SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:3512-1
Rating:             important
References:         #1055014 #1058115 #1061843 #1065600 #1065729 
                    #1066382 #1077428 #1112178 #1114648 #1131277 
                    #1134760 #1140683 #1152624 #1157424 #1163592 
                    #1167030 #1170415 #1170446 #1171558 #1172538 
                    #1172757 #1173432 #1174748 #1175306 #1175520 
                    #1175721 #1176354 #1176400 #1176485 #1176560 
                    #1176713 #1176723 #1176855 #1176907 #1176946 
                    #1176983 #1177086 #1177101 #1177271 #1177281 
                    #1177359 #1177410 #1177411 #1177470 #1177685 
                    #1177687 #1177703 #1177719 #1177724 #1177725 
                    #1177729 #1177740 #1177749 #1177750 #1177753 
                    #1177754 #1177755 #1177762 #1177766 #1177819 
                    #1177820 #1177855 #1177856 #1177861 #1178003 
                    #1178027 #1178123 #1178166 #1178185 #1178187 
                    #1178188 #1178202 #1178234 #1178330 #1178393 
                    #1178589 #1178591 #1178607 #1178622 #1178686 
                    #1178700 #1178765 #1178782 #927455 #936888 
                    
Cross-References:   CVE-2020-0430 CVE-2020-12351 CVE-2020-12352
                    CVE-2020-14351 CVE-2020-16120 CVE-2020-25285
                    CVE-2020-25656 CVE-2020-25668 CVE-2020-25704
                    CVE-2020-25705 CVE-2020-8694
Affected Products:
                    SUSE Linux Enterprise Real Time Extension 12-SP5
______________________________________________________________________________

   An update that solves 11 vulnerabilities and has 74 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP5 realtime kernel was updated to receive
   various security and bugfixes.


   The following security bugs were fixed:

   - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was
     found that allowed to quickly scan open UDP ports. This flaw allowed an
     off-path remote user to effectively bypassing source port UDP
     randomization. The highest threat from this vulnerability is to
     confidentiality and possibly integrity, because software and services
     that rely on UDP source port randomization (like DNS) are indirectly
     affected as well. Kernel versions may be vulnerable to this issue
     (bsc#1175721, bsc#1178782).
   - CVE-2020-8694: Insufficient access control for some Intel(R) Processors     may have allowed an authenticated user to potentially enable information
     disclosure via local access (bsc#1170415).
   - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123).
   - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl
     (bnc#1177766).
   - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers     in mm/hugetlb.c (bnc#1176485).
   - CVE-2020-0430: Fixed an OOB read in skb_headlen of
     /include/linux/skbuff.h (bnc#1176723).
   - CVE-2020-14351: Fixed a race in the perf_mmap_close() function
     (bsc#1177086).
   - CVE-2020-16120: Fixed permission check to open real file when using
     overlayfs. It was possible to have a file not readable by an
     unprivileged user be copied to a mountpoint controlled by that user and
     then be able to access the file (bsc#1177470).
   - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka
     "BleedingTooth" aka "BadKarma" (bsc#1177724).
   - CVE-2020-12352: Fixed an information leak when processing certain AMP
     packets aka "BleedingTooth" (bsc#1177725).

   The following non-security bugs were fixed:

   - 9P: Cast to loff_t before multiplying (git-fixes).
   - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
   - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
   - ACPI: dock: fix enum-conversion warning (git-fixes).
   - ACPI / extlog: Check for RDMSR failure (git-fixes).
   - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
   - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
   - ALSA: bebob: potential info leak in hwdep_read() (git-fixes).
   - ALSA: compress_offload: remove redundant initialization (git-fixes).
   - ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes).
   - ALSA: core: pcm: simplify locking for timers (git-fixes).
   - ALSA: core: timer: clarify operator precedence (git-fixes).
   - ALSA: core: timer: remove redundant assignment (git-fixes).
   - ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock
     (git-fixes).
   - ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes).
   - ALSA: hda - Do not register a cb func if it is registered already
     (git-fixes).
   - ALSA: hda - Fix the return value if cb func is already registered
     (git-fixes).
   - ALSA: hda - Fix the return value if cb func is already registered
     (git-fixes).
   - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
     (git-fixes).
   - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7
     (git-fixes).
   - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887
     (git-fixes).
   - ALSA: hda/realtek - The front Mic on a HP machine does not work
     (git-fixes).
   - ALSA: hda: use semicolons rather than commas to separate statements
     (git-fixes).
   - ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes).
   - ALSA: rawmidi: (cosmetic) align function parameters (git-fixes).
   - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes).
   - ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes).
   - ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes).
   - ALSA: usb-audio: Fix potential use-after-free of streams (gix-fixes).
   - ALSA: usb-audio: fix spelling mistake "Frequence" -> "Frequency"
     (git-fixes).
   - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes).
   - ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes).
   - ASoC: qcom: lpass-platform: fix memory leak (git-fixes).
   - ata: sata_rcar: Fix DMA boundary mask (git-fixes).
   - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes).
   - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error
     handling path (git-fixes).
   - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
   - ath10k: provide survey info as accumulated data (git-fixes).
   - ath10k: start recovery process when payload length exceeds max htc
     length for sdio (git-fixes).
   - ath6kl: prevent potential array overflow in ath6kl_add_new_sta()
     (git-fixes).
   - ath6kl: wmi: prevent a shift wrapping bug in
     ath6kl_wmi_delete_pstream_cmd() (git-fixes).
   - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb()
     (git-fixes).
   - ath9k: hif_usb: fix race condition between usb_get_urb() and
     usb_kill_anchored_urbs() (git-fixes).
   - backlight: sky81452-backlight: Fix refcount imbalance on error
     (git-fixes).
   - blk-mq: order adding requests to hctx->dispatch and checking
     SCHED_RESTART (bsc#1177750).
   - block: ensure bdi->io_pages is always initialized (bsc#1177749).
   - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes).
   - Bluetooth: Only mark socket zapped after unlocking (git-fixes).
   - bnxt: do not enable NAPI until rings are ready
     (networking-stable-20_09_11).
   - bnxt_en: Check for zero dir entries in NVRAM
     (networking-stable-20_09_11).
   - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes).
   - brcmfmac: check ndev pointer (git-fixes).
   - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes).
   - btrfs: check the right error variable in btrfs_del_dir_entries_in_log
     (bsc#1177687).
   - btrfs: do not force read-only after error in drop snapshot (bsc#1176354).
   - btrfs: do not set the full sync flag on the inode during page release
     (bsc#1177687).
   - btrfs: fix incorrect updating of log root tree (bsc#1177687).
   - btrfs: fix race between page release and a fast fsync (bsc#1177687).
   - btrfs: only commit delayed items at fsync if we are logging a directory
     (bsc#1177687).
   - btrfs: only commit the delayed inode when doing a full fsync
     (bsc#1177687).
   - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations
     (bsc#1177856).
   - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode
     (bsc#1177855).
   - btrfs: reduce contention on log trees when logging checksums
     (bsc#1177687).
   - btrfs: release old extent maps during page release (bsc#1177687).
   - btrfs: remove no longer needed use of log_writers for the log root tree
     (bsc#1177687).
   - btrfs: remove root usage from can_overcommit (bsc#1131277).
   - btrfs: stop incremening log_batch for the log root tree when syncing log
     (bsc#1177687).
   - btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560).
   - btrfs: tree-checker: fix false alert caused by legacy btrfs root item
     (bsc#1177861).
   - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes).
   - can: can_create_echo_skb(): fix echo skb generation: always use
     skb_clone() (git-fixes).
   - can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes).
   - can: dev: __can_get_echo_skb(): fix real payload length return value for
     RTR frames (git-fixes).
   - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
     context (git-fixes).
   - can: flexcan: flexcan_chip_stop(): add error handling and propagate
     error value (git-fixes).
   - can: peak_canfd: pucan_handle_can_rx(): fix echo management when
     loopback is on (git-fixes).
   - can: peak_usb: add range checking in decode operations (git-fixes).
   - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
     (git-fixes).
   - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
   - can: softing: softing_card_shutdown(): add braces around empty body in
     an 'if' statement (git-fixes).
   - ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234).
   - ceph: map snapid to anonymous bdev ID (bsc#1178234).
   - ceph: promote to unsigned long long before shifting (bsc#1178187).
   - clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes).
   - clk: at91: remove the checking of parent_name (git-fixes).
   - clk: bcm2835: add missing release if devm_clk_hw_register fails
     (git-fixes).
   - clk: imx8mq: Fix usdhc parents order (git-fixes).
   - clk: ti: clockdomain: fix static checker warning (git-fixes).
   - coredump: fix crash when umh is disabled (bsc#1177753).
   - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes).
   - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
   - crypto: ccp - fix error handling (git-fixes).
   - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
     (git-fixes).
   - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc()
     (git-fixes).
   - crypto: omap-sham - fix digcnt register handling with export/import
     (git-fixes).
   - cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes).
   - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes).
   - debugfs: Fix module state check condition (git-fixes).
   - device property: Do not clear secondary pointer for shared primary
     firmware node (git-fixes).
   - device property: Keep secondary firmware node secondary by type
     (git-fixes).
   - Disable ipa-clones dump for KMP builds (bsc#1178330)
   - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes).
   - dpaa_eth: fix the RX headroom size alignment (git-fixes).
   - dpaa_eth: update the buffer layout for non-A050385 erratum scenarios
     (git-fixes).
   - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally
     (git-fixes).
   - drm/amd/display: HDMI remote sink need mode validation for Linux
     (git-fixes).
   - drm/amdgpu: do not map BO in reserved region (git-fixes).
   - drm/amdgpu: prevent double kfree ttm->sg (git-fixes).
   - drm/bridge/synopsys: dsi: add support for non-continuous HS clock
     (git-fixes).
   - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working
     correctly (git-fixes).
   - drm/gma500: fix error check (git-fixes).
   - drm/i915: Break up error capture compression loops with cond_resched()
     (git-fixes).
   - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
   - drm/imx: tve remove extraneous type qualifier (git-fixes).
   - drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes).
   - drm/nouveau/mem: guard against NULL pointer access in mem_del
     (git-fixes).
   - drm/ttm: fix eviction valuable range check (git-fixes).
   - drm/vc4: drv: Add error handding for bind (git-fixes).
   - ea43d9709f72 ("nvme: fix identify error status silent ignore")
   - EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178).
   - eeprom: at25: set minimum read/write access stride to 1 (git-fixes).
   - efivarfs: Replace invalid slashes with exclamation marks in dentries
     (git-fixes).
   - ext4: fix dir_nlink behaviour (bsc#1177359).
   - Fix use after free in get_capset_info callback (git-fixes).
   - ftrace: Fix recursion check for NMI test (git-fixes).
   - ftrace: Handle tracing when switching between context (git-fixes).
   - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY
     (networking-stable-20_08_24).
   - gtp: add GTPA_LINK info to msg sent to userspace
     (networking-stable-20_09_11).
   - HID: roccat: add bounds checking in kone_sysfs_write_settings()
     (git-fixes).
   - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery
     (git-fixes).
   - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
   - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819,
     bsc#1177820).
   - hyperv_fb: Update screen_info after removing old framebuffer
     (bsc#1175306).
   - i2c: imx: Fix external abort on interrupt in exit paths (git-fixes).
   - ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897).
   - ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes).
   - ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes).
   - ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760
     ltc#177449 git-fixes).
   - icmp: randomize the global rate limiter (git-fixes).
   - iio:accel:bma180: Fix use of true when should be iio_shared_by enum
     (git-fixes).
   - iio:adc:max1118 Fix alignment of timestamp and data leak issues
     (git-fixes).
   - iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes).
   - iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes).
   - iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes).
   - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak
     (git-fixes).
   - iio:light:si1145: Fix timestamp alignment and prevent data leak
     (git-fixes).
   - iio:magn:hmc5843: Fix passing true where iio_shared_by enum required
     (git-fixes).
   - ima: Remove semicolon at the end of ima_get_binary_runtime_size()
     (git-fixes).
   - include/linux/swapops.h: correct guards for non_swap_entry() (git-fixes
     (mm/swap)).
   - Input: ep93xx_keypad - fix handling of platform_get_irq() error
     (git-fixes).
   - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (git-fixes).
   - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume()
     (git-fixes).
   - Input: omap4-keypad - fix handling of platform_get_irq() error
     (git-fixes).
   - Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes).
   - Input: twl4030_keypad - fix handling of platform_get_irq() error
     (git-fixes).
   - iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754).
   - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400).
   - ip: fix tos reflection in ack and reset packets
     (networking-stable-20_09_24).
   - ipmi: use vzalloc instead of kmalloc for user creation (bsc#1178607).
   - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
     (git-fixes).
   - ipv4: Update exception handling for multipath routes via same device
     (networking-stable-20_09_24).
   - iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes).
   - kbuild: enforce -Werror=return-type (bsc#1177281).
   - kthread_worker: prevent queuing delayed work from timer_fn when it is
     being canceled (git-fixes).
   - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
   - leds: mt6323: move period calculation (git-fixes).
   - libceph: clear con->out_msg on Policy::stateful_server faults
     (bsc#1178188).
   - lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes).
   - livepatch: Test if -fdump-ipa-clones is really available As of now we
     add -fdump-ipa-clones unconditionally.
   - mac80211: handle lack of sband->bitrates in rates (git-fixes).
   - mailbox: avoid timer start from callback (git-fixes).
   - media: ati_remote: sanity check for both endpoints (git-fixes).
   - media: bdisp: Fix runtime PM imbalance on error (git-fixes).
   - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync
     (git-fixes).
   - media: exynos4-is: Fix a reference count leak (git-fixes).
   - media: exynos4-is: Fix several reference count leaks due to
     pm_runtime_get_sync (git-fixes).
   - media: firewire: fix memory leak (git-fixes).
   - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes).
   - media: media/pci: prevent memory leak in bttv_probe (git-fixes).
   - media: omap3isp: Fix memleak in isp_probe (git-fixes).
   - media: platform: fcp: Fix a reference count leak (git-fixes).
   - media: platform: Improve queue set up flow for bug fixing (git-fixes).
   - media: platform: s3c-camif: Fix runtime PM imbalance on error
     (git-fixes).
   - media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes).
   - media: Revert "media: exynos4-is: Add missed check for
     pinctrl_lookup_state()" (git-fixes).
   - media: s5p-mfc: Fix a reference count leak (git-fixes).
   - media: saa7134: avoid a shift overflow (git-fixes).
   - media: st-delta: Fix reference count leak in delta_run_work (git-fixes).
   - media: sti: Fix reference count leaks (git-fixes).
   - media: tc358743: initialize variable (git-fixes).
   - media: ti-vpe: Fix a missing check and reference count leak (git-fixes).
   - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes).
   - media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
   - media: usbtv: Fix refcounting mixup (git-fixes).
   - media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes).
   - media: vsp1: Fix runtime PM imbalance on error (git-fixes).
   - memcg: fix NULL pointer dereference in
     __mem_cgroup_usage_unregister_event (bsc#1177703).
   - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error
     (git-fixes).
   - memory: omap-gpmc: Fix a couple off by ones (git-fixes).
   - mfd: sm501: Fix leaks in probe() (git-fixes).
   - mic: vop: copy data to kernel space then write to io memory (git-fixes).
   - misc: mic: scif: Fix error handling path (git-fixes).
   - misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes).
   - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic
     (git-fixes).
   - mlx5 PPC ringsize workaround (bsc#1173432).
   - mlx5: remove support for ib_get_vector_affinity (bsc#1174748).
   - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
   - mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes).
   - mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)).
   - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup()
     (git-fixes (mm/hugetlb)).
   - mm/ksm.c: do not WARN if page is still mapped in remove_stable_node()
     (git-fixes (mm/hugetlb)).
   - mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
   - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm()
     (bsc#1177685).
   - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes
     (mm/mempolicy)).
   - mm/mempolicy.c: use match_string() helper to simplify the code
     (git-fixes (mm/mempolicy)).
   - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when
     marking page tables prot_numa (git-fixes (mm/numa)).
   - mm/page_owner.c: remove drain_all_pages from init_early_allocated_pages
     (git-fixes (mm/debug)).
   - mm/page-writeback.c: avoid potential division by zero in
     wb_min_max_ratio() (git-fixes (mm/writeback)).
   - mm/page-writeback.c: improve arithmetic divisions (git-fixes
     (mm/writeback)).
   - mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide
     (git-fixes (mm/writeback)).
   - mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)).
   - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes
     (mm/zsmalloc)).
   - mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes
     (mm/zsmalloc)).
   - mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes
     (mm/zsmalloc)).
   - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely
     (git-fixes (mm/zsmalloc)).
   - Move the upstreamed bluetooth fix into sorted section
   - Move the upstreamed powercap fix into sorted sectio
   - Move upstreamed patches into sorted section
   - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
   - mtd: lpddr: fix excessive stack usage with clang (git-fixes).
   - mtd: mtdoops: Do not write panic data twice (git-fixes).
   - mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes).
   - mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes).
   - mwifiex: fix double free (git-fixes).
   - mwifiex: remove function pointer check (git-fixes).
   - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO
     (git-fixes).
   - net: disable netpoll on fresh napis (networking-stable-20_09_11).
   - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
     (git-fixes).
   - net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes).
   - net: Fix potential wrong skb->protocol in skb_vlan_untag()
     (networking-stable-20_08_24).
   - net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11).
   - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC
     (networking-stable-20_09_24).
   - netlabel: fix problems with mapping removal (networking-stable-20_09_11).
   - net/mlx5e: Take common TIR context settings into a function
     (bsc#1177740).
   - net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740).
   - net: phy: Avoid NPD upon phy_detach() when driver is unbound
     (networking-stable-20_09_24).
   - net: qrtr: fix usage of idr in port assignment to socket
     (networking-stable-20_08_24).
   - net: systemport: Fix memleak in bcm_sysport_probe
     (networking-stable-20_09_11).
   - net: usb: dm9601: Add USB ID of Keenetic Plus DSL
     (networking-stable-20_09_11).
   - net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes).
   - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
   - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
     (git-fixes).
   - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key()
     (git-fixes).
   - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
     nfc_genl_fw_download() (git-fixes).
   - NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
   - nl80211: fix non-split wiphy information (git-fixes).
   - NTB: hw: amd: fix an issue about leak system resources (git-fixes).
   - nvme: add a Identify Namespace Identification Descriptor list quirk
     (bsc#1174748).
   - nvme: do not update disk info for multipathed device (bsc#1171558).
   - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748).
   - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748).
   - nvme: fix possible hang when ns scanning fails during error recovery
   - nvme: fix possible io failures when removing multipathed ns
     (bsc#1174748).
   - nvme: make nvme_identify_ns propagate errors back (bsc#1174748).
   - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748).
   - nvme-multipath: do not reset on unknown status (bsc#1174748).
   - nvme: Namepace identification descriptor list is optional (bsc#1174748).
   - nvme: pass status to nvme_error_status (bsc#1174748).
   - nvme-rdma: Avoid double freeing of async event data (bsc#1174748).
   - nvme-rdma: fix crash due to incorrect cqe (bsc#1174748).
   - nvme-rdma: fix crash when connect rejected (bsc#1174748).
   - nvme: return error from nvme_alloc_ns() (bsc#1174748).
   - ocfs2: fix unbalanced locking (git-fixes).
   - p54: avoid accessing the data mapped to streaming DMA (git-fixes).
   - perf/x86/amd: Fix sampling Large Increment per Cycle events
     (bsc#1114648).
   - perf/x86: Fix n_pair for cancelled txn (bsc#1114648).
   - platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes).
   - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729).
   - powerpc: Fix circular dependency between percpu.h and mmu.h (git-fixes).
   - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load
     emulation (bsc#1065729).
   - powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729).
   - powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729).
   - powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729).
   - powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729).
   - powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729).
   - powerpc/powernv/elog: Fix race while processing OPAL error log event
     (bsc#1065729).
   - powerpc/pseries/cpuidle: add polling idle for shared processor guests
     (bsc#1178765 ltc#188968).
   - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal
     (bsc#1077428 ltc#163882 git-fixes).
   - powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729).
   - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
   - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
   - power: supply: test_power: add missing newlines when printing parameters     by sysfs (git-fixes).
   - pty: do tty_flip_buffer_push without port->lock in pty_write (git-fixes).
   - pwm: lpss: Add range limit check for the base_unit register value
     (git-fixes).
   - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare()
     (git-fixes).
   - regulator: defer probe when trying to get voltage from unresolved supply
     (git-fixes).
   - regulator: resolve supply after creating regulator (git-fixes).
   - ring-buffer: Fix recursion protection transitions between interrupt
     context (git-fixes).
   - ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes).
   - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592)
   - rtl8xxxu: prevent potential memory leak (git-fixes).
   - scsi: hisi_sas: Add debugfs ITCT file and add file operations
     (bsc#1140683).
   - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683).
   - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32()
     (bsc#1140683).
   - scsi: hisi_sas: Change return variable type in phy_up_v3_hw()
     (bsc#1140683).
   - scsi: hisi_sas: Correct memory allocation size for DQ debugfs
     (bsc#1140683).
   - scsi: hisi_sas: Do some more tidy-up (bsc#1140683).
   - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO
     (bsc#1140683).
   - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs
     code (bsc#1140683). Refresh:
   - scsi: hisi_sas: No need to check return value of debugfs_create
     functions (bsc#1140683). Update:
   - scsi: hisi_sas: Some misc tidy-up (bsc#1140683).
   - scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729).
   - scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166
     ltc#188226).
   - sctp: not disable bh in the whole sctp_get_port_local()
     (networking-stable-20_09_11).
   - spi: fsl-espi: Only process interrupts for expected events (git-fixes).
   - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
     (git-fixes).
   - staging: octeon: Drop on uncorrectable alignment or FCS error
     (git-fixes).
   - staging: octeon: repair "fixed-link" support (git-fixes).
   - tg3: Fix soft lockup when tg3_reset_task() fails
     (networking-stable-20_09_11).
   - tipc: fix memory leak caused by tipc_buf_append() (git-fixes).
   - tipc: fix shutdown() of connectionless socket
     (networking-stable-20_09_11).
   - tipc: fix shutdown() of connection oriented socket
     (networking-stable-20_09_24).
   - tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes).
   - tipc: fix uninit skb->data in tipc_nl_compat_dumpit()
     (networking-stable-20_08_24).
   - tipc: use skb_unshare() instead in tipc_buf_append()
     (networking-stable-20_09_24).
   - tty: ipwireless: fix error handling (git-fixes).
   - tty: serial: earlycon dependency (git-fixes).
   - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes).
   - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
   - USB: adutux: fix debugging (git-fixes).
   - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes).
   - usb: cdc-acm: fix cooldown mechanism (git-fixes).
   - USB: cdc-acm: handle broken union descriptors (git-fixes).
   - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync()
     (git-fixes).
   - usb: core: Solve race condition in anchor cleanup functions (git-fixes).
   - usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes).
   - usb: dwc2: Fix parameter type in function pointer prototype (git-fixes).
   - usb: dwc3: core: add phy cleanup for probe error handling (git-fixes).
   - usb: dwc3: core: do not trigger runtime pm when remove driver
     (git-fixes).
   - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes).
   - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets
     (git-fixes).
   - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes).
   - usb: gadget: function: printer: fix use-after-free in __lock_acquire
     (git-fixes).
   - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well
     (git-fixes).
   - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes).
   - usb: host: xhci: fix ep context print mismatch in debugfs (git-fixes).
   - usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
   - usb: ohci: Default to per-port over-current protection (git-fixes).
   - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
     (git-fixes).
   - USB: serial: option: add Quectel EC200T module support (git-fixes).
   - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
   - USB: serial: qcserial: fix altsetting probing (git-fixes).
   - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after
     tSwapSourceStart (git-fixes).
   - usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).
   - vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202).
   - video: fbdev: pvr2fb: initialize variables (git-fixes).
   - video: fbdev: sis: fix null ptr dereference (git-fixes).
   - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value
     error (git-fixes).
   - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host
     (bsc#1175306).
   - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer
     driver (bsc#1175306).
   - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs
     (bsc#1175306).
   - VMCI: check return value of get_user_pages_fast() for errors (git-fixes).
   - vt: Disable KD_FONT_OP_COPY (bsc#1178589).
   - w1: mxc_w1: Fix timeout resolution problem leading to bus error
     (git-fixes).
   - watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101).
   - watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101).
   - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680
     (git-fixes).
   - writeback: Avoid skipping inode writeback (bsc#1177755).
   - writeback: Fix sync livelock due to b_dirty_time processing
     (bsc#1177755).
   - writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755).
   - x86/apic: Unify duplicated local apic timer clockevent initialization
     (bsc#1112178).
   - x86, fakenuma: Fix invalid starting node ID (git-fixes
     (mm/x86/fakenuma)).
   - x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178).
   - x86/kexec: Use up-to-dated screen_info copy to fill boot params
     (bsc#1175306).
   - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10
     compiled kernels (bsc#1058115 bsc#1176907).
   - x86/xen: disable Firmware First mode for correctable memory errors     (bsc#1176713).
   - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411).
   - xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411).
   - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332
     bsc#1177411).
   - xen/events: avoid removing an event channel while handling it (XSA-331
     bsc#1177410).
   - xen/events: block rogue events for some time (XSA-332 bsc#1177411).
   - xen/events: defer eoi in case of excessive number of events (XSA-332
     bsc#1177411).
   - xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600).
   - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411).
   - xen/events: switch user event channels to lateeoi model (XSA-332
     bsc#1177411).
   - xen/events: use a common cpu hotplug hook for event channels (XSA-332
     bsc#1177411).
   - xen/gntdev.c: Mark pages as dirty (bsc#1065600).
   - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411).
   - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411).
   - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411).
   - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt
     XEN data pointer which contains XEN specific information (XSA-332
     bsc#1065600).
   - xfs: avoid infinite loop when cancelling CoW blocks after writeback
     failure (bsc#1178027).
   - xfs: do not update mtime on COW faults (bsc#1167030).
   - xfs: flush new eof page on truncate to avoid post-eof corruption
     (git-fixes).
   - xfs: limit entries returned when counting fsmap records (git-fixes).
   - xhci: do not create endpoint debugfs entry before ring buffer is set
     (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time Extension 12-SP5:

      zypper in -t patch SUSE-SLE-RT-12-SP5-2020-3512=1



Package List:

   - SUSE Linux Enterprise Real Time Extension 12-SP5 (x86_64):

      cluster-md-kmp-rt-4.12.14-10.22.1
      dlm-kmp-rt-4.12.14-10.22.1
      gfs2-kmp-rt-4.12.14-10.22.1
      kernel-rt-4.12.14-10.22.1
      kernel-rt-base-4.12.14-10.22.1
      kernel-rt-devel-4.12.14-10.22.1
      kernel-rt_debug-4.12.14-10.22.1
      kernel-rt_debug-devel-4.12.14-10.22.1
      kernel-syms-rt-4.12.14-10.22.1
      ocfs2-kmp-rt-4.12.14-10.22.1

   - SUSE Linux Enterprise Real Time Extension 12-SP5 (noarch):

      kernel-devel-rt-4.12.14-10.22.1
      kernel-source-rt-4.12.14-10.22.1


References:

   https://www.suse.com/security/cve/CVE-2020-0430.html
   https://www.suse.com/security/cve/CVE-2020-12351.html
   https://www.suse.com/security/cve/CVE-2020-12352.html
   https://www.suse.com/security/cve/CVE-2020-14351.html
   https://www.suse.com/security/cve/CVE-2020-16120.html
   https://www.suse.com/security/cve/CVE-2020-25285.html
   https://www.suse.com/security/cve/CVE-2020-25656.html
   https://www.suse.com/security/cve/CVE-2020-25668.html
   https://www.suse.com/security/cve/CVE-2020-25704.html
   https://www.suse.com/security/cve/CVE-2020-25705.html
   https://www.suse.com/security/cve/CVE-2020-8694.html
   https://bugzilla.suse.com/1055014
   https://bugzilla.suse.com/1058115
   https://bugzilla.suse.com/1061843
   https://bugzilla.suse.com/1065600
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1066382
   https://bugzilla.suse.com/1077428
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1114648
   https://bugzilla.suse.com/1131277
   https://bugzilla.suse.com/1134760
   https://bugzilla.suse.com/1140683
   https://bugzilla.suse.com/1152624
   https://bugzilla.suse.com/1157424
   https://bugzilla.suse.com/1163592
   https://bugzilla.suse.com/1167030
   https://bugzilla.suse.com/1170415
   https://bugzilla.suse.com/1170446
   https://bugzilla.suse.com/1171558
   https://bugzilla.suse.com/1172538
   https://bugzilla.suse.com/1172757
   https://bugzilla.suse.com/1173432
   https://bugzilla.suse.com/1174748
   https://bugzilla.suse.com/1175306
   https://bugzilla.suse.com/1175520
   https://bugzilla.suse.com/1175721
   https://bugzilla.suse.com/1176354
   https://bugzilla.suse.com/1176400
   https://bugzilla.suse.com/1176485
   https://bugzilla.suse.com/1176560
   https://bugzilla.suse.com/1176713
   https://bugzilla.suse.com/1176723
   https://bugzilla.suse.com/1176855
   https://bugzilla.suse.com/1176907
   https://bugzilla.suse.com/1176946
   https://bugzilla.suse.com/1176983
   https://bugzilla.suse.com/1177086
   https://bugzilla.suse.com/1177101
   https://bugzilla.suse.com/1177271
   https://bugzilla.suse.com/1177281
   https://bugzilla.suse.com/1177359
   https://bugzilla.suse.com/1177410
   https://bugzilla.suse.com/1177411
   https://bugzilla.suse.com/1177470
   https://bugzilla.suse.com/1177685
   https://bugzilla.suse.com/1177687
   https://bugzilla.suse.com/1177703
   https://bugzilla.suse.com/1177719
   https://bugzilla.suse.com/1177724
   https://bugzilla.suse.com/1177725
   https://bugzilla.suse.com/1177729
   https://bugzilla.suse.com/1177740
   https://bugzilla.suse.com/1177749
   https://bugzilla.suse.com/1177750
   https://bugzilla.suse.com/1177753
   https://bugzilla.suse.com/1177754
   https://bugzilla.suse.com/1177755
   https://bugzilla.suse.com/1177762
   https://bugzilla.suse.com/1177766
   https://bugzilla.suse.com/1177819
   https://bugzilla.suse.com/1177820
   https://bugzilla.suse.com/1177855
   https://bugzilla.suse.com/1177856
   https://bugzilla.suse.com/1177861
   https://bugzilla.suse.com/1178003
   https://bugzilla.suse.com/1178027
   https://bugzilla.suse.com/1178123
   https://bugzilla.suse.com/1178166
   https://bugzilla.suse.com/1178185
   https://bugzilla.suse.com/1178187
   https://bugzilla.suse.com/1178188
   https://bugzilla.suse.com/1178202
   https://bugzilla.suse.com/1178234
   https://bugzilla.suse.com/1178330
   https://bugzilla.suse.com/1178393
   https://bugzilla.suse.com/1178589
   https://bugzilla.suse.com/1178591
   https://bugzilla.suse.com/1178607
   https://bugzilla.suse.com/1178622
   https://bugzilla.suse.com/1178686
   https://bugzilla.suse.com/1178700
   https://bugzilla.suse.com/1178765
   https://bugzilla.suse.com/1178782
   https://bugzilla.suse.com/927455
   https://bugzilla.suse.com/936888

SUSE: 2020:3512-1 important: the Linux Kernel

November 25, 2020
An update that solves 11 vulnerabilities and has 74 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 realtime kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-25705: A flaw in the way reply ICMP packets are limited in was found that allowed to quickly scan open UDP ports. This flaw allowed an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software and services that rely on UDP source port randomization (like DNS) are indirectly affected as well. Kernel versions may be vulnerable to this issue (bsc#1175721, bsc#1178782). - CVE-2020-8694: Insufficient access control for some Intel(R) Processors may have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1170415). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123). - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766). - CVE-2020-25285: Fixed a race condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485). - CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723). - CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086). - CVE-2020-16120: Fixed permission check to open real file when using overlayfs. It was possible to have a file not readable by an unprivileged user be copied to a mountpoint controlled by that user and then be able to access the file (bsc#1177470). - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka "BleedingTooth" aka "BadKarma" (bsc#1177724). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka "BleedingTooth" (bsc#1177725). The following non-security bugs were fixed: - 9P: Cast to loff_t before multiplying (git-fixes). - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes). - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes). - ACPI: dock: fix enum-conversion warning (git-fixes). - ACPI / extlog: Check for RDMSR failure (git-fixes). - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes). - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes). - ALSA: bebob: potential info leak in hwdep_read() (git-fixes). - ALSA: compress_offload: remove redundant initialization (git-fixes). - ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes). - ALSA: core: pcm: simplify locking for timers (git-fixes). - ALSA: core: timer: clarify operator precedence (git-fixes). - ALSA: core: timer: remove redundant assignment (git-fixes). - ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock (git-fixes). - ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes). - ALSA: hda - Do not register a cb func if it is registered already (git-fixes). - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes). - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes). - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes). - ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes). - ALSA: hda: use semicolons rather than commas to separate statements (git-fixes). - ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes). - ALSA: rawmidi: (cosmetic) align function parameters (git-fixes). - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes). - ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes). - ALSA: usb-audio: endpoint.c: fix repeated word 'there' (git-fixes). - ALSA: usb-audio: Fix potential use-after-free of streams (gix-fixes). - ALSA: usb-audio: fix spelling mistake "Frequence" -> "Frequency" (git-fixes). - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes). - ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes). - ASoC: qcom: lpass-platform: fix memory leak (git-fixes). - ata: sata_rcar: Fix DMA boundary mask (git-fixes). - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes). - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes). - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes). - ath10k: provide survey info as accumulated data (git-fixes). - ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes). - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes). - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes). - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes). - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes). - backlight: sky81452-backlight: Fix refcount imbalance on error (git-fixes). - blk-mq: order adding requests to hctx->dispatch and checking SCHED_RESTART (bsc#1177750). - block: ensure bdi->io_pages is always initialized (bsc#1177749). - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes). - Bluetooth: Only mark socket zapped after unlocking (git-fixes). - bnxt: do not enable NAPI until rings are ready (networking-stable-20_09_11). - bnxt_en: Check for zero dir entries in NVRAM (networking-stable-20_09_11). - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes). - brcmfmac: check ndev pointer (git-fixes). - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes). - btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687). - btrfs: do not force read-only after error in drop snapshot (bsc#1176354). - btrfs: do not set the full sync flag on the inode during page release (bsc#1177687). - btrfs: fix incorrect updating of log root tree (bsc#1177687). - btrfs: fix race between page release and a fast fsync (bsc#1177687). - btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687). - btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687). - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: reduce contention on log trees when logging checksums (bsc#1177687). - btrfs: release old extent maps during page release (bsc#1177687). - btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687). - btrfs: remove root usage from can_overcommit (bsc#1131277). - btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687). - btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560). - btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861). - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes). - can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes). - can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes). - can: peak_usb: add range checking in decode operations (git-fixes). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes). - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes). - can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes). - ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234). - ceph: map snapid to anonymous bdev ID (bsc#1178234). - ceph: promote to unsigned long long before shifting (bsc#1178187). - clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes). - clk: at91: remove the checking of parent_name (git-fixes). - clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes). - clk: imx8mq: Fix usdhc parents order (git-fixes). - clk: ti: clockdomain: fix static checker warning (git-fixes). - coredump: fix crash when umh is disabled (bsc#1177753). - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes). - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes). - crypto: ccp - fix error handling (git-fixes). - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes). - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes). - crypto: omap-sham - fix digcnt register handling with export/import (git-fixes). - cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes). - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes). - debugfs: Fix module state check condition (git-fixes). - device property: Do not clear secondary pointer for shared primary firmware node (git-fixes). - device property: Keep secondary firmware node secondary by type (git-fixes). - Disable ipa-clones dump for KMP builds (bsc#1178330) - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes). - dpaa_eth: fix the RX headroom size alignment (git-fixes). - dpaa_eth: update the buffer layout for non-A050385 erratum scenarios (git-fixes). - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes). - drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes). - drm/amdgpu: do not map BO in reserved region (git-fixes). - drm/amdgpu: prevent double kfree ttm->sg (git-fixes). - drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes). - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (git-fixes). - drm/gma500: fix error check (git-fixes). - drm/i915: Break up error capture compression loops with cond_resched() (git-fixes). - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes). - drm/imx: tve remove extraneous type qualifier (git-fixes). - drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes). - drm/nouveau/mem: guard against NULL pointer access in mem_del (git-fixes). - drm/ttm: fix eviction valuable range check (git-fixes). - drm/vc4: drv: Add error handding for bind (git-fixes). - ea43d9709f72 ("nvme: fix identify error status silent ignore") - EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178). - eeprom: at25: set minimum read/write access stride to 1 (git-fixes). - efivarfs: Replace invalid slashes with exclamation marks in dentries (git-fixes). - ext4: fix dir_nlink behaviour (bsc#1177359). - Fix use after free in get_capset_info callback (git-fixes). - ftrace: Fix recursion check for NMI test (git-fixes). - ftrace: Handle tracing when switching between context (git-fixes). - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24). - gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11). - HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes). - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes). - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820). - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820). - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - i2c: imx: Fix external abort on interrupt in exit paths (git-fixes). - ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897). - ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes). - ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes). - ibmvnic: save changed mac address to adapter->mac_addr (bsc#1134760 ltc#177449 git-fixes). - icmp: randomize the global rate limiter (git-fixes). - iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes). - iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes). - iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes). - iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes). - iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes). - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes). - iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes). - iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes). - ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes). - include/linux/swapops.h: correct guards for non_swap_entry() (git-fixes (mm/swap)). - Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes). - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (git-fixes). - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes). - Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes). - Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes). - Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes). - iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754). - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24). - ipmi: use vzalloc instead of kmalloc for user creation (bsc#1178607). - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes). - ipv4: Update exception handling for multipath routes via same device (networking-stable-20_09_24). - iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes). - kbuild: enforce -Werror=return-type (bsc#1177281). - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes). - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes). - leds: mt6323: move period calculation (git-fixes). - libceph: clear con->out_msg on Policy::stateful_server faults (bsc#1178188). - lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes). - livepatch: Test if -fdump-ipa-clones is really available As of now we add -fdump-ipa-clones unconditionally. - mac80211: handle lack of sband->bitrates in rates (git-fixes). - mailbox: avoid timer start from callback (git-fixes). - media: ati_remote: sanity check for both endpoints (git-fixes). - media: bdisp: Fix runtime PM imbalance on error (git-fixes). - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes). - media: exynos4-is: Fix a reference count leak (git-fixes). - media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes). - media: firewire: fix memory leak (git-fixes). - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes). - media: media/pci: prevent memory leak in bttv_probe (git-fixes). - media: omap3isp: Fix memleak in isp_probe (git-fixes). - media: platform: fcp: Fix a reference count leak (git-fixes). - media: platform: Improve queue set up flow for bug fixing (git-fixes). - media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes). - media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes). - media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" (git-fixes). - media: s5p-mfc: Fix a reference count leak (git-fixes). - media: saa7134: avoid a shift overflow (git-fixes). - media: st-delta: Fix reference count leak in delta_run_work (git-fixes). - media: sti: Fix reference count leaks (git-fixes). - media: tc358743: initialize variable (git-fixes). - media: ti-vpe: Fix a missing check and reference count leak (git-fixes). - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes). - media: tw5864: check status of tw5864_frameinterval_get (git-fixes). - media: usbtv: Fix refcounting mixup (git-fixes). - media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes). - media: vsp1: Fix runtime PM imbalance on error (git-fixes). - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703). - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes). - memory: omap-gpmc: Fix a couple off by ones (git-fixes). - mfd: sm501: Fix leaks in probe() (git-fixes). - mic: vop: copy data to kernel space then write to io memory (git-fixes). - misc: mic: scif: Fix error handling path (git-fixes). - misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes). - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes). - mlx5 PPC ringsize workaround (bsc#1173432). - mlx5: remove support for ib_get_vector_affinity (bsc#1174748). - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes). - mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes). - mm/huge_memory.c: use head to check huge zero page (git-fixes (mm/thp)). - mm: hugetlb: switch to css_tryget() in hugetlb_cgroup_charge_cgroup() (git-fixes (mm/hugetlb)). - mm/ksm.c: do not WARN if page is still mapped in remove_stable_node() (git-fixes (mm/hugetlb)). - mm/memcg: fix refcount error while moving and swapping (bsc#1178686). - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685). - mm/mempolicy.c: fix out of bounds write in mpol_parse_str() (git-fixes (mm/mempolicy)). - mm/mempolicy.c: use match_string() helper to simplify the code (git-fixes (mm/mempolicy)). - mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa (git-fixes (mm/numa)). - mm/page_owner.c: remove drain_all_pages from init_early_allocated_pages (git-fixes (mm/debug)). - mm/page-writeback.c: avoid potential division by zero in wb_min_max_ratio() (git-fixes (mm/writeback)). - mm/page-writeback.c: improve arithmetic divisions (git-fixes (mm/writeback)). - mm/page-writeback.c: use div64_ul() for u64-by-unsigned-long divide (git-fixes (mm/writeback)). - mm/rmap: fixup copying of soft dirty and uffd ptes (git-fixes (mm/rmap)). - mm/zsmalloc.c: fix build when CONFIG_COMPACTION=n (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: fix race condition in zs_destroy_pool (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: fix the migrated zspage statistics (git-fixes (mm/zsmalloc)). - mm/zsmalloc.c: migration can leave pages in ZS_EMPTY indefinitely (git-fixes (mm/zsmalloc)). - Move the upstreamed bluetooth fix into sorted section - Move the upstreamed powercap fix into sorted sectio - Move upstreamed patches into sorted section - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes). - mtd: lpddr: fix excessive stack usage with clang (git-fixes). - mtd: mtdoops: Do not write panic data twice (git-fixes). - mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes). - mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes). - mwifiex: fix double free (git-fixes). - mwifiex: remove function pointer check (git-fixes). - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes). - net: disable netpoll on fresh napis (networking-stable-20_09_11). - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() (git-fixes). - net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes). - net: Fix potential wrong skb->protocol in skb_vlan_untag() (networking-stable-20_08_24). - net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11). - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24). - netlabel: fix problems with mapping removal (networking-stable-20_09_11). - net/mlx5e: Take common TIR context settings into a function (bsc#1177740). - net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740). - net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24). - net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24). - net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11). - net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11). - net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes). - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes). - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes). - net: wireless: nl80211: fix out-of-bounds access in nl80211_del_key() (git-fixes). - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes). - NFSv4.1 - backchannel request should hold ref on xprt (bsc#1152624). - nl80211: fix non-split wiphy information (git-fixes). - NTB: hw: amd: fix an issue about leak system resources (git-fixes). - nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). - nvme: do not update disk info for multipathed device (bsc#1171558). - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748). - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748). - nvme: fix possible hang when ns scanning fails during error recovery - nvme: fix possible io failures when removing multipathed ns (bsc#1174748). - nvme: make nvme_identify_ns propagate errors back (bsc#1174748). - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748). - nvme-multipath: do not reset on unknown status (bsc#1174748). - nvme: Namepace identification descriptor list is optional (bsc#1174748). - nvme: pass status to nvme_error_status (bsc#1174748). - nvme-rdma: Avoid double freeing of async event data (bsc#1174748). - nvme-rdma: fix crash due to incorrect cqe (bsc#1174748). - nvme-rdma: fix crash when connect rejected (bsc#1174748). - nvme: return error from nvme_alloc_ns() (bsc#1174748). - ocfs2: fix unbalanced locking (git-fixes). - p54: avoid accessing the data mapped to streaming DMA (git-fixes). - perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1114648). - perf/x86: Fix n_pair for cancelled txn (bsc#1114648). - platform/x86: mlx-platform: Remove PSU EEPROM configuration (git-fixes). - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - powerpc: Fix circular dependency between percpu.h and mmu.h (git-fixes). - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729). - powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729). - powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729). - powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729). - powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729). - powerpc/powernv/dump: Fix race while processing OPAL dump (bsc#1065729). - powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729). - powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968). - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes). - powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729). - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293). - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293). - power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes). - pty: do tty_flip_buffer_push without port->lock in pty_write (git-fixes). - pwm: lpss: Add range limit check for the base_unit register value (git-fixes). - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes). - regulator: defer probe when trying to get voltage from unresolved supply (git-fixes). - regulator: resolve supply after creating regulator (git-fixes). - ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes). - ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes). - rpm/kernel-module-subpackage: make Group tag optional (bsc#1163592) - rtl8xxxu: prevent potential memory leak (git-fixes). - scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683). - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683). - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683). - scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683). - scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683). - scsi: hisi_sas: Do some more tidy-up (bsc#1140683). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683). - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh: - scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update: - scsi: hisi_sas: Some misc tidy-up (bsc#1140683). - scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729). - scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226). - sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11). - spi: fsl-espi: Only process interrupts for expected events (git-fixes). - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes). - staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes). - staging: octeon: repair "fixed-link" support (git-fixes). - tg3: Fix soft lockup when tg3_reset_task() fails (networking-stable-20_09_11). - tipc: fix memory leak caused by tipc_buf_append() (git-fixes). - tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11). - tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24). - tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes). - tipc: fix uninit skb->data in tipc_nl_compat_dumpit() (networking-stable-20_08_24). - tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24). - tty: ipwireless: fix error handling (git-fixes). - tty: serial: earlycon dependency (git-fixes). - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes). - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes). - USB: adutux: fix debugging (git-fixes). - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes). - usb: cdc-acm: fix cooldown mechanism (git-fixes). - USB: cdc-acm: handle broken union descriptors (git-fixes). - USB: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes). - usb: core: Solve race condition in anchor cleanup functions (git-fixes). - usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes). - usb: dwc2: Fix parameter type in function pointer prototype (git-fixes). - usb: dwc3: core: add phy cleanup for probe error handling (git-fixes). - usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes). - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes). - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes). - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes). - usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes). - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes). - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes). - usb: host: xhci: fix ep context print mismatch in debugfs (git-fixes). - usb: mtu3: fix panic in mtu3_gadget_stop() (git-fixes). - usb: ohci: Default to per-port over-current protection (git-fixes). - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes). - USB: serial: option: add Quectel EC200T module support (git-fixes). - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes). - USB: serial: qcserial: fix altsetting probing (git-fixes). - usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes). - usb: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes). - vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202). - video: fbdev: pvr2fb: initialize variables (git-fixes). - video: fbdev: sis: fix null ptr dereference (git-fixes). - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - VMCI: check return value of get_user_pages_fast() for errors (git-fixes). - vt: Disable KD_FONT_OP_COPY (bsc#1178589). - w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes). - watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101). - watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101). - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes). - writeback: Avoid skipping inode writeback (bsc#1177755). - writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755). - writeback: Protect inode->i_io_list with inode->i_lock (bsc#1177755). - x86/apic: Unify duplicated local apic timer clockevent initialization (bsc#1112178). - x86, fakenuma: Fix invalid starting node ID (git-fixes (mm/x86/fakenuma)). - x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1058115 bsc#1176907). - x86/xen: disable Firmware First mode for correctable memory errors (bsc#1176713). - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411). - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411). - xen/events: avoid removing an event channel while handling it (XSA-331 bsc#1177410). - xen/events: block rogue events for some time (XSA-332 bsc#1177411). - xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411). - xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600). - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411). - xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411). - xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411). - xen/gntdev.c: Mark pages as dirty (bsc#1065600). - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411). - XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600). - xfs: avoid infinite loop when cancelling CoW blocks after writeback failure (bsc#1178027). - xfs: do not update mtime on COW faults (bsc#1167030). - xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes). - xfs: limit entries returned when counting fsmap records (git-fixes). - xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes).

References

#1055014 #1058115 #1061843 #1065600 #1065729

#1066382 #1077428 #1112178 #1114648 #1131277

#1134760 #1140683 #1152624 #1157424 #1163592

#1167030 #1170415 #1170446 #1171558 #1172538

#1172757 #1173432 #1174748 #1175306 #1175520

#1175721 #1176354 #1176400 #1176485 #1176560

#1176713 #1176723 #1176855 #1176907 #1176946

#1176983 #1177086 #1177101 #1177271 #1177281

#1177359 #1177410 #1177411 #1177470 #1177685

#1177687 #1177703 #1177719 #1177724 #1177725

#1177729 #1177740 #1177749 #1177750 #1177753

#1177754 #1177755 #1177762 #1177766 #1177819

#1177820 #1177855 #1177856 #1177861 #1178003

#1178027 #1178123 #1178166 #1178185 #1178187

#1178188 #1178202 #1178234 #1178330 #1178393

#1178589 #1178591 #1178607 #1178622 #1178686

#1178700 #1178765 #1178782 #927455 #936888

Cross- CVE-2020-0430 CVE-2020-12351 CVE-2020-12352

CVE-2020-14351 CVE-2020-16120 CVE-2020-25285

CVE-2020-25656 CVE-2020-25668 CVE-2020-25704

CVE-2020-25705 CVE-2020-8694

Affected Products:

SUSE Linux Enterprise Real Time Extension 12-SP5

https://www.suse.com/security/cve/CVE-2020-0430.html

https://www.suse.com/security/cve/CVE-2020-12351.html

https://www.suse.com/security/cve/CVE-2020-12352.html

https://www.suse.com/security/cve/CVE-2020-14351.html

https://www.suse.com/security/cve/CVE-2020-16120.html

https://www.suse.com/security/cve/CVE-2020-25285.html

https://www.suse.com/security/cve/CVE-2020-25656.html

https://www.suse.com/security/cve/CVE-2020-25668.html

https://www.suse.com/security/cve/CVE-2020-25704.html

https://www.suse.com/security/cve/CVE-2020-25705.html

https://www.suse.com/security/cve/CVE-2020-8694.html

https://bugzilla.suse.com/1055014

https://bugzilla.suse.com/1058115

https://bugzilla.suse.com/1061843

https://bugzilla.suse.com/1065600

https://bugzilla.suse.com/1065729

https://bugzilla.suse.com/1066382

https://bugzilla.suse.com/1077428

https://bugzilla.suse.com/1112178

https://bugzilla.suse.com/1114648

https://bugzilla.suse.com/1131277

https://bugzilla.suse.com/1134760

https://bugzilla.suse.com/1140683

https://bugzilla.suse.com/1152624

https://bugzilla.suse.com/1157424

https://bugzilla.suse.com/1163592

https://bugzilla.suse.com/1167030

https://bugzilla.suse.com/1170415

https://bugzilla.suse.com/1170446

https://bugzilla.suse.com/1171558

https://bugzilla.suse.com/1172538

https://bugzilla.suse.com/1172757

https://bugzilla.suse.com/1173432

https://bugzilla.suse.com/1174748

https://bugzilla.suse.com/1175306

https://bugzilla.suse.com/1175520

https://bugzilla.suse.com/1175721

https://bugzilla.suse.com/1176354

https://bugzilla.suse.com/1176400

https://bugzilla.suse.com/1176485

https://bugzilla.suse.com/1176560

https://bugzilla.suse.com/1176713

https://bugzilla.suse.com/1176723

https://bugzilla.suse.com/1176855

https://bugzilla.suse.com/1176907

https://bugzilla.suse.com/1176946

https://bugzilla.suse.com/1176983

https://bugzilla.suse.com/1177086

https://bugzilla.suse.com/1177101

https://bugzilla.suse.com/1177271

https://bugzilla.suse.com/1177281

https://bugzilla.suse.com/1177359

https://bugzilla.suse.com/1177410

https://bugzilla.suse.com/1177411

https://bugzilla.suse.com/1177470

https://bugzilla.suse.com/1177685

https://bugzilla.suse.com/1177687

https://bugzilla.suse.com/1177703

https://bugzilla.suse.com/1177719

https://bugzilla.suse.com/1177724

https://bugzilla.suse.com/1177725

https://bugzilla.suse.com/1177729

https://bugzilla.suse.com/1177740

https://bugzilla.suse.com/1177749

https://bugzilla.suse.com/1177750

https://bugzilla.suse.com/1177753

https://bugzilla.suse.com/1177754

https://bugzilla.suse.com/1177755

https://bugzilla.suse.com/1177762

https://bugzilla.suse.com/1177766

https://bugzilla.suse.com/1177819

https://bugzilla.suse.com/1177820

https://bugzilla.suse.com/1177855

https://bugzilla.suse.com/1177856

https://bugzilla.suse.com/1177861

https://bugzilla.suse.com/1178003

https://bugzilla.suse.com/1178027

https://bugzilla.suse.com/1178123

https://bugzilla.suse.com/1178166

https://bugzilla.suse.com/1178185

https://bugzilla.suse.com/1178187

https://bugzilla.suse.com/1178188

https://bugzilla.suse.com/1178202

https://bugzilla.suse.com/1178234

https://bugzilla.suse.com/1178330

https://bugzilla.suse.com/1178393

https://bugzilla.suse.com/1178589

https://bugzilla.suse.com/1178591

https://bugzilla.suse.com/1178607

https://bugzilla.suse.com/1178622

https://bugzilla.suse.com/1178686

https://bugzilla.suse.com/1178700

https://bugzilla.suse.com/1178765

https://bugzilla.suse.com/1178782

https://bugzilla.suse.com/927455

https://bugzilla.suse.com/936888

Severity
Announcement ID: SUSE-SU-2020:3512-1
Rating: important

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved