SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:3715-1
Rating:             important
References:         #1050549 #1058115 #1067665 #1111666 #1112178 
                    #1167030 #1170139 #1170415 #1170446 #1170630 
                    #1172542 #1172873 #1174726 #1175306 #1175916 
                    #1176109 #1176855 #1176907 #1176983 #1177304 
                    #1177397 #1177703 #1177805 #1177808 #1177809 
                    #1177819 #1177820 #1178123 #1178182 #1178393 
                    #1178589 #1178591 #1178607 #1178635 #1178669 
                    #1178686 #1178700 #1178765 #1178838 #1178853 
                    #1178854 #1178878 #1178886 #1178897 #1178940 
                    #1178962 #1179107 #1179140 #1179211 #1179213 
                    #1179259 #1179424 #1179426 #1179427 #927455 
                    
Cross-References:   CVE-2020-15437 CVE-2020-25668 CVE-2020-25669
                    CVE-2020-25704 CVE-2020-27777 CVE-2020-28915
                    CVE-2020-28974 CVE-2020-8694
Affected Products:
                    SUSE Linux Enterprise Server 12-SP5
______________________________________________________________________________

   An update that solves 8 vulnerabilities and has 47 fixes is
   now available.

Description:

   The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2020-15437: Fixed a null pointer dereference which could have
     allowed local users to cause a denial of service(bsc#1179140).
   - CVE-2020-27777: Restrict RTAS requests from userspace  (bsc#1179107).
   - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
     have been used by local attackers to read privileged information or
     potentially crash the kernel (bsc#1178589).
   - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
     have been used by local attackers to read kernel memory (bsc#1178886).
   - CVE-2020-8694: Insufficient access control for some Intel(R) Processors     may have allowed an authenticated user to potentially enable information
     disclosure via local access (bsc#1170415).
   - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123).
   - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter()
     (bsc#1178393).
   - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()
     (bsc#1178182).

   The following non-security bugs were fixed:

   - 9P: Cast to loff_t before multiplying (git-fixes).
   - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes).
   - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes).
   - ACPI / extlog: Check for RDMSR failure (git-fixes).
   - ACPI: GED: fix -Wformat (git-fixes).
   - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
   - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
   - ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
   - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf()
     (git-fixes).
   - ALSA: hda - Fix the return value if cb func is already registered
     (git-fixes).
   - ALSA: hda - Fix the return value if cb func is already registered
     (git-fixes).
   - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
     (git-fixes).
   - ALSA: mixart: Fix mutex deadlock (git-fixes).
   - ALSA: usb-audio: Fix potential use-after-free of streams (gix-fixes).
   - arm64: KVM: Fix system register enumeration (bsc#1174726).
   - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes).
   - arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
   - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
   - ata: sata_rcar: Fix DMA boundary mask (git-fixes).
   - ath10k: Acquire tx_lock in tx error paths (git-fixes).
   - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
   - ath10k: start recovery process when payload length exceeds max htc
     length for sdio (git-fixes).
   - batman-adv: set .owner to THIS_MODULE (git-fixes).
   - Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth
     controllers (git-fixes).
   - Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
   - bpf: Zero-fill re-used per-cpu map element (git-fixes).
   - btrfs: account ticket size at add/delete time (bsc#1178897).
   - btrfs: add helper to obtain number of devices with ongoing dev-replace
     (bsc#1178897).
   - btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
   - btrfs: do not delete mismatched root refs (bsc#1178962).
   - btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
   - btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
   - btrfs: fix invalid removal of root ref (bsc#1178962).
   - btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
   - btrfs: fix reclaim_size counter leak after stealing from global reserve
     (bsc#1178897).
   - btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
   - btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
   - btrfs: split dev-replace locking helpers for read and write
     (bsc#1178897).
   - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes).
   - can: af_can: prevent potential access of uninitialized member in
     canfd_rcv() (git-fixes).
   - can: af_can: prevent potential access of uninitialized member in
     can_rcv() (git-fixes).
   - can: can_create_echo_skb(): fix echo skb generation: always use
     skb_clone() (git-fixes).
   - can: dev: __can_get_echo_skb(): fix real payload length return value for
     RTR frames (git-fixes).
   - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
     context (git-fixes).
   - can: dev: can_restart(): post buffer from the right context (git-fixes).
   - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
   - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1
     (git-fixes).
   - can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
   - can: m_can: m_can_stop(): set device to software init mode before
     closing (git-fixes).
   - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to
     can_put_echo_skb() (git-fixes).
   - can: peak_canfd: pucan_handle_can_rx(): fix echo management when
     loopback is on (git-fixes).
   - can: peak_usb: add range checking in decode operations (git-fixes).
   - can: peak_usb: fix potential integer overflow on shift of a int
     (git-fixes).
   - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
     (git-fixes).
   - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
   - ceph: add check_session_state() helper and make it global (bsc#1179259).
   - ceph: check session state after bumping session->s_seq (bsc#1179259).
   - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
   - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
   - cifs: remove bogus debug code (bsc#1179427).
   - cifs: Return the error from crypt_message when enc/dec key not found
     (bsc#1179426).
   - clk: ti: clockdomain: fix static checker warning (git-fixes).
   - Convert trailing spaces and periods in path components (bsc#1179424).
   - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes).
   - debugfs: Fix module state check condition (git-fixes).
   - docs: ABI: stable: remove a duplicated documentation (git-fixes).
   - docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
   - dpaa_eth: fix the RX headroom size alignment (git-fixes).
   - drbd: code cleanup by using sendpage_ok() to check page for
     kernel_sendpage() (bsc#1172873).
   - Drivers: hv: vmbus: Remove the unused "tsc_page" from struct hv_context
     (git-fixes).
   - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally
     (git-fixes).
   - drm/amd/display: HDMI remote sink need mode validation for Linux
     (git-fixes).
   - drm/amdgpu: do not map BO in reserved region (git-fixes).
   - drm/bridge/synopsys: dsi: add support for non-continuous HS clock
     (git-fixes).
   - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working
     correctly (git-fixes).
   - drm/i915: Break up error capture compression loops with cond_resched()
     (git-fixes).
   - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes).
   - drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).
   - drm/imx: tve remove extraneous type qualifier (git-fixes).
   - drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind()
     (git-fixes).
   - drm/ttm: fix eviction valuable range check (git-fixes).
   - drm/vc4: drv: Add error handding for bind (git-fixes).
   - Drop sysctl files for dropped archs, add ppc64le and arm64
     (bsc#1178838). Also fix the ppc64 page size.
   - efi: cper: Fix possible out-of-bounds access (git-fixes).
   - efi/efivars: Add missing kobject_put() in sysfs entry creation error
     path (git-fixes).
   - efi/esrt: Fix reference count leak in esre_create_sysfs_entry
     (git-fixes).
   - efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
   - efivarfs: fix memory leak in efivarfs_create() (git-fixes).
   - efivarfs: Replace invalid slashes with exclamation marks in dentries
     (git-fixes).
   - efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes).
   - efi/x86: Do not panic or BUG() on non-critical error conditions
     (git-fixes).
   - efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
   - efi/x86: Ignore the memory attributes table on i386 (git-fixes).
   - efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
   - fs/proc/array.c: allow reporting eip/esp for all coredumping threads
     (bsc#1050549).
   - ftrace: Fix recursion check for NMI test (git-fixes).
   - ftrace: Handle tracing when switching between context (git-fixes).
   - fuse: fix page dereference after free (bsc#1179213).
   - futex: Do not enable IRQs unconditionally in put_pi_state()
     (bsc#1067665).
   - futex: Handle transient "ownerless" rtmutex state correctly
     (bsc#1067665).
   - hv_balloon: disable warning when floor reached (git-fixes).
   - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820).
   - hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819,
     bsc#1177820).
   - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819,
     bsc#1177820).
   - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853,
     bsc#1178854).
   - hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
   - hyperv_fb: Update screen_info after removing old framebuffer
     (bsc#1175306).
   - IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
   - IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
   - IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
   - IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
   - IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
   - IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
   - IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
   - IB/hfi1: Define variables as unsigned long to fix KASAN warning
     (bsc#1111666)
   - IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
   - IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
   - IB/hfi1: Handle port down properly in pio (bsc#1111666)
   - IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
   - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown
     (bsc#1111666)
   - IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
   - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM
     (bsc#1111666)
   - IB/hfi1: Remove unused define (bsc#1111666)
   - IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
   - IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
   - IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
   - IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
   - IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
   - IB/iser: Fix dma_nents type definition (bsc#1111666)
   - IB/iser: Pass the correct number of entries for dma mapped SGL
     (bsc#1111666)
   - IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
   - IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
   - IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
   - IB/mlx4: Fix race condition between catas error reset and aliasguid
     flows (bsc#1111666)
   - IB/mlx4: Follow mirror sequence of device add during device removal
     (bsc#1111666)
   - IB/mlx4: Remove unneeded NULL check (bsc#1111666)
   - IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
   - IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
   - IB/mlx5: Do not override existing ip_protocol (bsc#1111666)
   - IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
   - IB/mlx5: Fix implicit MR release flow (bsc#1111666)
   - IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
   - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification
     (bsc#1111666)
   - IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
   - IB/mlx5: Improve ODP debugging messages (bsc#1111666)
   - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache
     (bsc#1111666)
   - IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
   - IB/mlx5: Reset access mask when looping inside page fault handler
     (bsc#1111666)
   - IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
   - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure
     (bsc#1111666)
   - IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
   - IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
   - IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
   - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
   - IB/qib: Remove a set-but-not-used variable (bsc#1111666)
   - IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
   - IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
   - IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
   - IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
   - IB/rxe: Make counters thread safe (bsc#1111666)
   - IB/umad: Avoid additional device reference during open()/close()
     (bsc#1111666)
   - IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
   - IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
   - IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
   - IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
   - IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
   - IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
   - IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
   - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting
     tablet-mode (git-fixes).
   - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum
     (git-fixes).
   - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill()
     (git-fixes).
   - Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
   - ipmi: use vzalloc instead of kmalloc for user creation (bsc#1178607).
   - iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
   - iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
   - kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497
     bsc#1176109 ltc#187964).
   - kthread_worker: prevent queuing delayed work from timer_fn when it is
     being canceled (git-fixes).
   - KVM: arm64: Add missing #include of  in guest.c
     (bsc#1174726).
   - KVM: arm64: Factor out core register ID enumeration (bsc#1174726).
   - KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST
     (bsc#1174726).
   - KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance
     (bsc#1174726).
   - KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus
     (bsc#1174726).
   - KVM host: kabi fixes for psci_version (bsc#1174726).
   - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
   - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
   - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - locking/lockdep: Add debug_locks check in __lock_downgrade()
     (bsc#1050549).
   - locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count
     (bsc#1050549).
   - locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
   - mac80211: always wind down STA state (git-fixes).
   - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
   - mac80211: minstrel: fix tx status processing corner case (git-fixes).
   - mac80211: minstrel: remove deferred sampling code (git-fixes).
   - media: platform: Improve queue set up flow for bug fixing (git-fixes).
   - media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
   - memcg: fix NULL pointer dereference in
     __mem_cgroup_usage_unregister_event (bsc#1177703).
   - mm: always have io_remap_pfn_range() set pgprot_decrypted()
     (bsc#1112178).
   - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs
     (git-fixes).
   - mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
   - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes).
   - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send
     (bsc#1172873).
   - net: ena: Capitalize all log strings and improve code readability
     (bsc#1177397).
   - net: ena: Change license into format to SPDX in all files (bsc#1177397).
   - net: ena: Change log message to netif/dev function (bsc#1177397).
   - net: ena: Change RSS related macros and variables names (bsc#1177397).
   - net: ena: ethtool: Add new device statistics (bsc#1177397).
   - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
   - net: ena: ethtool: convert stat_offset to 64 bit resolution
     (bsc#1177397).
   - net: ena: Fix all static chekers' warnings (bsc#1177397).
   - net: ena: Remove redundant print of placement policy (bsc#1177397).
   - net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
   - netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
   - net: introduce helper sendpage_ok() in include/linux/net.h
     (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h
     (bsc#1172873).
   - net/mlx4_core: Fix init_hca fields offset (git-fixes).
   - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes).
   - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
   - NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
   - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669
     bsc#1170139).
   - NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION
     (bsc#1170630).
   - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage()
     (bsc#1172873).
   - ocfs2: fix unbalanced locking (git-fixes).
   - p54: avoid accessing the data mapped to streaming DMA (git-fixes).
   - PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
   - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
   - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
   - pinctrl: aspeed: Fix GPI only function problem (git-fixes).
   - pinctrl: intel: Set default bias in case no particular value given
     (git-fixes).
   - platform/x86: toshiba_acpi: Fix the wrong variable assignment
     (git-fixes).
   - powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range()
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/64: reuse PPC32 static inline flush_dcache_range()
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc: Chunk calls to flush_dcache_range in arch_*_memory
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
   - powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc: Fix circular dependency between percpu.h and mmu.h (git-fixes).
   - powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Add flush routines using new pmem store and sync
     instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Add new instructions for persistent storage and sync
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Fix kernel crash due to wrong range value usage in
     flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402
     jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pmem: Update ppc64 to use the new barrier instruction
     (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
   - powerpc/pseries/cpuidle: add polling idle for shared processor guests
     (bsc#1178765 ltc#188968).
   - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
   - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293).
   - power: supply: test_power: add missing newlines when printing parameters     by sysfs (git-fixes).
   - RDMA/bnxt_re: Fix Send Work Entry state check while polling completions
     (bsc#1111666)
   - RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message
     (bsc#1111666)
   - RDMA/cma: add missed unregister_pernet_subsys in init failure
     (bsc#1111666)
   - RDMA/cma: Fix false error message (bsc#1111666)
   - RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
   - RDMA/core: Do not depend device ODP capabilities on kconfig option
     (bsc#1111666)
   - RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
   - RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
   - RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
   - RDMA/core: Fix race when resolving IP address (bsc#1111666)
   - RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function
     (bsc#1111666)
   - RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
   - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
   - RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
   - RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
   - RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
   - RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
   - RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
   - RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
   - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
   - RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
   - RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
   - RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW
     completion (bsc#1111666)
   - RDMA/mlx5: Fix access to wrong pointer while performing flush due to
     error (bsc#1111666)
   - RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR
     (bsc#1111666)
   - RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
   - RDMA/mlx5: Return proper error value (bsc#1111666)
   - RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
   - RDMA/netlink: Do not always generate an ACK for some netlink operations
     (bsc#1111666)
   - RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
   - RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
   - RDMA/qedr: Fix reported firmware version (bsc#1111666)
   - RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
   - RDMA/qib: Delete extra line (bsc#1111666)
   - RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
   - RDMA/qib: Validate ->show()/store() callbacks before calling them
     (bsc#1111666)
   - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
   - RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)
   - RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later
     (bsc#1111666)
   - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
     (bsc#1111666)
   - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)
   - RDMA/srp: Rework SCSI device reset handling (bsc#1111666)
   - RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)
   - RDMA/ucma: Add missing locking around rdma_leave_multicast()
     (bsc#1111666)
   - RDMA/ucma: Put a lock around every call to the rdma_cm layer
     (bsc#1111666)
   - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
     (bsc#1111666)
   - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)
   - RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)
   - regulator: avoid resolve_supply() infinite recursion (git-fixes).
   - regulator: defer probe when trying to get voltage from unresolved supply
     (git-fixes).
   - regulator: fix memory leak with repeated set_machine_constraints()
     (git-fixes).
   - regulator: resolve supply after creating regulator (git-fixes).
   - regulator: ti-abb: Fix array out of bound read access on the first
     transition (git-fixes).
   - regulator: workaround self-referent regulators (git-fixes).
   - Revert "cdc-acm: hardening against malicious devices" (git-fixes).
   - ring-buffer: Fix recursion protection transitions between interrupt
     context (git-fixes).
   - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
     (bsc#1111666)
   - rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)
   - rxe: fix error completion wr_id and qp_num (bsc#1111666)
   - s390/cio: add cond_resched() in the slow_eval_known_fn() loop
     (bsc#1177805 LTC#188737).
   - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916
     LTC#187937).
   - s390/dasd: fix inability to use DASD with DIAG driver (bsc#1177809
     LTC#188738).
   - s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739).
   - s390: kernel/uv: handle length extension properly (bsc#1178940
     LTC#189323).
   - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178).
   - sched/x86: SaveFLAGS on context switch (bsc#1112178).
   - scripts/git_sort/git_sort.py: add ceph maintainers git tree
   - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map()
     (bsc#1172873).
   - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported
     (git-fixes).
   - scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)
   - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice
     (git-fixes).
   - staging: octeon: Drop on uncorrectable alignment or FCS error
     (git-fixes).
   - staging: octeon: repair "fixed-link" support (git-fixes).
   - staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode
     (git-fixes).
   - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids
     (git-fixes).
   - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
     (git-fixes).
   - time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes).
   - tty: serial: imx: keep console clocks always on (git-fixes).
   - Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455
     bsc#1176983).
   - Update references in patches.suse/net-smc-tolerate-future-smcd-versions
     (bsc#1172542 LTC#186070 git-fixes).
   - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes).
   - USB: adutux: fix debugging (git-fixes).
   - USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
   - USB: cdc-acm: fix cooldown mechanism (git-fixes).
   - USB: core: driver: fix stray tabs in error messages (git-fixes).
   - USB: core: Fix regression in Hercules audio card (git-fixes).
   - USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
   - USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
   - USB: host: ehci-tegra: Fix error handling in tegra_ehci_probe()
     (git-fixes).
   - USB: host: xhci: fix ep context print mismatch in debugfs (git-fixes).
   - USB: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).
   - USB: mtu3: fix panic in mtu3_gadget_stop() (git-fixes).
   - USB: serial: cyberjack: fix write-URB completion race (git-fixes).
   - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters     (git-fixes).
   - USB: serial: option: add Cellient MPL200 card (git-fixes).
   - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231
     (git-fixes).
   - USB: serial: option: add Quectel EC200T module support (git-fixes).
   - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes).
   - USB: serial: option: Add Telit FT980-KS composition (git-fixes).
   - USB: serial: pl2303: add device-id for HP GC device (git-fixes).
   - USB: typec: tcpm: During PR_SWAP, source caps should be sent only after
     tSwapSourceStart (git-fixes).
   - USB: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes).
   - USB: xhci: force all memory allocations to node (git-fixes).
   - video: fbdev: pvr2fb: initialize variables (git-fixes).
   - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
   - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host
     (bsc#1175306).
   - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer
     driver (bsc#1175306).
   - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs
     (bsc#1175306).
   - vt: Disable KD_FONT_OP_COPY (bsc#1178589).
   - x86/hyperv: Clarify comment on x2apic mode (git-fixes).
   - x86/hyperv: Make vapic support x2apic mode (git-fixes).
   - x86/kexec: Use up-to-dated screen_info copy to fill boot params
     (bsc#1175306).
   - x86/microcode/intel: Check patch signature before saving microcode for
     early loading (bsc#1112178).
   - x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).
   - x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled
     (git-fixes).
   - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).
   - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with
     always-on STIBP (bsc#1112178).
   - x86/sysfb_efi: Add quirks for some devices with swapped width and height
     (git-fixes).
   - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10
     compiled kernels (bsc#1058115 bsc#1176907).
   - xfs: do not update mtime on COW faults (bsc#1167030).
   - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes).
   - xfs: fix flags argument to rmap lookup when converting shared file rmaps
     (git-fixes).
   - xfs: fix rmap key and record comparison functions (git-fixes).
   - xfs: flush new eof page on truncate to avoid post-eof corruption
     (git-fixes).
   - xfs: revert "xfs: fix rmap key and record comparison functions"
     (git-fixes).
   - xhci: do not create endpoint debugfs entry before ring buffer is set
     (git-fixes).
   - xhci: Fix sizeof() mismatch (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3715=1



Package List:

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      kernel-devel-azure-4.12.14-16.38.1
      kernel-source-azure-4.12.14-16.38.1

   - SUSE Linux Enterprise Server 12-SP5 (x86_64):

      kernel-azure-4.12.14-16.38.1
      kernel-azure-base-4.12.14-16.38.1
      kernel-azure-base-debuginfo-4.12.14-16.38.1
      kernel-azure-debuginfo-4.12.14-16.38.1
      kernel-azure-debugsource-4.12.14-16.38.1
      kernel-azure-devel-4.12.14-16.38.1
      kernel-syms-azure-4.12.14-16.38.1


References:

   https://www.suse.com/security/cve/CVE-2020-15437.html
   https://www.suse.com/security/cve/CVE-2020-25668.html
   https://www.suse.com/security/cve/CVE-2020-25669.html
   https://www.suse.com/security/cve/CVE-2020-25704.html
   https://www.suse.com/security/cve/CVE-2020-27777.html
   https://www.suse.com/security/cve/CVE-2020-28915.html
   https://www.suse.com/security/cve/CVE-2020-28974.html
   https://www.suse.com/security/cve/CVE-2020-8694.html
   https://bugzilla.suse.com/1050549
   https://bugzilla.suse.com/1058115
   https://bugzilla.suse.com/1067665
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1167030
   https://bugzilla.suse.com/1170139
   https://bugzilla.suse.com/1170415
   https://bugzilla.suse.com/1170446
   https://bugzilla.suse.com/1170630
   https://bugzilla.suse.com/1172542
   https://bugzilla.suse.com/1172873
   https://bugzilla.suse.com/1174726
   https://bugzilla.suse.com/1175306
   https://bugzilla.suse.com/1175916
   https://bugzilla.suse.com/1176109
   https://bugzilla.suse.com/1176855
   https://bugzilla.suse.com/1176907
   https://bugzilla.suse.com/1176983
   https://bugzilla.suse.com/1177304
   https://bugzilla.suse.com/1177397
   https://bugzilla.suse.com/1177703
   https://bugzilla.suse.com/1177805
   https://bugzilla.suse.com/1177808
   https://bugzilla.suse.com/1177809
   https://bugzilla.suse.com/1177819
   https://bugzilla.suse.com/1177820
   https://bugzilla.suse.com/1178123
   https://bugzilla.suse.com/1178182
   https://bugzilla.suse.com/1178393
   https://bugzilla.suse.com/1178589
   https://bugzilla.suse.com/1178591
   https://bugzilla.suse.com/1178607
   https://bugzilla.suse.com/1178635
   https://bugzilla.suse.com/1178669
   https://bugzilla.suse.com/1178686
   https://bugzilla.suse.com/1178700
   https://bugzilla.suse.com/1178765
   https://bugzilla.suse.com/1178838
   https://bugzilla.suse.com/1178853
   https://bugzilla.suse.com/1178854
   https://bugzilla.suse.com/1178878
   https://bugzilla.suse.com/1178886
   https://bugzilla.suse.com/1178897
   https://bugzilla.suse.com/1178940
   https://bugzilla.suse.com/1178962
   https://bugzilla.suse.com/1179107
   https://bugzilla.suse.com/1179140
   https://bugzilla.suse.com/1179211
   https://bugzilla.suse.com/1179213
   https://bugzilla.suse.com/1179259
   https://bugzilla.suse.com/1179424
   https://bugzilla.suse.com/1179426
   https://bugzilla.suse.com/1179427
   https://bugzilla.suse.com/927455

SUSE: 2020:3715-1 important: the Linux Kernel

December 8, 2020
An update that solves 8 vulnerabilities and has 47 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140). - CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589). - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-8694: Insufficient access control for some Intel(R) Processors may have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1170415). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123). - CVE-2020-25704: Fixed a memory leak in perf_event_parse_addr_filter() (bsc#1178393). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). The following non-security bugs were fixed: - 9P: Cast to loff_t before multiplying (git-fixes). - acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (git-fixes). - ACPI: debug: do not allow debugging when ACPI is disabled (git-fixes). - ACPI / extlog: Check for RDMSR failure (git-fixes). - ACPI: GED: fix -Wformat (git-fixes). - ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes). - ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes). - ALSA: ctl: fix error path at adding user-defined element set (git-fixes). - ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes). - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: hda - Fix the return value if cb func is already registered (git-fixes). - ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes). - ALSA: mixart: Fix mutex deadlock (git-fixes). - ALSA: usb-audio: Fix potential use-after-free of streams (gix-fixes). - arm64: KVM: Fix system register enumeration (bsc#1174726). - arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes). - arm/arm64: KVM: Add PSCI version selection API (bsc#1174726). - ASoC: qcom: lpass-platform: Fix memory leak (git-fixes). - ata: sata_rcar: Fix DMA boundary mask (git-fixes). - ath10k: Acquire tx_lock in tx error paths (git-fixes). - ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes). - ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes). - batman-adv: set .owner to THIS_MODULE (git-fixes). - Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes). - Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes). - bpf: Zero-fill re-used per-cpu map element (git-fixes). - btrfs: account ticket size at add/delete time (bsc#1178897). - btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897). - btrfs: check rw_devices, not num_devices for balance (bsc#1178897). - btrfs: do not delete mismatched root refs (bsc#1178962). - btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897). - btrfs: fix force usage in inc_block_group_ro (bsc#1178897). - btrfs: fix invalid removal of root ref (bsc#1178962). - btrfs: fix reclaim counter leak of space_info objects (bsc#1178897). - btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897). - btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897). - btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962). - btrfs: split dev-replace locking helpers for read and write (bsc#1178897). - bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (git-fixes). - can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes). - can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes). - can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes). - can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes). - can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes). - can: dev: can_restart(): post buffer from the right context (git-fixes). - can: gs_usb: fix endianess problem with candleLight firmware (git-fixes). - can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes). - can: m_can: m_can_handle_state_change(): fix state change (git-fixes). - can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes). - can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes). - can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes). - can: peak_usb: add range checking in decode operations (git-fixes). - can: peak_usb: fix potential integer overflow on shift of a int (git-fixes). - can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes). - can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes). - ceph: add check_session_state() helper and make it global (bsc#1179259). - ceph: check session state after bumping session->s_seq (bsc#1179259). - ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635). - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211). - cifs: remove bogus debug code (bsc#1179427). - cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426). - clk: ti: clockdomain: fix static checker warning (git-fixes). - Convert trailing spaces and periods in path components (bsc#1179424). - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes). - debugfs: Fix module state check condition (git-fixes). - docs: ABI: stable: remove a duplicated documentation (git-fixes). - docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes). - dpaa_eth: fix the RX headroom size alignment (git-fixes). - drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873). - Drivers: hv: vmbus: Remove the unused "tsc_page" from struct hv_context (git-fixes). - drm/amd/display: Do not invoke kgdb_breakpoint() unconditionally (git-fixes). - drm/amd/display: HDMI remote sink need mode validation for Linux (git-fixes). - drm/amdgpu: do not map BO in reserved region (git-fixes). - drm/bridge/synopsys: dsi: add support for non-continuous HS clock (git-fixes). - drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (git-fixes). - drm/i915: Break up error capture compression loops with cond_resched() (git-fixes). - drm/i915: Force VT'd workarounds when running as a guest OS (git-fixes). - drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes). - drm/imx: tve remove extraneous type qualifier (git-fixes). - drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes). - drm/ttm: fix eviction valuable range check (git-fixes). - drm/vc4: drv: Add error handding for bind (git-fixes). - Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838). Also fix the ppc64 page size. - efi: cper: Fix possible out-of-bounds access (git-fixes). - efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes). - efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes). - efi: provide empty efi_enter_virtual_mode implementation (git-fixes). - efivarfs: fix memory leak in efivarfs_create() (git-fixes). - efivarfs: Replace invalid slashes with exclamation marks in dentries (git-fixes). - efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes). - efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes). - efi/x86: Free efi_pgd with free_pages() (bsc#1112178). - efi/x86: Ignore the memory attributes table on i386 (git-fixes). - efi/x86: Map the entire EFI vendor string before copying it (git-fixes). - fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549). - ftrace: Fix recursion check for NMI test (git-fixes). - ftrace: Handle tracing when switching between context (git-fixes). - fuse: fix page dereference after free (bsc#1179213). - futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665). - futex: Handle transient "ownerless" rtmutex state correctly (bsc#1067665). - hv_balloon: disable warning when floor reached (git-fixes). - hv_netvsc: Add XDP support (bsc#1177819, bsc#1177820). - hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820). - hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177819, bsc#1177820). - hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854). - hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854). - hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306). - IB/core: Set qp->real_qp before it may be accessed (bsc#1111666) - IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666) - IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666) - IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666) - IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666) - IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666) - IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666) - IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666) - IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666) - IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666) - IB/hfi1: Handle port down properly in pio (bsc#1111666) - IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666) - IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666) - IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666) - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666) - IB/hfi1: Remove unused define (bsc#1111666) - IB/hfi1: Silence txreq allocation warnings (bsc#1111666) - IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666) - IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666) - IB/ipoib: drop useless LIST_HEAD (bsc#1111666) - IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666) - IB/iser: Fix dma_nents type definition (bsc#1111666) - IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666) - IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666) - IB/mlx4: Fix leak in id_map_find_del (bsc#1111666) - IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666) - IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666) - IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666) - IB/mlx4: Remove unneeded NULL check (bsc#1111666) - IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666) - IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666) - IB/mlx5: Do not override existing ip_protocol (bsc#1111666) - IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666) - IB/mlx5: Fix implicit MR release flow (bsc#1111666) - IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666) - IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666) - IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666) - IB/mlx5: Improve ODP debugging messages (bsc#1111666) - IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666) - IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666) - IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666) - IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666) - IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666) - IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666) - IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666) - IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666) - IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666) - IB/qib: Remove a set-but-not-used variable (bsc#1111666) - IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666) - IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666) - IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666) - IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666) - IB/rxe: Make counters thread safe (bsc#1111666) - IB/umad: Avoid additional device reference during open()/close() (bsc#1111666) - IB/umad: Avoid destroying device while it is accessed (bsc#1111666) - IB/umad: Do not check status of nonseekable_open() (bsc#1111666) - IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666) - IB/umad: Refactor code to use cdev_device_add() (bsc#1111666) - IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666) - IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666) - IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666) - iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes). - iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes). - inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes). - Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes). - ipmi: use vzalloc instead of kmalloc for user creation (bsc#1178607). - iw_cxgb4: fix ECN check on the passive accept (bsc#1111666) - iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666) - kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes). - KVM: arm64: Add missing #include of in guest.c (bsc#1174726). - KVM: arm64: Factor out core register ID enumeration (bsc#1174726). - KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726). - KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726). - KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726). - KVM host: kabi fixes for psci_version (bsc#1174726). - leds: bcm6328, bcm6358: use devres LED registering function (git-fixes). - libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873). - libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549). - locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549). - locktorture: Print ratio of acquisitions, not failures (bsc#1050549). - mac80211: always wind down STA state (git-fixes). - mac80211: free sta in sta_info_insert_finish() on errors (git-fixes). - mac80211: minstrel: fix tx status processing corner case (git-fixes). - mac80211: minstrel: remove deferred sampling code (git-fixes). - media: platform: Improve queue set up flow for bug fixing (git-fixes). - media: tw5864: check status of tw5864_frameinterval_get (git-fixes). - memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703). - mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178). - mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes). - mm/memcg: fix refcount error while moving and swapping (bsc#1178686). - mtd: lpddr: Fix bad logic in print_drs_error (git-fixes). - net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873). - net: ena: Capitalize all log strings and improve code readability (bsc#1177397). - net: ena: Change license into format to SPDX in all files (bsc#1177397). - net: ena: Change log message to netif/dev function (bsc#1177397). - net: ena: Change RSS related macros and variables names (bsc#1177397). - net: ena: ethtool: Add new device statistics (bsc#1177397). - net: ena: ethtool: add stats printing to XDP queues (bsc#1177397). - net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397). - net: ena: Fix all static chekers' warnings (bsc#1177397). - net: ena: Remove redundant print of placement policy (bsc#1177397). - net: ena: xdp: add queue counters for xdp actions (bsc#1177397). - netfilter: nat: can't use dst_hold on noref dst (bsc#1178878). - net: introduce helper sendpage_ok() in include/linux/net.h (bsc#1172873). kABI workaround for including mm.h in include/linux/net.h (bsc#1172873). - net/mlx4_core: Fix init_hca fields offset (git-fixes). - net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (git-fixes). - nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes). - NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304). - NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139). - NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630). - nvme-tcp: check page by sendpage_ok() before calling kernel_sendpage() (bsc#1172873). - ocfs2: fix unbalanced locking (git-fixes). - p54: avoid accessing the data mapped to streaming DMA (git-fixes). - PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes). - pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes). - pinctrl: amd: use higher precision for 512 RtcClk (git-fixes). - pinctrl: aspeed: Fix GPI only function problem (git-fixes). - pinctrl: intel: Set default bias in case no particular value given (git-fixes). - platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes). - powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes). - powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc: Fix circular dependency between percpu.h and mmu.h (git-fixes). - powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964). - powerpc/pseries/cpuidle: add polling idle for shared processor guests (bsc#1178765 ltc#188968). - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293). - powerpc/vnic: Extend "failover pending" window (bsc#1176855 ltc#187293). - power: supply: test_power: add missing newlines when printing parameters by sysfs (git-fixes). - RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666) - RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666) - RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666) - RDMA/cma: Fix false error message (bsc#1111666) - RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666) - RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666) - RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666) - RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666) - RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666) - RDMA/core: Fix race when resolving IP address (bsc#1111666) - RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666) - RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666) - RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666) - RDMA/hns: Remove unsupported modify_port callback (bsc#1111666) - RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666) - RDMA/i40iw: Set queue pair state when being queried (bsc#1111666) - RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666) - RDMA/iwcm: Fix a lock inversion issue (bsc#1111666) - RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666) - RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666) - RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666) - RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666) - RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666) - RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666) - RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666) - RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666) - RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666) - RDMA/mlx5: Return proper error value (bsc#1111666) - RDMA/nes: Remove second wait queue initialization call (bsc#1111666) - RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666) - RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666) - RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666) - RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666) - RDMA/qedr: Fix reported firmware version (bsc#1111666) - RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666) - RDMA/qib: Delete extra line (bsc#1111666) - RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666) - RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666) - RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666) - RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666) - RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666) - RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666) - RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666) - RDMA/srp: Rework SCSI device reset handling (bsc#1111666) - RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666) - RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666) - RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666) - RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666) - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666) - RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666) - regulator: avoid resolve_supply() infinite recursion (git-fixes). - regulator: defer probe when trying to get voltage from unresolved supply (git-fixes). - regulator: fix memory leak with repeated set_machine_constraints() (git-fixes). - regulator: resolve supply after creating regulator (git-fixes). - regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes). - regulator: workaround self-referent regulators (git-fixes). - Revert "cdc-acm: hardening against malicious devices" (git-fixes). - ring-buffer: Fix recursion protection transitions between interrupt context (git-fixes). - RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666) - rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666) - rxe: fix error completion wr_id and qp_num (bsc#1111666) - s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177805 LTC#188737). - s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916 LTC#187937). - s390/dasd: fix inability to use DASD with DIAG driver (bsc#1177809 LTC#188738). - s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739). - s390: kernel/uv: handle length extension properly (bsc#1178940 LTC#189323). - sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178). - sched/x86: SaveFLAGS on context switch (bsc#1112178). - scripts/git_sort/git_sort.py: add ceph maintainers git tree - scsi: libiscsi: use sendpage_ok() in iscsi_tcp_segment_map() (bsc#1172873). - scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (git-fixes). - scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666) - staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (git-fixes). - staging: octeon: Drop on uncorrectable alignment or FCS error (git-fixes). - staging: octeon: repair "fixed-link" support (git-fixes). - staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes). - staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes). - thunderbolt: Add the missed ida_simple_remove() in ring_request_msix() (git-fixes). - time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes). - tty: serial: imx: keep console clocks always on (git-fixes). - Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455 bsc#1176983). - Update references in patches.suse/net-smc-tolerate-future-smcd-versions (bsc#1172542 LTC#186070 git-fixes). - USB: Add NO_LPM quirk for Kingston flash drive (git-fixes). - USB: adutux: fix debugging (git-fixes). - USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes). - USB: cdc-acm: fix cooldown mechanism (git-fixes). - USB: core: driver: fix stray tabs in error messages (git-fixes). - USB: core: Fix regression in Hercules audio card (git-fixes). - USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes). - USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes). - USB: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes). - USB: host: xhci: fix ep context print mismatch in debugfs (git-fixes). - USB: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes). - USB: mtu3: fix panic in mtu3_gadget_stop() (git-fixes). - USB: serial: cyberjack: fix write-URB completion race (git-fixes). - USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes). - USB: serial: option: add Cellient MPL200 card (git-fixes). - USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (git-fixes). - USB: serial: option: add Quectel EC200T module support (git-fixes). - USB: serial: option: add Telit FN980 composition 0x1055 (git-fixes). - USB: serial: option: Add Telit FT980-KS composition (git-fixes). - USB: serial: pl2303: add device-id for HP GC device (git-fixes). - USB: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (git-fixes). - USB: typec: tcpm: reset hard_reset_count for any disconnect (git-fixes). - USB: xhci: force all memory allocations to node (git-fixes). - video: fbdev: pvr2fb: initialize variables (git-fixes). - video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes). - video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (bsc#1175306). - video: hyperv: hyperv_fb: Support deferred IO for Hyper-V frame buffer driver (bsc#1175306). - video: hyperv: hyperv_fb: Use physical memory for fb on HyperV Gen 1 VMs (bsc#1175306). - vt: Disable KD_FONT_OP_COPY (bsc#1178589). - x86/hyperv: Clarify comment on x2apic mode (git-fixes). - x86/hyperv: Make vapic support x2apic mode (git-fixes). - x86/kexec: Use up-to-dated screen_info copy to fill boot params (bsc#1175306). - x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1112178). - x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes). - x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled (git-fixes). - x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes). - x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1112178). - x86/sysfb_efi: Add quirks for some devices with swapped width and height (git-fixes). - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1058115 bsc#1176907). - xfs: do not update mtime on COW faults (bsc#1167030). - xfs: fix a missing unlock on error in xfs_fs_map_blocks (git-fixes). - xfs: fix flags argument to rmap lookup when converting shared file rmaps (git-fixes). - xfs: fix rmap key and record comparison functions (git-fixes). - xfs: flush new eof page on truncate to avoid post-eof corruption (git-fixes). - xfs: revert "xfs: fix rmap key and record comparison functions" (git-fixes). - xhci: do not create endpoint debugfs entry before ring buffer is set (git-fixes). - xhci: Fix sizeof() mismatch (git-fixes).

References

#1050549 #1058115 #1067665 #1111666 #1112178

#1167030 #1170139 #1170415 #1170446 #1170630

#1172542 #1172873 #1174726 #1175306 #1175916

#1176109 #1176855 #1176907 #1176983 #1177304

#1177397 #1177703 #1177805 #1177808 #1177809

#1177819 #1177820 #1178123 #1178182 #1178393

#1178589 #1178591 #1178607 #1178635 #1178669

#1178686 #1178700 #1178765 #1178838 #1178853

#1178854 #1178878 #1178886 #1178897 #1178940

#1178962 #1179107 #1179140 #1179211 #1179213

#1179259 #1179424 #1179426 #1179427 #927455

Cross- CVE-2020-15437 CVE-2020-25668 CVE-2020-25669

CVE-2020-25704 CVE-2020-27777 CVE-2020-28915

CVE-2020-28974 CVE-2020-8694

Affected Products:

SUSE Linux Enterprise Server 12-SP5

https://www.suse.com/security/cve/CVE-2020-15437.html

https://www.suse.com/security/cve/CVE-2020-25668.html

https://www.suse.com/security/cve/CVE-2020-25669.html

https://www.suse.com/security/cve/CVE-2020-25704.html

https://www.suse.com/security/cve/CVE-2020-27777.html

https://www.suse.com/security/cve/CVE-2020-28915.html

https://www.suse.com/security/cve/CVE-2020-28974.html

https://www.suse.com/security/cve/CVE-2020-8694.html

https://bugzilla.suse.com/1050549

https://bugzilla.suse.com/1058115

https://bugzilla.suse.com/1067665

https://bugzilla.suse.com/1111666

https://bugzilla.suse.com/1112178

https://bugzilla.suse.com/1167030

https://bugzilla.suse.com/1170139

https://bugzilla.suse.com/1170415

https://bugzilla.suse.com/1170446

https://bugzilla.suse.com/1170630

https://bugzilla.suse.com/1172542

https://bugzilla.suse.com/1172873

https://bugzilla.suse.com/1174726

https://bugzilla.suse.com/1175306

https://bugzilla.suse.com/1175916

https://bugzilla.suse.com/1176109

https://bugzilla.suse.com/1176855

https://bugzilla.suse.com/1176907

https://bugzilla.suse.com/1176983

https://bugzilla.suse.com/1177304

https://bugzilla.suse.com/1177397

https://bugzilla.suse.com/1177703

https://bugzilla.suse.com/1177805

https://bugzilla.suse.com/1177808

https://bugzilla.suse.com/1177809

https://bugzilla.suse.com/1177819

https://bugzilla.suse.com/1177820

https://bugzilla.suse.com/1178123

https://bugzilla.suse.com/1178182

https://bugzilla.suse.com/1178393

https://bugzilla.suse.com/1178589

https://bugzilla.suse.com/1178591

https://bugzilla.suse.com/1178607

https://bugzilla.suse.com/1178635

https://bugzilla.suse.com/1178669

https://bugzilla.suse.com/1178686

https://bugzilla.suse.com/1178700

https://bugzilla.suse.com/1178765

https://bugzilla.suse.com/1178838

https://bugzilla.suse.com/1178853

https://bugzilla.suse.com/1178854

https://bugzilla.suse.com/1178878

https://bugzilla.suse.com/1178886

https://bugzilla.suse.com/1178897

https://bugzilla.suse.com/1178940

https://bugzilla.suse.com/1178962

https://bugzilla.suse.com/1179107

https://bugzilla.suse.com/1179140

https://bugzilla.suse.com/1179211

https://bugzilla.suse.com/1179213

https://bugzilla.suse.com/1179259

https://bugzilla.suse.com/1179424

https://bugzilla.suse.com/1179426

https://bugzilla.suse.com/1179427

https://bugzilla.suse.com/927455

Severity
Announcement ID: SUSE-SU-2020:3715-1
Rating: important

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved