (git-fixes).

- USB: sisusbvga: Fix a potential UB casued by left shifting a negative

value (git-fixes).

- USB: storage: Add unusual_uas entry for Sony PSZ drives (git-fixes).

- USB: typec: ucsi: acpi: Check the _DEP dependencies (git-fixes).

- USB: uas: Add quirk for PNY Pro Elite (git-fixes).

- USB: UAS: fix disconnect by unplugging a hub (git-fixes).

- USB: xhci: define IDs for various ASMedia host controllers (git-fixes).

- USB: xhci: Fix ASMedia ASM1142 DMA addressing (git-fixes).

- USB: yurex: Fix bad gfp argument (git-fixes).

- vgacon: remove software scrollback support (bsc#1176278).

- video: fbdev: fix OOB read in vga_8planes_imageblit() (git-fixes).

- virtio-blk: free vblk-vqs in error path of virtblk_probe() (git fixes

(block drivers)).

- vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes).

- vrf: prevent adding upper devices (git-fixes).

- vxge: fix return of a free'd memblock on a failed dma mapping

(git-fixes).

- vxlan: Ensure FDB dump is performed under RCU (git-fixes).

- x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1112178).

- x86/hyperv: Create and use Hyper-V page definitions (git-fixes).

- x86/hyperv: Make hv_vcpu_is_preempted() visible (git-fixes).

- x86/mce/inject: Fix a wrong assignment of i_mce.status (bsc#1112178).

- x86/unwind/orc: Fix ORC for newly forked tasks (bsc#1058115).

- xen/balloon: fix accounting in alloc_xenballooned_pages error path

(bsc#1065600).

- xen/balloon: make the balloon wait interruptible (bsc#1065600).

- xen: do not reschedule in preemption off sections (bsc#1175749).

- xen/events: do not use chip_data for legacy IRQs (bsc#1065600).

- xen uses irqdesc::irq_data_common::handler_data to store a per interrupt

XEN data pointer which contains XEN specific information (bsc#1065600).

- xgbe: no need to check return value of debugfs_create functions

(git-fixes).

- xgbe: switch to more generic VxLAN detection (git-fixes).

- xhci: Do warm-reset when both CAS and XDEV_RESUME are set (git-fixes).

- yam: fix possible memory leak in yam_init_driver (git-fixes).

https://www.suse.com/security/cve/CVE-2020-0404.html

https://www.suse.com/security/cve/CVE-2020-0427.html

https://www.suse.com/security/cve/CVE-2020-0431.html

https://www.suse.com/security/cve/CVE-2020-0432.html

https://www.suse.com/security/cve/CVE-2020-14381.html

https://www.suse.com/security/cve/CVE-2020-14386.html

https://www.suse.com/security/cve/CVE-2020-14390.html

https://www.suse.com/security/cve/CVE-2020-1749.html

https://www.suse.com/security/cve/CVE-2020-2521.html

https://www.suse.com/security/cve/CVE-2020-25212.html

https://www.suse.com/security/cve/CVE-2020-25284.html

https://www.suse.com/security/cve/CVE-2020-25641.html

https://www.suse.com/security/cve/CVE-2020-25643.html

https://www.suse.com/security/cve/CVE-2020-25645.html

https://www.suse.com/security/cve/CVE-2020-26088.html

https://bugzilla.suse.com/1055186

https://bugzilla.suse.com/1058115

https://bugzilla.suse.com/1065600

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1094244

https://bugzilla.suse.com/1112178

https://bugzilla.suse.com/1113956

https://bugzilla.suse.com/1136666

https://bugzilla.suse.com/1152148

https://bugzilla.suse.com/1154366

https://bugzilla.suse.com/1163524

https://bugzilla.suse.com/1165629

https://bugzilla.suse.com/1166965

https://bugzilla.suse.com/1167527

https://bugzilla.suse.com/1168468

https://bugzilla.suse.com/1169790

https://bugzilla.suse.com/1169972

https://bugzilla.suse.com/1170232

https://bugzilla.suse.com/1171558

https://bugzilla.suse.com/1171675

https://bugzilla.suse.com/1171688

https://bugzilla.suse.com/1171742

https://bugzilla.suse.com/1172073

https://bugzilla.suse.com/1172538

https://bugzilla.suse.com/1172873

https://bugzilla.suse.com/1173060

https://bugzilla.suse.com/1173115

https://bugzilla.suse.com/1174003

https://bugzilla.suse.com/1174354

https://bugzilla.suse.com/1174899

https://bugzilla.suse.com/1175228

https://bugzilla.suse.com/1175515

https://bugzilla.suse.com/1175520

https://bugzilla.suse.com/1175528

https://bugzilla.suse.com/1175667

https://bugzilla.suse.com/1175691

https://bugzilla.suse.com/1175716

https://bugzilla.suse.com/1175749

https://bugzilla.suse.com/1175873

https://bugzilla.suse.com/1175882

https://bugzilla.suse.com/1176011

https://bugzilla.suse.com/1176022

https://bugzilla.suse.com/1176038

https://bugzilla.suse.com/1176069

https://bugzilla.suse.com/1176235

https://bugzilla.suse.com/1176242

https://bugzilla.suse.com/1176278

https://bugzilla.suse.com/1176316

https://bugzilla.suse.com/1176317

https://bugzilla.suse.com/1176318

https://bugzilla.suse.com/1176319

https://bugzilla.suse.com/1176320

https://bugzilla.suse.com/1176321

https://bugzilla.suse.com/1176381

https://bugzilla.suse.com/1176395

https://bugzilla.suse.com/1176410

https://bugzilla.suse.com/1176423

https://bugzilla.suse.com/1176482

https://bugzilla.suse.com/1176507

https://bugzilla.suse.com/1176536

https://bugzilla.suse.com/1176544

https://bugzilla.suse.com/1176545

https://bugzilla.suse.com/1176546

https://bugzilla.suse.com/1176548

https://bugzilla.suse.com/1176659

https://bugzilla.suse.com/1176698

https://bugzilla.suse.com/1176699

https://bugzilla.suse.com/1176700

https://bugzilla.suse.com/1176721

https://bugzilla.suse.com/1176722

https://bugzilla.suse.com/1176725

https://bugzilla.suse.com/1176732

https://bugzilla.suse.com/1176788

https://bugzilla.suse.com/1176789

https://bugzilla.suse.com/1176869

https://bugzilla.suse.com/1176877

https://bugzilla.suse.com/1176935

https://bugzilla.suse.com/1176946

https://bugzilla.suse.com/1176950

https://bugzilla.suse.com/1176962

https://bugzilla.suse.com/1176966

https://bugzilla.suse.com/1176990

https://bugzilla.suse.com/1177027

https://bugzilla.suse.com/1177030

https://bugzilla.suse.com/1177041

https://bugzilla.suse.com/1177042

https://bugzilla.suse.com/1177043

https://bugzilla.suse.com/1177044

https://bugzilla.suse.com/1177121

https://bugzilla.suse.com/1177206

https://bugzilla.suse.com/1177258

https://bugzilla.suse.com/1177291

https://bugzilla.suse.com/1177293

https://bugzilla.suse.com/1177294

https://bugzilla.suse.com/1177295

https://bugzilla.suse.com/1177296

https://bugzilla.suse.com/1177340

https://bugzilla.suse.com/1177511

https://bugzilla.suse.com/802154

Severity

Announcement ID: SUSE-SU-2020:2999-1

Rating: important

What Are You Looking For?

SUSE: 2020:2999-1 important: the Linux Kernel

Summary

References

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Kali vs. ParrotOS: 2 Versatile Linux Distros for Security Pros

Kali Linux 2023.4 Released With New Hacking Tools

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector

Using Open Source to Ensure Compliance & Data Integrity through Data Governance

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

What Are You Looking For?

SUSE: 2020:2999-1 important: the Linux Kernel

Summary

References

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By