SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:3714-1
Rating:             important
References:         #1050549 #1067665 #1111666 #1112178 #1170139 
                    #1172542 #1174726 #1175916 #1176109 #1177304 
                    #1177397 #1177805 #1177808 #1178589 #1178635 
                    #1178669 #1178853 #1178854 #1178886 #1178897 
                    #1178940 #1178962 #1179107 #1179140 #1179211 
                    #1179213 #1179259 #1179424 #1179426 #1179427 
                    
Cross-References:   CVE-2020-15437 CVE-2020-27777 CVE-2020-28915
                    CVE-2020-28974
Affected Products:
                    SUSE Linux Enterprise Module for Public Cloud 15-SP1
______________________________________________________________________________

   An update that solves four vulnerabilities and has 26 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 SP1 Azure kernel was updated receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2020-15437: Fixed a null pointer dereference which could have
     allowed local users to cause a denial of service(bsc#1179140).
   - CVE-2020-27777: Restrict RTAS requests from userspace  (bsc#1179107).
   - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
     have been used by local attackers to read privileged information or
     potentially crash the kernel (bsc#1178589).
   - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
     have been used by local attackers to read kernel memory (bsc#1178886).

   The following non-security bugs were fixed:

   - ACPI: GED: fix -Wformat (git-fixes).
   - ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
   - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf()
     (git-fixes).
   - ALSA: mixart: Fix mutex deadlock (git-fixes).
   - arm64: KVM: Fix system register enumeration (bsc#1174726).
   - arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
   - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
   - ath10k: Acquire tx_lock in tx error paths (git-fixes).
   - batman-adv: set .owner to THIS_MODULE (git-fixes).
   - Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth
     controllers (git-fixes).
   - Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
   - btrfs: account ticket size at add/delete time (bsc#1178897).
   - btrfs: add helper to obtain number of devices with ongoing dev-replace
     (bsc#1178897).
   - btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
   - btrfs: do not delete mismatched root refs (bsc#1178962).
   - btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
   - btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
   - btrfs: fix invalid removal of root ref (bsc#1178962).
   - btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
   - btrfs: fix reclaim_size counter leak after stealing from global reserve
     (bsc#1178897).
   - btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
   - btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
   - btrfs: split dev-replace locking helpers for read and write
     (bsc#1178897).
   - can: af_can: prevent potential access of uninitialized member in
     canfd_rcv() (git-fixes).
   - can: af_can: prevent potential access of uninitialized member in
     can_rcv() (git-fixes).
   - can: dev: can_restart(): post buffer from the right context (git-fixes).
   - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
   - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
     (git-fixes).
   - can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
   - can: m_can: m_can_stop(): set device to software init mode before
     closing (git-fixes).
   - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to
     can_put_echo_skb() (git-fixes).
   - can: peak_usb: fix potential integer overflow on shift of a int
     (git-fixes).
   - ceph: add check_session_state() helper and make it global (bsc#1179259).
   - ceph: check session state after bumping session->s_seq (bsc#1179259).
   - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
   - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
   - cifs: remove bogus debug code (bsc#1179427).
   - cifs: Return the error from crypt_message when enc/dec key not found
     (bsc#1179426).
   - Convert trailing spaces and periods in path components (bsc#1179424).
   - Drivers: hv: vmbus: Remove the unused "tsc_page" from struct hv_context
     (git-fixes).
   - drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind()
     (git-fixes).
   - efi: cper: Fix possible out-of-bounds access (git-fixes).
   - efi/efivars: Add missing kobject_put() in sysfs entry creation error
     path (git-fixes).
   - efi/esrt: Fix reference count leak in esre_create_sysfs_entry
     (git-fixes).
   - efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
   - efivarfs: fix memory leak in efivarfs_create() (git-fixes).
   - efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes).
   - efi/x86: Do not panic or BUG() on non-critical error conditions
     (git-fixes).
   - efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
   - efi/x86: Ignore the memory attributes table on i386 (git-fixes).
   - efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
   - fs/proc/array.c: allow reporting eip/esp for all coredumping threads
     (bsc#1050549).
   - fuse: fix page dereference after free (bsc#1179213).
   - futex: Do not enable IRQs unconditionally in put_pi_state()
     (bsc#1067665).
   - futex: Handle transient "ownerless" rtmutex state correctly
     (bsc#1067665).
   - hv_balloon: disable warning when floor reached (git-fixes).
   - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853,
     bsc#1178854).
   - hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
   - IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
   - IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
   - IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
   - IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
   - IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
   - IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
   - IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
   - IB/hfi1: Define variables as unsigned long to fix KASAN warning
     (bsc#1111666)
   - IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
   - IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
   - IB/hfi1: Handle port down properly in pio (bsc#1111666)
   - IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
   - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
     (bsc#1111666)
   - IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
   - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
     (bsc#1111666)
   - IB/hfi1: Remove unused define (bsc#1111666)
   - IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
   - IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
   - IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
   - IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
   - IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
   - IB/iser: Fix dma_nents type definition (bsc#1111666)
   - IB/iser: Pass the correct number of entries for dma mapped SGL
     (bsc#1111666)
   - IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
   - IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
   - IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
   - IB/mlx4: Fix race condition between catas error reset and aliasguid
     flows (bsc#1111666)
   - IB/mlx4: Follow mirror sequence of device add during device removal
     (bsc#1111666)
   - IB/mlx4: Remove unneeded NULL check (bsc#1111666)
   - IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
   - IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
   - IB/mlx5: Do not override existing ip_protocol (bsc#1111666)
   - IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
   - IB/mlx5: Fix implicit MR release flow (bsc#1111666)
   - IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
   - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
     (bsc#1111666)
   - IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
   - IB/mlx5: Improve ODP debugging messages (bsc#1111666)
   - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache
     (bsc#1111666)
   - IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
   - IB/mlx5: Reset access mask when looping inside page fault handler
     (bsc#1111666)
   - IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
   - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure
     (bsc#1111666)
   - IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
   - IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
   - IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
   - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
   - IB/qib: Remove a set-but-not-used variable (bsc#1111666)
   - IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
   - IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
   - IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
   - IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
   - IB/rxe: Make counters thread safe (bsc#1111666)
   - IB/umad: Avoid additional device reference during open()/close()
     (bsc#1111666)
   - IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
   - IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
   - IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
   - IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
   - IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
   - IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
   - IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
   - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting
     tablet-mode (git-fixes).
   - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum
     (git-fixes).
   - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill()
     (git-fixes).
   - iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
   - iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
   - kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497
     bsc#1176109 ltc#187964).
   - KVM: arm64: Add missing #include of  in guest.c
     (bsc#1174726).
   - KVM: arm64: Factor out core register ID enumeration (bsc#1174726).
   - KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST
     (bsc#1174726).
   - KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance
     (bsc#1174726).
   - KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus
     (bsc#1174726).
   - KVM host: kabi fixes for psci_version (bsc#1174726).
   - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - locking/lockdep: Add debug_locks check in __lock_downgrade()
     (bsc#1050549).
   - locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count
     (bsc#1050549).
   - locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
   - mac80211: always wind down STA state (git-fixes).
   - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
   - mac80211: minstrel: fix tx status processing corner case (git-fixes).
   - mac80211: minstrel: remove deferred sampling code (git-fixes).
   - mm: always have io_remap_pfn_range() set pgprot_decrypted()
     (bsc#1112178).
   - net: ena: Capitalize all log strings and improve code readability
     (bsc#1177397).
   - net: ena: Change license into format to SPDX in all files (bsc#1177397).
   - net: ena: Change log message to netif/dev function (bsc#1177397).
   - net: ena: Change RSS related macros and variables names (bsc#1177397).
   - net: ena: ethtool: Add new device statistics (bsc#1177397).
   - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
   - net: ena: ethtool: convert stat_offset to 64 bit resolution
     (bsc#1177397).
   - net: ena: Fix all static chekers' warnings (bsc#1177397).
   - net: ena: Remove redundant print of placement policy (bsc#1177397).
   - net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
   - net/mlx4_core: Fix init_hca fields offset (git-fixes).
   - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
   - NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
   - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669
     bsc#1170139).
   - PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
   - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
   - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
   - pinctrl: aspeed: Fix GPI only function problem (git-fixes).
   - platform/x86: toshiba_acpi: Fix the wrong variable assignment
     (git-fixes).
   - powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range()
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/64: reuse PPC32 static inline flush_dcache_range()
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc: Chunk calls to flush_dcache_range in arch_*_memory
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
   - powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Add flush routines using new pmem store and sync
     instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Add new instructions for persistent storage and sync
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Fix kernel crash due to wrong range value usage in
     flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Update ppc64 to use the new barrier instruction
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - RDMA/bnxt_re: Fix Send Work Entry state check while polling completions
     (bsc#1111666)
   - RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message
     (bsc#1111666)
   - RDMA/cma: add missed unregister_pernet_subsys in init failure
     (bsc#1111666)
   - RDMA/cma: Fix false error message (bsc#1111666)
   - RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
   - RDMA/core: Do not depend device ODP capabilities on kconfig option
     (bsc#1111666)
   - RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
   - RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
   - RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
   - RDMA/core: Fix race when resolving IP address (bsc#1111666)
   - RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function
     (bsc#1111666)
   - RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
   - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
   - RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
   - RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
   - RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
   - RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
   - RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
   - RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
   - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
   - RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
   - RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
   - RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW
     completion (bsc#1111666)
   - RDMA/mlx5: Fix access to wrong pointer while performing flush due to
     error (bsc#1111666)
   - RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR
     (bsc#1111666)
   - RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
   - RDMA/mlx5: Return proper error value (bsc#1111666)
   - RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
   - RDMA/netlink: Do not always generate an ACK for some netlink operations
     (bsc#1111666)
   - RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
   - RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
   - RDMA/qedr: Fix reported firmware version (bsc#1111666)
   - RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/qib: Delete extra line (bsc#1111666)
   - RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
   - RDMA/qib: Validate ->show()/store() callbacks before calling them
     (bsc#1111666)
   - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
   - RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)
   - RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later
     (bsc#1111666)
   - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
     (bsc#1111666)
   - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)
   - RDMA/srp: Rework SCSI device reset handling (bsc#1111666)
   - RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)
   - RDMA/ucma: Add missing locking around rdma_leave_multicast()
     (bsc#1111666)
   - RDMA/ucma: Put a lock around every call to the rdma_cm layer
     (bsc#1111666)
   - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
     (bsc#1111666)
   - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)
   - RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)
   - regulator: avoid resolve_supply() infinite recursion (git-fixes).
   - regulator: fix memory leak with repeated set_machine_constraints()
     (git-fixes).
   - regulator: ti-abb: Fix array out of bound read access on the first
     transition (git-fixes).
   - regulator: workaround self-referent regulators (git-fixes).
   - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
     (bsc#1111666)
   - rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)
   - rxe: fix error completion wr_id and qp_num (bsc#1111666)
   - s390/cio: add cond_resched() in the slow_eval_known_fn() loop
     (bsc#1177805 LTC#188737).
   - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916
     LTC#187937).
   - s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739).
   - s390: kernel/uv: handle length extension properly (bsc#1178940
     LTC#189323).
   - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178).
   - sched/x86: SaveFLAGS on context switch (bsc#1112178).
   - scripts/git_sort/git_sort.py: add ceph maintainers git tree
   - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
     (git-fixes).
   - scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)
   - Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
     (git-fixes).
   - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids
     (git-fixes).
   - tty: serial: imx: keep console clocks always on (git-fixes).
   - Update references in patches.suse/net-smc-tolerate-future-smcd-versions
     (bsc#1172542 LTC#186070 git-fixes).
   - USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
   - USB: core: Fix regression in Hercules audio card (git-fixes).
   - USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
   - USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
   - USB: host: ehci-tegra: Fix error handling in tegra_ehci_probe()
     (git-fixes).
   - USB: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).
   - USB: serial: cyberjack: fix write-URB completion race (git-fixes).
   - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
   - x86/hyperv: Clarify comment on x2apic mode (git-fixes).
   - x86/hyperv: Make vapic support x2apic mode (git-fixes).
   - x86/microcode/intel: Check patch signature before saving microcode for
     early loading (bsc#1112178).
   - x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).
   - x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled
     (git-fixes).
   - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).
   - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with
     always-on STIBP (bsc#1112178).
   - x86/sysfb_efi: Add quirks for some devices with swapped width and height
     (git-fixes).
   - xfs: revert "xfs: fix rmap key and record comparison functions"
     (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Public Cloud 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2020-3714=1



Package List:

   - SUSE Linux Enterprise Module for Public Cloud 15-SP1 (x86_64):

      kernel-azure-4.12.14-8.55.1
      kernel-azure-base-4.12.14-8.55.1
      kernel-azure-base-debuginfo-4.12.14-8.55.1
      kernel-azure-debuginfo-4.12.14-8.55.1
      kernel-azure-devel-4.12.14-8.55.1
      kernel-syms-azure-4.12.14-8.55.1

   - SUSE Linux Enterprise Module for Public Cloud 15-SP1 (noarch):

      kernel-devel-azure-4.12.14-8.55.1
      kernel-source-azure-4.12.14-8.55.1


References:

   https://www.suse.com/security/cve/CVE-2020-15437.html
   https://www.suse.com/security/cve/CVE-2020-27777.html
   https://www.suse.com/security/cve/CVE-2020-28915.html
   https://www.suse.com/security/cve/CVE-2020-28974.html
   https://bugzilla.suse.com/1050549
   https://bugzilla.suse.com/1067665
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1170139
   https://bugzilla.suse.com/1172542
   https://bugzilla.suse.com/1174726
   https://bugzilla.suse.com/1175916
   https://bugzilla.suse.com/1176109
   https://bugzilla.suse.com/1177304
   https://bugzilla.suse.com/1177397
   https://bugzilla.suse.com/1177805
   https://bugzilla.suse.com/1177808
   https://bugzilla.suse.com/1178589
   https://bugzilla.suse.com/1178635
   https://bugzilla.suse.com/1178669
   https://bugzilla.suse.com/1178853
   https://bugzilla.suse.com/1178854
   https://bugzilla.suse.com/1178886
   https://bugzilla.suse.com/1178897
   https://bugzilla.suse.com/1178940
   https://bugzilla.suse.com/1178962
   https://bugzilla.suse.com/1179107
   https://bugzilla.suse.com/1179140
   https://bugzilla.suse.com/1179211
   https://bugzilla.suse.com/1179213
   https://bugzilla.suse.com/1179259
   https://bugzilla.suse.com/1179424
   https://bugzilla.suse.com/1179426
   https://bugzilla.suse.com/1179427

SUSE: 2020:3714-1 important: the Linux Kernel

December 8, 2020
An update that solves four vulnerabilities and has 26 fixes is now available

Summary

The SUSE Linux Enterprise 15 SP1 Azure kernel was updated receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589). - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886). The following non-security bugs were fixed: - ACPI: GED: fix -Wformat (git-fixes). - ALSA: ctl: fix error path at adding user-defined element set (git-fixes). - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes). - ALSA: mixart: Fix mutex deadlock (git-fixes). - arm64: KVM: Fix system register enumeration (bsc#1174726). - arm/arm64: KVM: Add PSCI version selection API (bsc#1174726). - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes). - ath10k: Acquire tx_lock in tx error paths (git-fixes). - batman-adv: set .owner to THIS_MODULE (git-fixes). - Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes). - Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes). - btrfs: account ticket size at add/delete time (bsc#1178897). - btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897). - btrfs: check rw_devices, not num_devices for balance (bsc#1178897). - btrfs: do not delete mismatched root refs (bsc#1178962). - btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897). - btrfs: fix force usage in inc_block_group_ro (bsc#1178897). - btrfs: fix invalid removal of root ref (bsc#1178962). - btrfs: fix reclaim counter leak of space_info objects (bsc#1178897). - btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897). - btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897). - btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962). - btrfs: split dev-replace locking helpers for read and write (bsc#1178897). - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes). - can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes). - can: dev: can_restart(): post buffer from the right context (git-fixes). - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes). - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes). - can: m_can: m_can_handle_state_change(): fix state change (git-fixes). - can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes). - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes). - can: peak_usb: fix potential integer overflow on shift of a int (git-fixes). - ceph: add check_session_state() helper and make it global (bsc#1179259). - ceph: check session state after bumping session->s_seq (bsc#1179259). - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635). - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211). - cifs: remove bogus debug code (bsc#1179427). - cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426). - Convert trailing spaces and periods in path components (bsc#1179424). - Drivers: hv: vmbus: Remove the unused "tsc_page" from struct hv_context (git-fixes). - drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes). - efi: cper: Fix possible out-of-bounds access (git-fixes). - efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes). - efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes). - efi: provide empty efi_enter_virtual_mode implementation (git-fixes). - efivarfs: fix memory leak in efivarfs_create() (git-fixes). - efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes). - efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes). - efi/x86: Free efi_pgd with free_pages() (bsc#1112178). - efi/x86: Ignore the memory attributes table on i386 (git-fixes). - efi/x86: Map the entire EFI vendor string before copying it (git-fixes). - fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549). - fuse: fix page dereference after free (bsc#1179213). - futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665). - futex: Handle transient "ownerless" rtmutex state correctly (bsc#1067665). - hv_balloon: disable warning when floor reached (git-fixes). - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854). - hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854). - IB/core: Set qp->real_qp before it may be accessed (bsc#1111666) - IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666) - IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666) - IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666) - IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666) - IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666) - IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666) - IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666) - IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666) - IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666) - IB/hfi1: Handle port down properly in pio (bsc#1111666) - IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666) - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666) - IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666) - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666) - IB/hfi1: Remove unused define (bsc#1111666) - IB/hfi1: Silence txreq allocation warnings (bsc#1111666) - IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666) - IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666) - IB/ipoib: drop useless LIST_HEAD (bsc#1111666) - IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666) - IB/iser: Fix dma_nents type definition (bsc#1111666) - IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666) - IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666) - IB/mlx4: Fix leak in id_map_find_del (bsc#1111666) - IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666) - IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666) - IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666) - IB/mlx4: Remove unneeded NULL check (bsc#1111666) - IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666) - IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666) - IB/mlx5: Do not override existing ip_protocol (bsc#1111666) - IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666) - IB/mlx5: Fix implicit MR release flow (bsc#1111666) - IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666) - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666) - IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666) - IB/mlx5: Improve ODP debugging messages (bsc#1111666) - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666) - IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666) - IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666) - IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666) - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666) - IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666) - IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666) - IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666) - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666) - IB/qib: Remove a set-but-not-used variable (bsc#1111666) - IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666) - IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666) - IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666) - IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666) - IB/rxe: Make counters thread safe (bsc#1111666) - IB/umad: Avoid additional device reference during open()/close() (bsc#1111666) - IB/umad: Avoid destroying device while it is accessed (bsc#1111666) - IB/umad: Do not check status of nonseekable_open() (bsc#1111666) - IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666) - IB/umad: Refactor code to use cdev_device_add() (bsc#1111666) - IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666) - IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666) - IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes). - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes). - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes). - iw_cxgb4: fix ECN check on the passive accept (bsc#1111666) - iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666) - kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - KVM: arm64: Add missing #include of in guest.c (bsc#1174726). - KVM: arm64: Factor out core register ID enumeration (bsc#1174726). - KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726). - KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726). - KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726). - KVM host: kabi fixes for psci_version (bsc#1174726). - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549). - locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549). - locktorture: Print ratio of acquisitions, not failures (bsc#1050549). - mac80211: always wind down STA state (git-fixes). - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - mac80211: minstrel: fix tx status processing corner case (git-fixes). - mac80211: minstrel: remove deferred sampling code (git-fixes). - mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178). - net: ena: Capitalize all log strings and improve code readability (bsc#1177397). - net: ena: Change license into format to SPDX in all files (bsc#1177397). - net: ena: Change log message to netif/dev function (bsc#1177397). - net: ena: Change RSS related macros and variables names (bsc#1177397). - net: ena: ethtool: Add new device statistics (bsc#1177397). - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397). - net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397). - net: ena: Fix all static chekers' warnings (bsc#1177397). - net: ena: Remove redundant print of placement policy (bsc#1177397). - net: ena: xdp: add queue counters for xdp actions (bsc#1177397). - net/mlx4_core: Fix init_hca fields offset (git-fixes). - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes). - NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304). - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139). - PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes). - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes). - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes). - pinctrl: aspeed: Fix GPI only function problem (git-fixes). - platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes). - powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes). - powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666) - RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666) - RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666) - RDMA/cma: Fix false error message (bsc#1111666) - RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666) - RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666) - RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666) - RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666) - RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666) - RDMA/core: Fix race when resolving IP address (bsc#1111666) - RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666) - RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666) - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666) - RDMA/hns: Remove unsupported modify_port callback (bsc#1111666) - RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666) - RDMA/i40iw: Set queue pair state when being queried (bsc#1111666) - RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666) - RDMA/iwcm: Fix a lock inversion issue (bsc#1111666) - RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666) - RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666) - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666) - RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666) - RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666) - RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666) - RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666) - RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666) - RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666) - RDMA/mlx5: Return proper error value (bsc#1111666) - RDMA/nes: Remove second wait queue initialization call (bsc#1111666) - RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666) - RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666) - RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666) - RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666) - RDMA/qedr: Fix reported firmware version (bsc#1111666) - RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666) - RDMA/qib: Delete extra line (bsc#1111666) - RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666) - RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666) - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666) - RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666) - RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666) - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666) - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666) - RDMA/srp: Rework SCSI device reset handling (bsc#1111666) - RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666) - RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666) - RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666) - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666) - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666) - RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666) - regulator: avoid resolve_supply() infinite recursion (git-fixes). - regulator: fix memory leak with repeated set_machine_constraints() (git-fixes). - regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes). - regulator: workaround self-referent regulators (git-fixes). - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666) - rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666) - rxe: fix error completion wr_id and qp_num (bsc#1111666) - s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177805 LTC#188737). - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916 LTC#187937). - s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739). - s390: kernel/uv: handle length extension properly (bsc#1178940 LTC#189323). - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178). - sched/x86: SaveFLAGS on context switch (bsc#1112178). - scripts/git_sort/git_sort.py: add ceph maintainers git tree - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (git-fixes). - scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666) - Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes). - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes). - tty: serial: imx: keep console clocks always on (git-fixes). - Update references in patches.suse/net-smc-tolerate-future-smcd-versions (bsc#1172542 LTC#186070 git-fixes). - USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes). - USB: core: Fix regression in Hercules audio card (git-fixes). - USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes). - USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes). - USB: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes). - USB: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes). - USB: serial: cyberjack: fix write-URB completion race (git-fixes). - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes). - x86/hyperv: Clarify comment on x2apic mode (git-fixes). - x86/hyperv: Make vapic support x2apic mode (git-fixes). - x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1112178). - x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes). - x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled (git-fixes). - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1112178). - x86/sysfb_efi: Add quirks for some devices with swapped width and height (git-fixes). - xfs: revert "xfs: fix rmap key and record comparison functions" (git-fixes).

References

#1050549 #1067665 #1111666 #1112178 #1170139

#1172542 #1174726 #1175916 #1176109 #1177304

#1177397 #1177805 #1177808 #1178589 #1178635

#1178669 #1178853 #1178854 #1178886 #1178897

#1178940 #1178962 #1179107 #1179140 #1179211

#1179213 #1179259 #1179424 #1179426 #1179427

Cross- CVE-2020-15437 CVE-2020-27777 CVE-2020-28915

CVE-2020-28974

Affected Products:

SUSE Linux Enterprise Module for Public Cloud 15-SP1

https://www.suse.com/security/cve/CVE-2020-15437.html

https://www.suse.com/security/cve/CVE-2020-27777.html

https://www.suse.com/security/cve/CVE-2020-28915.html

https://www.suse.com/security/cve/CVE-2020-28974.html

https://bugzilla.suse.com/1050549

https://bugzilla.suse.com/1067665

https://bugzilla.suse.com/1111666

https://bugzilla.suse.com/1112178

https://bugzilla.suse.com/1170139

https://bugzilla.suse.com/1172542

https://bugzilla.suse.com/1174726

https://bugzilla.suse.com/1175916

https://bugzilla.suse.com/1176109

https://bugzilla.suse.com/1177304

https://bugzilla.suse.com/1177397

https://bugzilla.suse.com/1177805

https://bugzilla.suse.com/1177808

https://bugzilla.suse.com/1178589

https://bugzilla.suse.com/1178635

https://bugzilla.suse.com/1178669

https://bugzilla.suse.com/1178853

https://bugzilla.suse.com/1178854

https://bugzilla.suse.com/1178886

https://bugzilla.suse.com/1178897

https://bugzilla.suse.com/1178940

https://bugzilla.suse.com/1178962

https://bugzilla.suse.com/1179107

https://bugzilla.suse.com/1179140

https://bugzilla.suse.com/1179211

https://bugzilla.suse.com/1179213

https://bugzilla.suse.com/1179259

https://bugzilla.suse.com/1179424

https://bugzilla.suse.com/1179426

https://bugzilla.suse.com/1179427

Severity
Announcement ID: SUSE-SU-2020:3714-1
Rating: important

Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved