Linux Security
Linux Security
Linux Security

SUSE: 2021:1-1 suse-sles-15-sp1-chost-byos-v20210202-hvm-ssd-x86_64 Security Update

Date 03 Feb 2021
185
Posted By LinuxSecurity Advisories
The container suse-sles-15-sp1-chost-byos-v20210202-hvm-ssd-x86_64 was updated. The following patches have been included in this update:
SUSE Image Update Advisory: suse-sles-15-sp1-chost-byos-v20210202-hvm-ssd-x86_64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2021:1-1
Image Tags        : suse-sles-15-sp1-chost-byos-v20210202-hvm-ssd-x86_64:20210202
Image Release     : 
Severity          : important
Type              : security
References        : 1027519 1040855 1044120 1044767 1050242 1050536 1050545 1050549
                        1055117 1056653 1056657 1056787 1064802 1065729 1066129 1067665
                        1084671 1094840 1103990 1103992 1104389 1104393 1109695 1109837
                        1110096 1111666 1112178 1112178 1112374 1115431 1115550 1118657
                        1129770 1136460 1136461 1138374 1139398 1139944 1141597 1142000
                        1144912 1145276 1148566 1152457 1155094 1156545 1158775 1160939
                        1163727 1164780 1168155 1169006 1170139 1170630 1171078 1171234
                        1172082 1172145 1172538 1172542 1172694 1173513 1173914 1174091
                        1174099 1174162 1174206 1174257 1174436 1174571 1174701 1174726
                        1174784 1174852 1174942 1175458 1175514 1175623 1175916 1176109
                        1176355 1176558 1176559 1176782 1176956 1177120 1177196 1177211
                        1177304 1177397 1177460 1177490 1177533 1177805 1177808 1177819
                        1177820 1178009 1178182 1178270 1178372 1178401 1178554 1178589
                        1178590 1178634 1178635 1178669 1178762 1178775 1178823 1178825
                        1178838 1178853 1178854 1178878 1178886 1178897 1178909 1178940
                        1178962 1179014 1179015 1179045 1179082 1179107 1179107 1179140
                        1179141 1179142 1179193 1179204 1179211 1179213 1179259 1179326
                        1179363 1179398 1179399 1179403 1179406 1179418 1179419 1179421
                        1179424 1179426 1179427 1179429 1179444 1179491 1179496 1179498
                        1179501 1179502 1179503 1179506 1179514 1179516 1179520 1179578
                        1179593 1179601 1179630 1179663 1179666 1179670 1179671 1179672
                        1179673 1179691 1179711 1179713 1179714 1179715 1179716 1179722
                        1179723 1179724 1179738 1179745 1179810 1179824 1179888 1179895
                        1179896 1179960 1179963 1180027 1180029 1180031 1180052 1180086
                        1180117 1180138 1180225 1180258 1180377 1180506 1180559 1180603
                        1180684 1180685 1180687 1180885 1181090 959556 CVE-2018-20669
                        CVE-2019-16935 CVE-2019-18348 CVE-2019-20907 CVE-2019-20934 CVE-2019-5010
                        CVE-2020-0444 CVE-2020-0465 CVE-2020-0466 CVE-2020-14145 CVE-2020-14422
                        CVE-2020-15436 CVE-2020-15437 CVE-2020-1971 CVE-2020-25669 CVE-2020-25709
                        CVE-2020-25710 CVE-2020-26116 CVE-2020-26137 CVE-2020-27068 CVE-2020-27619
                        CVE-2020-27777 CVE-2020-27777 CVE-2020-27786 CVE-2020-27825 CVE-2020-28374
                        CVE-2020-28915 CVE-2020-28974 CVE-2020-29371 CVE-2020-29480 CVE-2020-29481
                        CVE-2020-29483 CVE-2020-29484 CVE-2020-29566 CVE-2020-29570 CVE-2020-29571
                        CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 CVE-2020-4788 CVE-2020-8284
                        CVE-2020-8285 CVE-2020-8286 CVE-2020-8492 CVE-2021-23239 CVE-2021-23240
                        CVE-2021-3156 
-----------------------------------------------------------------

The container suse-sles-15-sp1-chost-byos-v20210202-hvm-ssd-x86_64 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3718-1
Released:    Wed Dec  9 10:31:01 2020
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1050549,1067665,1111666,1112178,1158775,1170139,1170630,1172542,1174726,1175916,1176109,1177304,1177397,1177805,1177808,1177819,1177820,1178182,1178589,1178635,1178669,1178838,1178853,1178854,1178878,1178886,1178897,1178940,1178962,1179107,1179140,1179141,1179211,1179213,1179259,1179403,1179406,1179418,1179421,1179424,1179426,1179427,1179429,CVE-2020-15436,CVE-2020-15437,CVE-2020-25669,CVE-2020-27777,CVE-2020-28915,CVE-2020-28974,CVE-2020-29371
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
- CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
- CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
- CVE-2020-27777: Restrict RTAS requests from userspace  (bsc#1179107).
- CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
- CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589).
- CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).

The following non-security bugs were fixed:

- ACPI: GED: fix -Wformat (git-fixes).
- ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).
- ALSA: mixart: Fix mutex deadlock (git-fixes).
- arm64: KVM: Fix system register enumeration (bsc#1174726).
- arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
- ath10k: Acquire tx_lock in tx error paths (git-fixes).
- batman-adv: set .owner to THIS_MODULE (git-fixes).
- Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes).
- Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
- bpf: Zero-fill re-used per-cpu map element (git-fixes).
- btrfs: account ticket size at add/delete time (bsc#1178897).
- btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897).
- btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
- btrfs: do not delete mismatched root refs (bsc#1178962).
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
- btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
- btrfs: fix invalid removal of root ref (bsc#1178962).
- btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
- btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897).
- btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
- btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
- btrfs: split dev-replace locking helpers for read and write (bsc#1178897). 
- can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).
- can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).
- can: dev: can_restart(): post buffer from the right context (git-fixes).
- can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
- can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
- can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).
- can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
- ceph: add check_session_state() helper and make it global (bsc#1179259).
- ceph: check session state after bumping session->s_seq (bsc#1179259).
- ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
- cifs: remove bogus debug code (bsc#1179427).
- cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
- Convert trailing spaces and periods in path components (bsc#1179424).
- docs: ABI: stable: remove a duplicated documentation (git-fixes).
- docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
- Drivers: hv: vmbus: Remove the unused 'tsc_page' from struct hv_context (git-fixes).
- drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).
- drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes).
- Drop sysctl files for dropped archs, add ppc64le and arm64 (bsc#1178838). Also fix the ppc64 page size.
- efi: cper: Fix possible out-of-bounds access (git-fixes).
- efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes).
- efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).
- efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
- efivarfs: fix memory leak in efivarfs_create() (git-fixes).
- efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes).
- efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
- efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
- efi/x86: Ignore the memory attributes table on i386 (git-fixes).
- efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
- fs/proc/array.c: allow reporting eip/esp for all coredumping threads (bsc#1050549).
- fuse: fix page dereference after free (bsc#1179213).
- futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1067665).
- futex: Handle transient 'ownerless' rtmutex state correctly (bsc#1067665).
- hv_balloon: disable warning when floor reached (git-fixes).
- hv_netvsc: deal with bpf API differences in 4.12 (bsc#1177819, bsc#1177820).
- hv_netvsc: make recording RSS hash depend on feature flag (bsc#1178853, bsc#1178854).
- hv_netvsc: record hardware hash in skb (bsc#1178853, bsc#1178854).
- i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)
- i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)
- i40iw: Report correct firmware version (bsc#1111666)
- IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)
- IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
- IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
- IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
- IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
- IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
- IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
- IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
- IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666)
- IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
- IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)
- IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
- IB/hfi1: Handle port down properly in pio (bsc#1111666)
- IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
- IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666)
- IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666)
- IB/hfi1: Remove unused define (bsc#1111666)
- IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
- IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
- IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
- IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
- IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)
- IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
- IB/iser: Fix dma_nents type definition (bsc#1111666)
- IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666)
- IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
- IB/mlx4: Add and improve logging (bsc#1111666)
- IB/mlx4: Add support for MRA (bsc#1111666)
- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)
- IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
- IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666)
- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)
- IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666)
- IB/mlx4: Remove unneeded NULL check (bsc#1111666)
- IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)
- IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
- IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
- IB/mlx5: Do not override existing ip_protocol (bsc#1111666)
- IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
- IB/mlx5: Fix implicit MR release flow (bsc#1111666)
- IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666)
- IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
- IB/mlx5: Improve ODP debugging messages (bsc#1111666)
- IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666)
- IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
- IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666)
- IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
- IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666)
- IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
- IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)
- IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
- IB/qib: Remove a set-but-not-used variable (bsc#1111666)
- IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
- IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
- IB/rdmavt: Fix sizeof mismatch (bsc#1111666)
- IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
- IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
- IB/rxe: Make counters thread safe (bsc#1111666)
- IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)
- IB/umad: Avoid additional device reference during open()/close() (bsc#1111666)
- IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
- IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
- IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
- IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
- IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
- IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
- IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
- iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).
- inet_diag: Fix error path to cancel the meseage in inet_req_diag_fill() (git-fixes).
- Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
- iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
- iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
- kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- kABI workaround for usermodehelper changes (bsc#1179406).
- KVM: arm64: Add missing #include of - in guest.c (bsc#1174726).
- KVM: arm64: Factor out core register ID enumeration (bsc#1174726).
- KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726).
- KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726).
- KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726).
- KVM host: kabi fixes for psci_version (bsc#1174726).
- libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- locking/lockdep: Add debug_locks check in __lock_downgrade() (bsc#1050549).
- locking/percpu-rwsem: Use this_cpu_{inc,dec}() for read_count (bsc#1050549).
- locktorture: Print ratio of acquisitions, not failures (bsc#1050549).
- mac80211: always wind down STA state (git-fixes).
- mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
- mac80211: minstrel: fix tx status processing corner case (git-fixes).
- mac80211: minstrel: remove deferred sampling code (git-fixes).
- mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178).
- net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
- net: ena: Change license into format to SPDX in all files (bsc#1177397).
- net: ena: Change log message to netif/dev function (bsc#1177397).
- net: ena: Change RSS related macros and variables names (bsc#1177397).
- net: ena: ethtool: Add new device statistics (bsc#1177397).
- net: ena: ethtool: add stats printing to XDP queues (bsc#1177397).
- net: ena: ethtool: convert stat_offset to 64 bit resolution (bsc#1177397).
- net: ena: Fix all static chekers' warnings (bsc#1177397).
- net: ena: Remove redundant print of placement policy (bsc#1177397).
- net: ena: xdp: add queue counters for xdp actions (bsc#1177397).
- netfilter: nat: can't use dst_hold on noref dst (bsc#1178878).
- net/mlx4_core: Fix init_hca fields offset (git-fixes).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
- NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
- NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
- NFSv4.1: fix handling of backchannel binding in BIND_CONN_TO_SESSION (bsc#1170630).
- PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
- pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
- pinctrl: aspeed: Fix GPI only function problem (git-fixes).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
- powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
- powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)
- RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666)
- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)
- RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666)
- RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666)
- RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)
- RDMA/cma: Fix false error message (bsc#1111666)
- RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
- RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)
- RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)
- RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)
- RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)
- RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666)
- RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
- RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
- RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
- RDMA/core: Fix race between destroy and release FD object (bsc#1111666)
- RDMA/core: Fix race when resolving IP address (bsc#1111666)
- RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)
- RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666)
- RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
- RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)
- RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/hns: Set the unsupported wr opcode (bsc#1111666)
- RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
- RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
- RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)
- RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
- RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)
- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)
- RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
- RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
- RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
- RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
- RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)
- RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)
- RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)
- RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
- RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666)
- RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666)
- RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666)
- RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
- RDMA/mlx5: Return proper error value (bsc#1111666)
- RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)
- RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)
- RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
- RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666)
- RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
- RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)
- RDMA/qedr: Endianness warnings cleanup (bsc#1111666)
- RDMA/qedr: Fix doorbell setting (bsc#1111666)
- RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
- RDMA/qedr: Fix reported firmware version (bsc#1111666)
- RDMA/qedr: Fix use of uninitialized field (bsc#1111666)
- RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/qedr: SRQ's bug fixes (bsc#1111666)
- RDMA/qib: Delete extra line (bsc#1111666)
- RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
- RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666)
- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
- RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)
- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1111666)
- RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666)
- RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666)
- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1111666)
- RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1111666)
- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1111666)
- RDMA/rxe: Remove useless rxe_init_device_param assignments (bsc#1111666)
- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1111666)
- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1111666)
- RDMA/rxe: Set default vendor ID (bsc#1111666)
- RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (bsc#1111666)
- RDMA/rxe: Skip dgid check in loopback mode (bsc#1111666)
- RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)
- RDMA/srp: Rework SCSI device reset handling (bsc#1111666)
- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1111666)
- RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)
- RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666)
- RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666)
- RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666)
- RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)
- RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)
- reboot: fix overflow parsing reboot cpu number (bsc#1179421).
- regulator: avoid resolve_supply() infinite recursion (git-fixes).
- regulator: fix memory leak with repeated set_machine_constraints() (git-fixes).
- regulator: ti-abb: Fix array out of bound read access on the first transition (git-fixes).
- regulator: workaround self-referent regulators (git-fixes).
- Revert 'cdc-acm: hardening against malicious devices' (git-fixes).
- Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (bsc#1179418).
- RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666)
- rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)
- rxe: fix error completion wr_id and qp_num (bsc#1111666)
- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177805 LTC#188737).
- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916 LTC#187937).
- s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739).
- s390: kernel/uv: handle length extension properly (bsc#1178940 LTC#189323).
- sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178).
- sched/x86: SaveFLAGS on context switch (bsc#1112178).
- scripts/git_sort/git_sort.py: add ceph maintainers git tree
- scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (git-fixes).
- scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)
- Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes).
- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).
- time: Prevent undefined behaviour in timespec64_to_ns() (git-fixes).
- tracing: Fix out of bounds write in get_trace_buf (bsc#1179403).
- tty: serial: imx: keep console clocks always on (git-fixes).
- Update references in patches.suse/net-smc-tolerate-future-smcd-versions (bsc#1172542 LTC#186070 git-fixes).
- USB: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
- USB: core: driver: fix stray tabs in error messages (git-fixes).
- USB: core: Fix regression in Hercules audio card (git-fixes).
- USB: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
- USB: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
- USB: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes).
- USB: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).
- USB: serial: cyberjack: fix write-URB completion race (git-fixes).
- USB: serial: ftdi_sio: add support for FreeCalypso JTAG+UART adapters (git-fixes).
- USB: serial: option: add Cellient MPL200 card (git-fixes).
- USB: serial: option: Add Telit FT980-KS composition (git-fixes).
- USB: serial: pl2303: add device-id for HP GC device (git-fixes).
- usermodehelper: reset umask to default before executing user process (bsc#1179406).
- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
- x86/hyperv: Clarify comment on x2apic mode (git-fixes).
- x86/hyperv: Make vapic support x2apic mode (git-fixes).
- x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1112178).
- x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).
- x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled (git-fixes).
- x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).
- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1112178).
- x86/sysfb_efi: Add quirks for some devices with swapped width and height (git-fixes).
- xfrm: Fix memleak on xfrm state destroy (bsc#1158775).
- xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3720-1
Released:    Wed Dec  9 13:36:26 2020
Summary:     Security update for openssl-1_1
Type:        security
Severity:    important
References:  1179491,CVE-2020-1971
This update for openssl-1_1 fixes the following issues:

- CVE-2020-1971: Fixed a null pointer dereference in EDIPARTYNAME (bsc#1179491).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3723-1
Released:    Wed Dec  9 13:37:55 2020
Summary:     Security update for python-urllib3
Type:        security
Severity:    moderate
References:  1177120,CVE-2020-26137
This update for python-urllib3 fixes the following issues:

- CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bsc#1177120).	  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3733-1
Released:    Wed Dec  9 18:18:35 2020
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1179398,1179399,1179593,CVE-2020-8284,CVE-2020-8285,CVE-2020-8286
This update for curl fixes the following issues:

- CVE-2020-8286: Fixed improper OSCP verification in the client side (bsc#1179593). 
- CVE-2020-8285: Fixed a stack overflow due to FTP wildcard (bsc#1179399).
- CVE-2020-8284: Fixed an issue where a malicius FTP server could make curl connect to a different IP (bsc#1179398).	  

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3750-1
Released:    Fri Dec 11 08:53:26 2020
Summary:     Recommended update for open-lldp
Type:        recommended
Severity:    moderate
References:  1156545
This update for open-lldp fixes the following issue:

- Update from version 1.0.1+63.f977e67 to version v1.0.1+64.29d12e584af1

  - Prevent double definition of `ETH_P_LLDP` when building on new kernels (bsc#1156545)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3751-1
Released:    Fri Dec 11 08:53:40 2020
Summary:     Recommended update for kdump
Type:        recommended
Severity:    moderate
References:  1173914,1177196
This update for kdump fixes the following issues:

- Remove `console=hvc0` from command line. (bsc#1173914)
- Set serial console from Xen command line. (bsc#1173914)
- Do not add `rd.neednet=1` to dracut command line. (bsc#1177196)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3792-1
Released:    Mon Dec 14 17:39:24 2020
Summary:     Recommended update for gzip
Type:        recommended
Severity:    moderate
References:  1145276
This update for gzip fixes the following issues:

Update from version 1.9 to version 1.10 (jsc#ECO-2217, jsc#SLE-12974)

- Enable `DFLTCC` (Deflate Conversion Call) compression for s390x for levels 1-6 to `CFLAGS`. (jsc#SLE-13775) 

  Enable by adding `-DDFLTCC_LEVEL_MASK=0x7e` to `CFLAGS`.
- Fix three data corruption issues. (bsc#1145276, jsc#SLE-5818, jsc#SLE-8914)
- Add support for `DFLTCC` (hardware-accelerated deflation) for s390x arch. (jsc#SLE-5818, jsc#SLE-8914)

  Enable it using the `--enable-dfltcc` option.
- Compressed gzip output no longer contains the current time as a timestamp when the input is not a regular file.  
  Instead, the output contains a `null` (zero) timestamp. This makes gzip's behavior more reproducible when 
  used as part of a pipeline.
- A use of uninitialized memory on some malformed inputs has been fixed.
- A few theoretical race conditions in signal handlers have been fixed.
- Update gnulib for `libio.h` removal.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3803-1
Released:    Tue Dec 15 09:40:41 2020
Summary:     Recommended update for rsyslog
Type:        recommended
Severity:    moderate
References:  1176355
This update for rsyslog fixes the following issues:

- Fixes a crash for imfile (bsc#1176355)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3853-1
Released:    Wed Dec 16 12:27:27 2020
Summary:     Recommended update for util-linux
Type:        recommended
Severity:    moderate
References:  1084671,1169006,1174942,1175514,1175623,1178554,1178825
This update for util-linux fixes the following issue:

- Do not trigger the automatic close of CDROM. (bsc#1084671)
- Try to automatically configure broken serial lines. (bsc#1175514)
- Avoid `sulogin` failing on not existing or not functional console devices. (bsc#1175514)
- Build with `libudev` support to support non-root users. (bsc#1169006)
- Avoid memory errors on PowerPC systems with valid hardware configurations. (bsc#1175623, bsc#1178554, bsc#1178825)
- Fix warning on mounts to `CIFS` with mount –a. (bsc#1174942)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3866-1
Released:    Thu Dec 17 12:06:08 2020
Summary:     Security update for openssh
Type:        security
Severity:    moderate
References:  1115550,1139398,1142000,1148566,1173513,1174162,CVE-2020-14145
This update for openssh fixes the following issues:

- CVE-2020-14145: Fixed a potential information leak during host key exchange (bsc#1173513).
- Supplement libgtk-3-0 instead of libX11-6 to avoid installation on a textmode install (bsc#1142000)
- Fixed an issue where oracle cluster with  cluvfy using 'scp' failing/missinterpreted (bsc#1148566).
- Fixed sshd termination of multichannel sessions with non-root users (bsc#1115550,bsc#1174162).
- Added speculative hardening for key storage (bsc#1139398).  

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3881-1
Released:    Fri Dec 18 16:47:09 2020
Summary:     Security update for xen
Type:        security
Severity:    moderate
References:  1027519,1176782,1179496,1179498,1179501,1179502,1179506,1179514,1179516,CVE-2020-29480,CVE-2020-29481,CVE-2020-29483,CVE-2020-29484,CVE-2020-29566,CVE-2020-29570,CVE-2020-29571
This update for xen fixes the following issues:

- CVE-2020-29480: Fixed an issue which could have allowed leak of non-sensitive data to administrator guests (bsc#117949 XSA-115).
- CVE-2020-29481: Fixed an issue which could have allowd to new domains to inherit existing node permissions (bsc#1179498 XSA-322). 
- CVE-2020-29483: Fixed an issue where guests could disturb domain cleanup (bsc#1179502 XSA-325).
- CVE-2020-29484: Fixed an issue where guests could crash xenstored via watchs (bsc#1179501 XSA-324). 
- CVE-2020-29566: Fixed an undue recursion in x86 HVM context switch code (bsc#1179506 XSA-348).
- CVE-2020-29570: Fixed an issue where FIFO event channels control block related ordering (bsc#1179514 XSA-358).
- CVE-2020-29571: Fixed an issue where FIFO event channels control structure ordering (bsc#1179516 XSA-359).
- Fixed an issue where dump-core shows missing nr_pages during core (bsc#1176782).
- Multiple other bugs (bsc#1027519)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2020:3930-1
Released:    Wed Dec 23 18:19:39 2020
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1155094,1174091,1174571,1174701,1177211,1178009,1179193,1179630,CVE-2019-16935,CVE-2019-18348,CVE-2019-20907,CVE-2019-5010,CVE-2020-14422,CVE-2020-26116,CVE-2020-27619,CVE-2020-8492
This update for python3 fixes the following issues:

- Fixed CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support
  calls eval() on content retrieved via HTTP.
- Change setuptools and pip version numbers according to new wheels
- Handful of changes to make python36 compatible with SLE15 and SLE12
  (jsc#ECO-2799, jsc#SLE-13738)
- add triplets for mips-r6 and riscv
- RISC-V needs CTYPES_PASS_BY_REF_HACK

Update to 3.6.12 (bsc#1179193)

* Ensure python3.dll is loaded from correct locations when Python is embedded
* The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface 
  incorrectly generated constant hash values of 32 and 128 respectively. This 
  resulted in always causing hash collisions. The fix uses hash() to generate 
  hash values for the tuple of (address, mask length, network address).
* Prevent http header injection by rejecting control characters in 
  http.client.putrequest(…).
* Unpickling invalid NEWOBJ_EX opcode with the C implementation raises now 
  UnpicklingError instead of crashing.
* Avoid infinite loop when reading specially crafted TAR files using the tarfile 
  module

- This release also fixes CVE-2020-26116 (bsc#1177211) and CVE-2019-20907 (bsc#1174091).

Update to 3.6.11:

- Disallow CR or LF in email.headerregistry. Address
  arguments to guard against header injection attacks.
- Disallow control characters in hostnames in http.client, addressing
  CVE-2019-18348. Such potentially malicious header injection URLs now
  cause a InvalidURL to be raised. (bsc#1155094)
- CVE-2020-8492: The AbstractBasicAuthHandler class
  of the urllib.request module uses an inefficient regular
  expression which can be exploited by an attacker to cause
  a denial of service. Fix the regex to prevent the
  catastrophic backtracking. Vulnerability reported by Ben
  Caller and Matt Schwager.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3942-1
Released:    Tue Dec 29 12:22:01 2020
Summary:     Recommended update for libidn2
Type:        recommended
Severity:    moderate
References:  1180138
This update for libidn2 fixes the following issues:

- The library is actually dual licensed, GPL-2.0-or-later or LGPL-3.0-or-later,
  adjusted the RPM license tags (bsc#1180138)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3943-1
Released:    Tue Dec 29 12:24:45 2020
Summary:     Recommended update for libxml2
Type:        recommended
Severity:    moderate
References:  1178823
This update for libxml2 fixes the following issues:

Avoid quadratic checking of identity-constraints, speeding up XML validation (bsc#1178823)
* key/unique/keyref schema attributes currently use quadratic loops
  to check their various constraints (that keys are unique and that
  keyrefs refer to existing keys).
* This fix uses a hash table to avoid the quadratic behaviour.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2020:3946-1
Released:    Tue Dec 29 17:39:54 2020
Summary:     Recommended update for python3
Type:        recommended
Severity:    important
References:  1180377
This update for python3 fixes the following issues:

- A previous update inadvertently removed the 'PyFPE_jbuf' symbol from Python3,
  which caused regressions in several applications. (bsc#1180377)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:10-1
Released:    Mon Jan  4 10:01:52 2021
Summary:     Recommended update for dmidecode
Type:        recommended
Severity:    moderate
References:  1174257
This update for dmidecode fixes the following issue:

- Two missing commas in the data arrays cause 'OUT OF SPEC' messages during the index resolution. (bnc#1174257)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:118-1
Released:    Thu Jan 14 06:16:26 2021
Summary:     Security update for the Linux Kernel
Type:        security
Severity:    important
References:  1040855,1044120,1044767,1050242,1050536,1050545,1055117,1056653,1056657,1056787,1064802,1065729,1066129,1094840,1103990,1103992,1104389,1104393,1109695,1109837,1110096,1112178,1112374,1115431,1118657,1129770,1136460,1136461,1138374,1139944,1144912,1152457,1163727,1164780,1171078,1172145,1172538,1172694,1174784,1174852,1176558,1176559,1176956,1178270,1178372,1178401,1178590,1178634,1178762,1179014,1179015,1179045,1179082,1179107,1179142,1179204,1179419,1179444,1179520,1179578,1179601,1179663,1179666,1179670,1179671,1179672,1179673,1179711,1179713,1179714,1179715,1179716,1179722,1179723,1179724,1179745,1179810,1179888,1179895,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180086,1180117,1180258,1180506,1180559,CVE-2018-20669,CVE-2019-20934,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-28374,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788

The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes.


The following security bugs were fixed:

- CVE-2020-28374: Fixed a Linux SCSI target issue (bsc#1178372).
- CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559).
- CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960).
- CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).
- CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086).
- CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029).
- CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027).
- CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
- CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745).
- CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107).
- CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA fault statistics were inappropriately freed, aka CID-16d51a590a8c (bsc#1179663).
- CVE-2020-27786: Fixed a use after free in kernel midi subsystem snd_rawmidi_kernel_read1() (bsc#1179601).

The following non-security bugs were fixed:

- ACPI: PNP: compare the string length in the matching_id() (git-fixes).
- ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1 (git-fixes).
- ACPICA: Do not increment operation_region reference counts for field units (git-fixes).
- ALSA: ca0106: fix error code handling (git-fixes).
- ALSA: ctl: allow TLV read operation for callback type of element in locked case (git-fixes).
- ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A PRO (git-fixes).
- ALSA: hda/ca0132 - Change Input Source enum strings (git-fixes).
- ALSA: hda/ca0132 - Fix AE-5 rear headphone pincfg (git-fixes).
- ALSA: hda/generic: Add option to enforce preferred_dacs pairs (git-fixes).
- ALSA: hda/hdmi: always check pin power status in i915 pin fixup (git-fixes).
- ALSA: hda/realtek - Add new codec supported for ALC897 (git-fixes).
- ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged (git-fixes).
- ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255 (git-fixes).
- ALSA: hda/realtek: Add mute LED quirk to yet another HP x360 model (git-fixes).
- ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
- ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 (git-fixes).
- ALSA: hda/realtek: Enable headset of ASUS UX482EG & B9400CEA with ALC294 (git-fixes).
- ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table (git-fixes).
- ALSA: hda: Fix potential race in unsol event handler (git-fixes).
- ALSA: hda: Fix regressions on clear and reconfig sysfs (git-fixes).
- ALSA: info: Drop WARN_ON() from buffer NULL sanity check (git-fixes).
- ALSA: isa/wavefront: prevent out of bounds write in ioctl (git-fixes).
- ALSA: line6: Perform sanity check for each URB creation (git-fixes).
- ALSA: pcm: oss: Fix a few more UBSAN fixes (git-fixes).
- ALSA: pcm: oss: Fix potential out-of-bounds shift (git-fixes).
- ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check (git-fixes).
- ALSA: timer: Limit max amount of slave instances (git-fixes).
- ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).
- ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
- ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
- ALSA: usb-audio: add quirk for Denon DCD-1500RE (git-fixes).
- ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) (git-fixes).
- ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha S (git-fixes).
- ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight S (git-fixes).
- ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).
- ALSA: usb-audio: Disable sample read check if firmware does not give back (git-fixes).
- ALSA: usb-audio: Fix control 'access overflow' errors from chmap (git-fixes).
- ALSA: usb-audio: Fix OOB access of mixer element list (git-fixes).
- ALSA: usb-audio: Fix potential out-of-bounds shift (git-fixes).
- ALSA: usb-audio: Fix race against the error recovery URB submission (git-fixes).
- ALSA: usb-audio: US16x08: fix value count for level meters (git-fixes).
- ASoC: arizona: Fix a wrong free in wm8997_probe (git-fixes).
- ASoC: cx2072x: Fix doubly definitions of Playback and Capture streams (git-fixes).
- ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed (git-fixes).
- ASoC: jz4740-i2s: add missed checks for clk_get() (git-fixes).
- ASoC: pcm3168a: The codec does not support S32_LE (git-fixes).
- ASoC: pcm: DRAIN support reactivation (git-fixes).
- ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile (git-fixes).
- ASoC: sti: fix possible sleep-in-atomic (git-fixes).
- ASoC: wm8904: fix regcache handling (git-fixes).
- ASoC: wm8998: Fix PM disable depth imbalance on error (git-fixes).
- ASoC: wm_adsp: Do not generate kcontrols without READ flags (git-fixes).
- ASoC: wm_adsp: remove 'ctl' from list on error in wm_adsp_create_control() (git-fixes).
- ata/libata: Fix usage of page address by page_address in ata_scsi_mode_select_xlat function (git-fixes).
- ath10k: Fix an error handling path (git-fixes).
- ath10k: fix backtrace on coredump (git-fixes).
- ath10k: fix get invalid tx rate for Mesh metric (git-fixes).
- ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq (git-fixes).
- ath10k: Release some resources in an error handling path (git-fixes).
- ath10k: Remove msdu from idr when management pkt send fails (git-fixes).
- ath6kl: fix enum-conversion warning (git-fixes).
- ath9k_htc: Discard undersized packets (git-fixes).
- ath9k_htc: Modify byte order for an error message (git-fixes).
- ath9k_htc: Silence undersized packet warnings (git-fixes).
- ath9k_htc: Use appropriate rs_datalen type (git-fixes).
- Avoid a GCC warning about '/*' within a comment.
- backlight: lp855x: Ensure regulators are disabled on probe failure (git-fixes).
- Bluetooth: add a mutex lock to avoid UAF in do_enale_set (git-fixes).
- Bluetooth: btusb: Fix detection of some fake CSR controllers with a bcdDevice val of 0x0134 (git-fixes).
- Bluetooth: Fix advertising duplicated flags (git-fixes).
- Bluetooth: Fix null pointer dereference in hci_event_packet() (git-fixes).
- Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() (git-fixes).
- bnxt_en: Fix race when modifying pause settings (bsc#1050242 ).
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (bsc#1050242).
- btmrvl: Fix firmware filename for sd8997 chipset (bsc#1172694).
- btrfs: fix use-after-free on readahead extent after failure to create it (bsc#1179963).
- btrfs: qgroup: do not commit transaction when we already hold the handle (bsc#1178634).
- btrfs: remove a BUG_ON() from merge_reloc_roots() (bsc#1174784).
- bus: fsl-mc: fix error return code in fsl_mc_object_allocate() (git-fixes).
- can: mcp251x: add error check when wq alloc failed (git-fixes).
- can: softing: softing_netdev_open(): fix error handling (git-fixes).
- cfg80211: initialize rekey_data (git-fixes).
- cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956).
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944).
- cirrus: cs89x0: remove set but not used variable 'lp' (git-fixes).
- cirrus: cs89x0: use devm_platform_ioremap_resource() to simplify code (git-fixes).
- clk: at91: usb: continue if clk_hw_round_rate() return zero (git-fixes).
- clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (git-fixes).
- clk: qcom: Allow constant ratio freq tables for rcg (git-fixes).
- clk: qcom: msm8916: Fix the address location of pll->config_reg (git-fixes).
- clk: s2mps11: Fix a resource leak in error handling paths in the probe function (git-fixes).
- clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1 (git-fixes).
- clk: sunxi-ng: Make sure divider tables have sentinel (git-fixes).
- clk: tegra: Fix duplicated SE clock entry (git-fixes).
- clk: tegra: Fix Tegra PMC clock out parents (git-fixes).
- clk: ti: composite: fix memory leak (git-fixes).
- clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call (git-fixes).
- clk: ti: Fix memleak in ti_fapll_synth_setup (git-fixes).
- clocksource/drivers/asm9260: Add a check for of_clk_get (git-fixes).
- coredump: fix core_pattern parse error (git-fixes).
- cpufreq: highbank: Add missing MODULE_DEVICE_TABLE (git-fixes).
- cpufreq: loongson1: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: scpi: Add missing MODULE_ALIAS (git-fixes).
- cpufreq: st: Add missing MODULE_DEVICE_TABLE (git-fixes).
- crypto: af_alg - avoid undefined behavior accessing salg_name (git-fixes).
- crypto: omap-aes - Fix PM disable depth imbalance in omap_aes_probe (git-fixes).
- crypto: qat - fix status check in qat_hal_put_rel_rd_xfer() (git-fixes).
- crypto: talitos - Fix return type of current_desc_hdr() (git-fixes).
- cw1200: fix missing destroy_workqueue() on error in cw1200_init_common (git-fixes).
- cxgb4: Fix offset when clearing filter byte counters (bsc#1064802 bsc#1066129).
- drivers: base: Fix NULL pointer exception in __platform_driver_probe() if a driver developer is foolish (git-fixes).
- drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe (git-fixes).
- drm/amd/display: remove useless if/else (git-fixes).
- drm/amdgpu: fix build_coefficients() argument (git-fixes).
- drm/dp_aux_dev: check aux_dev before use in drm_dp_aux_dev_get_by_minor() (git-fixes).
- drm/gma500: fix double free of gma_connector (git-fixes).
- drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[] (bsc#1129770)
- drm/meson: dw-hdmi: Register a callback to disable the regulator (git-fixes).
- drm/msm/dpu: Add newline to printks (git-fixes).
- drm/msm/dsi_phy_10nm: implement PHY disabling (git-fixes).
- drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() (git-fixes).
- drm/rockchip: Avoid uninitialized use of endpoint id in LVDS (git-fixes).
- epoll: Keep a reference on files added to the check list (bsc#1180031).
- ext4: correctly report 'not supported' for {usr,grp}jquota when !CONFIG_QUOTA (bsc#1179672).
- ext4: fix bogus warning in ext4_update_dx_flag() (bsc#1179716).
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- ext4: fix invalid inode checksum (bsc#1179723).
- ext4: fix leaking sysfs kobject after failed mount (bsc#1179670).
- ext4: limit entries returned when counting fsmap records (bsc#1179671).
- ext4: unlock xattr_sem properly in ext4_inline_data_truncate() (bsc#1179673).
- extcon: max77693: Fix modalias string (git-fixes).
- fbcon: Fix user font detection test at fbcon_resize(). (bsc#1112178) Backporting changes: 	* updated path drivers/video/fbcon/core to drivers/video/console
- fbcon: Remove the superfluous break (bsc#1129770) Backporting changes: 	* updated path drivers/video/fbcon/core to drivers/video/console 	* context changes
- firmware: qcom: scm: Ensure 'a0' status code is treated as signed (git-fixes).
- fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes).
- forcedeth: use per cpu to collect xmit/recv statistics (git-fixes).
- fs: Do not invalidate page buffers in block_write_full_page() (bsc#1179711).
- geneve: change from tx_error to tx_dropped on missing metadata (git-fixes).
- genirq/irqdomain: Add an irq_create_mapping_affinity() function (bsc#1065729).
- gpio: arizona: handle pm_runtime_get_sync failure case (git-fixes).
- gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap() (git-fixes).
- gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP (git-fixes).
- gpio: max77620: Fixup debounce delays (git-fixes).
- gpio: max77620: Use correct unit for debounce times (git-fixes).
- gpio: mpc8xxx: Add platform device to gpiochip->parent (git-fixes).
- gpio: mvebu: fix potential user-after-free on probe (git-fixes).
- gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model (git-fixes).
- gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk (git-fixes).
- gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option (git-fixes).
- gpiolib: acpi: Turn dmi_system_id table into a generic quirk table (git-fixes).
- gpiolib: fix up emulated open drain outputs (git-fixes).
- HID: Add another Primax PIXART OEM mouse quirk (git-fixes).
- HID: apple: Disable Fn-key key-re-mapping on clone keyboards (git-fixes).
- HID: core: check whether Usage Page item is after Usage ID items (git-fixes).
- HID: core: Correctly handle ReportSize being zero (git-fixes).
- HID: cypress: Support Varmilo Keyboards' media hotkeys (git-fixes).
- HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052).
- HID: hid-sensor-hub: Fix issue with devices with no report ID (git-fixes).
- HID: Improve Windows Precision Touchpad detection (git-fixes).
- HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring() (git-fixes).
- HID: logitech-hidpp: Silence intermittent get_battery_capacity errors (git-fixes).
- HSI: omap_ssi: Do not jump to free ID in ssi_add_controller() (git-fixes).
- hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow (git-fixes).
- hwmon: (jc42) Fix name to have no illegal characters (git-fixes).
- i2c: algo: pca: Reapply i2c bus settings after reset (git-fixes).
- i2c: i801: Fix resume bug (git-fixes).
- i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets (git-fixes).
- i2c: pxa: clear all master action bits in i2c_pxa_stop_message() (git-fixes).
- i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output (git-fixes).
- i2c: qup: Fix error return code in qup_i2c_bam_schedule_desc() (git-fixes).
- ibmvnic: add some debugs (bsc#1179896 ltc#190255).
- ibmvnic: avoid memset null scrq msgs (bsc#1044767 ltc#155231 git-fixes).
- ibmvnic: continue fatal error reset after passive init (bsc#1171078 ltc#184239 git-fixes).
- ibmvnic: delay next reset if hard reset fails (bsc#1094840 ltc#167098 git-fixes).
- ibmvnic: enhance resetting status check during module exit (bsc#1065729).
- ibmvnic: fix call_netdevice_notifiers in do_reset (bsc#1115431 ltc#171853 git-fixes).
- ibmvnic: fix NULL pointer dereference in reset_sub_crq_queues (bsc#1040855 ltc#155067 git-fixes).
- ibmvnic: fix: NULL pointer dereference (bsc#1044767 ltc#155231 git-fixes).
- ibmvnic: notify peers when failover and migration happen (bsc#1044120 ltc#155423 git-fixes).
- ibmvnic: restore adapter state on failed reset (bsc#1152457 ltc#174432 git-fixes).
- igc: Fix returning wrong statistics (bsc#1118657).
- iio: adc: max1027: Reset the device at probe time (git-fixes).
- iio: adc: rockchip_saradc: fix missing clk_disable_unprepare() on error in rockchip_saradc_resume (git-fixes).
- iio: bmp280: fix compensation of humidity (git-fixes).
- iio: buffer: Fix demux update (git-fixes).
- iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw() (git-fixes).
- iio: fix center temperature of bmc150-accel-core (git-fixes).
- iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting (git-fixes).
- iio: light: bh1750: Resolve compiler warning and make code more readable (git-fixes).
- iio: srf04: fix wrong limitation in distance measuring (git-fixes).
- iio:imu:bmi160: Fix too large a buffer (git-fixes).
- iio:pressure:mpl3115: Force alignment of buffer (git-fixes).
- inet_ecn: Fix endianness of checksum update when setting ECT(1) (git-fixes).
- Input: ads7846 - fix integer overflow on Rt calculation (git-fixes).
- Input: ads7846 - fix race that causes missing releases (git-fixes).
- Input: ads7846 - fix unaligned access on 7845 (git-fixes).
- Input: atmel_mxt_ts - disable IRQ across suspend (git-fixes).
- Input: cm109 - do not stomp on control URB (git-fixes).
- Input: cros_ec_keyb - send 'scancodes' in addition to key events (git-fixes).
- Input: cyapa_gen6 - fix out-of-bounds stack access (git-fixes).
- Input: goodix - add upside-down quirk for Teclast X98 Pro tablet (git-fixes).
- Input: i8042 - add Acer laptops to the i8042 reset list (git-fixes).
- Input: i8042 - add ByteSpeed touchpad to noloop table (git-fixes).
- Input: i8042 - add Entroware Proteus EL07R4 to nomux and reset lists (git-fixes).
- Input: i8042 - allow insmod to succeed on devices without an i8042 controller (git-fixes).
- Input: i8042 - fix error return code in i8042_setup_aux() (git-fixes).
- Input: omap4-keypad - fix runtime PM error handling (git-fixes).
- Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen (git-fixes).
- Input: trackpoint - add new trackpoint variant IDs (git-fixes).
- Input: trackpoint - enable Synaptics trackpoints (git-fixes).
- Input: xpad - support Ardwiino Controllers (git-fixes).
- ipw2x00: Fix -Wcast-function-type (git-fixes).
- irqchip/alpine-msi: Fix freeing of interrupts on allocation error path (git-fixes).
- iwlwifi: mvm: fix kernel panic in case of assert during CSA (git-fixes).
- iwlwifi: mvm: fix unaligned read of rx_pkt_status (git-fixes).
- iwlwifi: pcie: limit memory read spin time (git-fixes).
- kABI fix for g2d (git-fixes).
- kABI workaround for dsa/b53 changes (git-fixes).
- kABI workaround for HD-audio generic parser (git-fixes).
- kABI workaround for net/ipvlan changes (git-fixes).
- kABI: ath10k: move a new structure member to the end (git-fixes).
- kABI: genirq: add back irq_create_mapping (bsc#1065729).
- kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install
- kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
- kgdb: Fix spurious true from in_dbg_master() (git-fixes).
- KVM: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (bsc#1112178).
- mac80211: allow rx of mesh eapol frames with default rx key (git-fixes).
- mac80211: Check port authorization in the ieee80211_tx_dequeue() case (git-fixes).
- mac80211: do not set set TDLS STA bandwidth wider than possible (git-fixes).
- mac80211: fix authentication with iwlwifi/mvm (git-fixes).
- mac80211: fix use of skb payload instead of header (git-fixes).
- mac80211: mesh: fix mesh_pathtbl_init() error path (git-fixes).
- matroxfb: avoid -Warray-bounds warning (git-fixes).
- md-cluster: fix rmmod issue when md_cluster convert bitmap to none (bsc#1163727).
- md-cluster: fix safemode_delay value when converting to clustered bitmap (bsc#1163727).
- md-cluster: fix wild pointer of unlock_all_bitmaps() (bsc#1163727).
- md/bitmap: fix memory leak of temporary bitmap (bsc#1163727).
- md/bitmap: md_bitmap_get_counter returns wrong blocks (bsc#1163727).
- md/bitmap: md_bitmap_read_sb uses wrong bitmap blocks (bsc#1163727).
- md/cluster: block reshape with remote resync job (bsc#1163727).
- md/cluster: fix deadlock when node is doing resync job (bsc#1163727).
- md/raid5: fix oops during stripe resizing (git-fixes).
- media: am437x-vpfe: Setting STD to current value is not an error (git-fixes).
- media: cec-funcs.h: add status_req checks (git-fixes).
- media: cx88: Fix some error handling path in 'cx8800_initdev()' (git-fixes).
- media: gspca: Fix memory leak in probe (git-fixes).
- media: i2c: mt9v032: fix enum mbus codes and frame sizes (git-fixes).
- media: i2c: ov2659: Fix missing 720p register config (git-fixes).
- media: i2c: ov2659: fix s_stream return value (git-fixes).
- media: msi2500: assign SPI bus number dynamically (git-fixes).
- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
- media: mtk-vcodec: add missing put_device() call in mtk_vcodec_release_dec_pm() (git-fixes).
- media: platform: add missing put_device() call in mtk_jpeg_probe() and mtk_jpeg_remove() (git-patches).
- media: pvrusb2: Fix oops on tear-down when radio support is not present (git-fixes).
- media: s5p-g2d: Fix a memory leak in an error handling path in 'g2d_probe()' (git-fixes).
- media: saa7146: fix array overflow in vidioc_s_audio() (git-fixes).
- media: si470x-i2c: add missed operations in remove (git-fixes).
- media: siano: fix memory leak of debugfs members in smsdvb_hotplug (git-fixes).
- media: solo6x10: fix missing snd_card_free in error handling case (git-fixes).
- media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run() (git-fixes).
- media: sunxi-cir: ensure IR is handled when it is continuous (git-fixes).
- media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort cases (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence number (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid sizeimage (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic (git-fixes).
- media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel format (git-fixes).
- media: ti-vpe: vpe: Make sure YUYV is set as default format (git-fixes).
- media: uvcvideo: Set media controller entity functions (git-fixes).
- media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes).
- media: v4l2-async: Fix trivial documentation typo (git-fixes).
- media: v4l2-core: fix touch support in v4l_g_fmt (git-fixes).
- media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros (git-fixes).
- mei: bus: do not clean driver pointer (git-fixes).
- mei: protect mei_cl_mtu from null dereference (git-fixes).
- memstick: fix a double-free bug in memstick_check (git-fixes).
- memstick: r592: Fix error return in r592_probe() (git-fixes).
- mfd: rt5033: Fix errorneous defines (git-fixes).
- mfd: wm8994: Fix driver operation if loaded as modules (git-fixes).
- mlxsw: core: Fix memory leak on module removal (bsc#1112374).
- mm,memory_failure: always pin the page in madvise_inject_error (bsc#1180258).
- mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204).
- mwifiex: fix mwifiex_shutdown_sw() causing sw reset failure (git-fixes).
- net/smc: fix valid DMBE buffer sizes (git-fixes).
- net/tls: Fix kmap usage (bsc#1109837).
- net/tls: missing received data after fast remote close (bsc#1109837).
- net/x25: prevent a couple of overflows (bsc#1178590).
- net: aquantia: Fix aq_vec_isr_legacy() return value (git-fixes).
- net: aquantia: fix LRO with FCS error (git-fixes).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990 ).
- net: dsa: b53: Always use dev->vlan_enabled in b53_configure_vlan() (git-fixes).
- net: dsa: b53: Ensure the default VID is untagged (git-fixes).
- net: dsa: b53: Fix default VLAN ID (git-fixes).
- net: dsa: b53: Properly account for VLAN filtering (git-fixes).
- net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes).
- net: dsa: bcm_sf2: potential array overflow in bcm_sf2_sw_suspend() (git-fixes).
- net: dsa: qca8k: remove leftover phy accessors (git-fixes).
- net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
- net: ena: handle bad request id in ena_netdev (git-fixes).
- net: ethernet: ti: cpsw: fix runtime_pm while add/kill vlan (git-fixes).
- net: hisilicon: Fix signedness bug in hix5hd2_dev_probe() (git-fixes).
- net: macb: add missing barriers when reading descriptors (git-fixes).
- net: macb: fix dropped RX frames due to a race (git-fixes).
- net: macb: fix error format in dev_err() (git-fixes).
- net: macb: fix random memory corruption on RX with 64-bit DMA (git-fixes).
- net: pasemi: fix an use-after-free in pasemi_mac_phy_init() (git-fixes).
- net: phy: Avoid multiple suspends (git-fixes).
- net: qed: fix 'maybe uninitialized' warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qed: fix async event callbacks unregistering (bsc#1104393 bsc#1104389).
- net: qede: fix PTP initialization on recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix use-after-free on recovery and AER handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: seeq: Fix the function used to release some memory in an error handling path (git-fixes).
- net: sh_eth: fix a missing check of of_get_phy_mode (git-fixes).
- net: sonic: replace dev_kfree_skb in sonic_send_packet (git-fixes).
- net: sonic: return NETDEV_TX_OK if failed to map buffer (git-fixes).
- net: stmmac: fix csr_clk can't be zero issue (git-fixes).
- net: stmmac: Fix reception of Broadcom switches tags (git-fixes).
- net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() (bsc#1110096).
- net: usb: sr9800: fix uninitialized local variable (git-fixes).
- net:ethernet:aquantia: Extra spinlocks removed (git-fixes).
- net_sched: fix a memory leak in atm_tc_init() (bsc#1056657 bsc#1056653 bsc#1056787).
- nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame (git-fixes).
- nfc: s3fwrn5: Release the nfc firmware (git-fixes).
- nfc: st95hf: Fix memleak in st95hf_in_send_cmd (git-fixes).
- nfp: use correct define to return NONE fec (bsc#1109837).
- NFS: fix nfs_path in case of a rename retry (git-fixes).
- NFSD: Add missing NFSv2 .pc_func methods (git-fixes).
- NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes).
- NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (git-fixes).
- ocfs2: fix unbalanced locking (bsc#1180506).
- ocfs2: initialize ip_next_orphan (bsc#1179724).
- orinoco: Move context allocation after processing the skb (git-fixes).
- parport: load lowlevel driver if ports not found (git-fixes).
- PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges (git-fixes).
- PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge (git-fixes).
- PCI: Do not disable decoding when mmio_always_on is set (git-fixes).
- PCI: Fix pci_slot_release() NULL pointer dereference (git-fixes).
- phy: Revert toggling reset changes (git-fixes).
- pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler() (git-fixes).
- pinctrl: amd: fix npins for uart0 in kerncz_groups (git-fixes).
- pinctrl: amd: remove debounce filter setting in IRQ type setting (git-fixes).
- pinctrl: baytrail: Avoid clearing debounce value when turning it off (git-fixes).
- pinctrl: falcon: add missing put_device() call in pinctrl_falcon_probe() (git-fixes).
- pinctrl: merrifield: Set default bias in case no particular value given (git-fixes).
- pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B (git-fixes).
- platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE (git-fixes).
- platform/x86: dell-smbios-base: Fix error return code in dell_smbios_init (git-fixes).
- platform/x86: mlx-platform: Fix item counter assignment for MSN2700, MSN24xx systems (git-fixes).
- platform/x86: mlx-platform: remove an unused variable (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from default platform configuration (git-fixes).
- platform/x86: mlx-platform: Remove PSU EEPROM from MSN274x platform configuration (git-fixes).
- PM / hibernate: memory_bm_find_bit(): Tighten node optimisation (git-fixes).
- PM: ACPI: Output correct message on target power state (git-fixes).
- PM: hibernate: Freeze kernel threads in software_resume() (git-fixes).
- PM: hibernate: remove the bogus call to get_gendisk() in software_resume() (git-fixes).
- pNFS/flexfiles: Fix list corruption if the mirror count changes (git-fixes).
- power: supply: bq24190_charger: fix reference leak (git-fixes).
- power: supply: bq27xxx_battery: Silence deferred-probe error (git-fixes).
- powerpc/64: Set up a kernel stack for secondaries before cpu_restore() (bsc#1065729).
- powerpc/64s/pseries: Fix hash tlbiel_all_isa300 for guest kernels (bsc#1179888 ltc#190253).
- powerpc/64s: Fix hash ISA v3.0 TLBIEL instruction generation (bsc#1055117 ltc#159753 git-fixes bsc#1179888 ltc#190253).
- powerpc/pci: Fix broken INTx configuration via OF (bsc#1172145 ltc#184630).
- powerpc/pci: Remove legacy debug code (bsc#1172145 ltc#184630 git-fixes).
- powerpc/pci: Remove LSI mappings on device teardown (bsc#1172145 ltc#184630).
- powerpc/pci: Use of_irq_parse_and_map_pci() helper (bsc#1172145 ltc#184630).
- powerpc/perf: Fix crash with is_sier_available when pmu is not set (bsc#1179578 ltc#189313).
- powerpc/pseries/hibernation: remove redundant cacheinfo update (bsc#1138374 ltc#178199 git-fixes).
- powerpc/pseries: Pass MSI affinity to irq_create_mapping() (bsc#1065729).
- powerpc/smp: Add __init to init_big_cores() (bsc#1109695 ltc#171067 git-fixes).
- powerpc/xmon: Change printk() to pr_cont() (bsc#1065729).
- powerpc: Convert to using %pOF instead of full_name (bsc#1172145 ltc#184630).
- powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at (bsc#1065729).
- ppp: remove the PPPIOCDETACH ioctl (git-fixes).
- pwm: lp3943: Dynamically allocate PWM chip base (git-fixes).
- qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536 bsc#1050545).
- qed: suppress 'do not support RoCE & iWARP' flooding on HW init (bsc#1050536 bsc#1050545).
- qed: suppress false-positives interrupt error messages on HW init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- quota: clear padding in v2r1_mem2diskdqb() (bsc#1179714).
- radeon: insert 10ms sleep in dce5_crtc_load_lut (git-fixes).
- ravb: Fix use-after-free ravb_tstamp_skb (git-fixes).
- RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 (bsc#1050545).
- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545 ).
- regmap: debugfs: check count when read regmap file (git-fixes).
- regmap: dev_get_regmap_match(): fix string comparison (git-fixes).
- regmap: Remove duplicate `type` field from regmap `regcache_sync` trace event (git-fixes).
- regulator: max8907: Fix the usage of uninitialized variable in max8907_regulator_probe() (git-fixes).
- regulator: pfuze100-regulator: Variable 'val' in pfuze100_regulator_probe() could be uninitialized (git-fixes).
- regulator: ti-abb: Fix timeout in ti_abb_wait_txdone/ti_abb_clear_all_txdone (git-fixes).
- reiserfs: Fix oops during mount (bsc#1179715).
- reiserfs: Initialize inode keys properly (bsc#1179713).
- remoteproc: Fix wrong rvring index computation (git-fixes).
- rfkill: Fix incorrect check to avoid NULL pointer dereference (git-fixes).
- rtc: 88pm860x: fix possible race condition (git-fixes).
- rtc: hym8563: enable wakeup when applicable (git-fixes).
- rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot (git-fixes).
- rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() (git-fixes).
- s390/bpf: Fix multiple tail calls (git-fixes).
- s390/cpuinfo: show processor physical address (git-fixes).
- s390/cpum_sf.c: fix file permission for cpum_sfb_size (git-fixes).
- s390/dasd: fix hanging device offline processing (bsc#1144912).
- s390/dasd: fix null pointer dereference for ERP requests (git-fixes).
- s390/pci: fix CPU address in MSI for directed IRQ (git-fixes).
- s390/qeth: fix af_iucv notification race (git-fixes).
- s390/qeth: fix tear down of async TX buffers (git-fixes).
- s390/qeth: make af_iucv TX notification call more robust (git-fixes).
- s390/stp: add locking to sysfs functions (git-fixes).
- s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl (git-fixes).
- scripts/lib/SUSE/MyBS.pm: properly close prjconf Macros: section
- scsi: lpfc: Add FDMI Vendor MIB support (bsc#1164780).
- scsi: lpfc: Convert abort handling to SLI-3 and SLI-4 handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI I/O completions to SLI-3 and SLI-4 handlers (bsc#1164780).
- scsi: lpfc: Convert SCSI path to use common I/O submission path (bsc#1164780).
- scsi: lpfc: Correct null ndlp reference on routine exit (bsc#1164780).
- scsi: lpfc: Drop nodelist reference on error in lpfc_gen_req() (bsc#1164780).
- scsi: lpfc: Enable common send_io interface for SCSI and NVMe (bsc#1164780).
- scsi: lpfc: Enable common wqe_template support for both SCSI and NVMe (bsc#1164780).
- scsi: lpfc: Enlarge max_sectors in scsi host templates (bsc#1164780).
- scsi: lpfc: Extend the RDF FPIN Registration descriptor for additional events (bsc#1164780).
- scsi: lpfc: Fix duplicate wq_create_version check (bsc#1164780).
- scsi: lpfc: Fix fall-through warnings for Clang (bsc#1164780).
- scsi: lpfc: Fix FLOGI/PLOGI receive race condition in pt2pt discovery (bsc#1164780).
- scsi: lpfc: Fix invalid sleeping context in lpfc_sli4_nvmet_alloc() (bsc#1164780).
- scsi: lpfc: Fix memory leak on lcb_context (bsc#1164780).
- scsi: lpfc: Fix missing prototype for lpfc_nvmet_prep_abort_wqe() (bsc#1164780).
- scsi: lpfc: Fix missing prototype warning for lpfc_fdmi_vendor_attr_mi() (bsc#1164780).
- scsi: lpfc: Fix NPIV discovery and Fabric Node detection (bsc#1164780).
- scsi: lpfc: Fix NPIV Fabric Node reference counting (bsc#1164780).
- scsi: lpfc: Fix pointer defereference before it is null checked issue (bsc#1164780).
- scsi: lpfc: Fix refcounting around SCSI and NVMe transport APIs (bsc#1164780).
- scsi: lpfc: Fix removal of SCSI transport device get and put on dev structure (bsc#1164780).
- scsi: lpfc: Fix scheduling call while in softirq context in lpfc_unreg_rpi (bsc#1164780).
- scsi: lpfc: Fix set but not used warnings from Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Fix set but unused variables in lpfc_dev_loss_tmo_handler() (bsc#1164780).
- scsi: lpfc: Fix spelling mistake 'Cant' -> 'Can't' (bsc#1164780).
- scsi: lpfc: Fix variable 'vport' set but not used in lpfc_sli4_abts_err_handler() (bsc#1164780).
- scsi: lpfc: lpfc_attr: Demote kernel-doc format for redefined functions (bsc#1164780).
- scsi: lpfc: lpfc_attr: Fix-up a bunch of kernel-doc misdemeanours (bsc#1164780).
- scsi: lpfc: lpfc_debugfs: Fix a couple of function documentation issues (bsc#1164780).
- scsi: lpfc: lpfc_scsi: Fix a whole host of kernel-doc issues (bsc#1164780).
- scsi: lpfc: Refactor WQE structure definitions for common use (bsc#1164780).
- scsi: lpfc: Reject CT request for MIB commands (bsc#1164780).
- scsi: lpfc: Remove dead code on second !ndlp check (bsc#1164780).
- scsi: lpfc: Remove ndlp when a PLOGI/ADISC/PRLI/REG_RPI ultimately fails (bsc#1164780).
- scsi: lpfc: Remove set but not used 'qp' (bsc#1164780).
- scsi: lpfc: Remove unneeded variable 'status' in lpfc_fcp_cpu_map_store() (bsc#1164780).
- scsi: lpfc: Removed unused macros in lpfc_attr.c (bsc#1164780).
- scsi: lpfc: Rework locations of ndlp reference taking (bsc#1164780).
- scsi: lpfc: Rework remote port lock handling (bsc#1164780).
- scsi: lpfc: Rework remote port ref counting and node freeing (bsc#1164780).
- scsi: lpfc: Unsolicited ELS leaves node in incorrect state while dropping it (bsc#1164780).
- scsi: lpfc: Update changed file copyrights for 2020 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.4 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.5 (bsc#1164780).
- scsi: lpfc: Update lpfc version to 12.8.0.6 (bsc#1164780).
- scsi: lpfc: Use generic power management (bsc#1164780).
- scsi: qla2xxx: Change post del message from debug level to log level (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Convert to DEFINE_SHOW_ATTRIBUTE (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not check for fw_started while posting NVMe command (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Do not consume srb greedily (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Drop TARGET_SCF_LOOKUP_LUN_FROM_TAG (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix compilation issue in PPC systems (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix crash during driver load on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix device loss on 4G and older HBAs (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix FW initialization error on big endian machines (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix N2N and NVMe connect retry failure (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix return of uninitialized value in rval (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Fix the call trace for flush workqueue (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Handle incorrect entry_type entries (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Limit interrupt vectors to number of CPUs (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Move sess cmd list/lock to driver (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: remove incorrect sparse #ifdef (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Remove trailing semicolon in macro definition (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Return EBUSY on fcport deletion (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Tear down session if FW say it is down (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Update version to 10.02.00.104-k (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: qla2xxx: Use constant when it is known (bsc#1172538 bsc#1179142 bsc#1179810).
- scsi: Remove unneeded break statements (bsc#1164780).
- scsi: storvsc: Fix error return in storvsc_probe() (git-fixes).
- scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (bsc#1172538 bsc#1179142 bsc#1179810).
- serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access (git-fixes).
- serial: 8250_pci: Add Realtek 816a and 816b (git-fixes).
- serial: amba-pl011: Make sure we initialize the port.lock spinlock (git-fixes).
- serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE (git-fixes).
- serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (git-fixes).
- serial_core: Check for port state when tty is in error state (git-fixes).
- SMB3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558).
- SMB3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- SMB3: Honor lease disabling for multiuser mounts (git-fixes).
- soc/tegra: fuse: Fix index bug in get_process_id (git-fixes).
- soc: imx: gpc: fix power up sequencing (git-fixes).
- soc: mediatek: Check if power domains can be powered on at boot time (git-fixes).
- soc: qcom: smp2p: Safely acquire spinlock without IRQs (git-fixes).
- soc: ti: Fix reference imbalance in knav_dma_probe (git-fixes).
- soc: ti: knav_qmss: fix reference leak in knav_queue_probe (git-fixes).
- spi: Add call to spi_slave_abort() function when spidev driver is released (git-fixes).
- spi: bcm63xx-hsspi: fix missing clk_disable_unprepare() on error in bcm63xx_hsspi_resume (git-fixes).
- spi: davinci: Fix use-after-free on unbind (git-fixes).
- spi: dw: Enable interrupts in accordance with DMA xfer mode (git-fixes).
- spi: dw: Fix Rx-only DMA transfers (git-fixes).
- spi: dw: Return any value retrieved from the dma_transfer callback (git-fixes).
- spi: Fix memory leak on splited transfers (git-fixes).
- spi: img-spfi: fix potential double release (git-fixes).
- spi: img-spfi: fix reference leak in img_spfi_resume (git-fixes).
- spi: pic32: Do not leak DMA channels in probe error path (git-fixes).
- spi: pxa2xx: Add missed security checks (git-fixes).
- spi: spi-cavium-thunderx: Add missing pci_release_regions() (git-fixes).
- spi: spi-loopback-test: Fix out-of-bounds read (git-fixes).
- spi: spi-mem: Fix passing zero to 'PTR_ERR' warning (git-fixes).
- spi: spi-mem: fix reference leak in spi_mem_access_start (git-fixes).
- spi: spi-ti-qspi: fix reference leak in ti_qspi_setup (git-fixes).
- spi: spidev: fix a potential use-after-free in spidev_release() (git-fixes).
- spi: st-ssc4: add missed pm_runtime_disable (git-fixes).
- spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path (git-fixes).
- spi: tegra114: fix reference leak in tegra spi ops (git-fixes).
- spi: tegra20-sflash: fix reference leak in tegra_sflash_resume (git-fixes).
- spi: tegra20-slink: add missed clk_unprepare (git-fixes).
- spi: tegra20-slink: fix reference leak in slink ops of tegra20 (git-fixes).
- splice: only read in as much information as there is pipe buffer space (bsc#1179520).
- staging: comedi: check validity of wMaxPacketSize of usb endpoints found (git-fixes).
- staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value (git-fixes).
- staging: comedi: mf6x4: Fix AI end-of-conversion detection (git-fixes).
- staging: olpc_dcon: add a missing dependency (git-fixes).
- staging: olpc_dcon: Do not call platform_device_unregister() in dcon_probe() (git-fixes).
- staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21 (git-fixes).
- staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 (git-fixes).
- staging: rtl8188eu: fix possible null dereference (git-fixes).
- staging: rtl8192u: fix multiple memory leaks on error path (git-fixes).
- staging: vt6656: set usb_set_intfdata on driver fail (git-fixes).
- staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb() (git-fixes).
- staging: wlan-ng: properly check endpoint types (git-fixes).
- sunrpc: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1103992).
- sunrpc: fixed rollback in rpc_gssd_dummy_populate() (git-fixes).
- sunrpc: Properly set the @subbuf parameter of xdr_buf_subsegment() (git-fixes).
- sunrpc: The RDMA back channel mustn't disappear while requests are outstanding (git-fixes).
- svcrdma: fix bounce buffers for unaligned offsets and multiple pages (bsc#1103992).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (bsc#1103992).
- tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (bsc#1109837).
- thunderbolt: Use 32-bit writes when writing ring producer/consumer (git-fixes).
- timer: Fix wheel index calculation on last level (git fixes)
- timer: Prevent base->clk from moving backward (git-fixes)
- tty: always relink the port (git-fixes).
- tty: Fix ->pgrp locking in tiocspgrp() (git-fixes).
- tty: link tty and port before configuring it as console (git-fixes).
- tty: synclink_gt: Adjust indentation in several functions (git-fixes).
- tty: synclinkmp: Adjust indentation in several functions (git-fixes).
- tty:serial:mvebu-uart:fix a wrong return (git-fixes).
- uapi/if_ether.h: move __UAPI_DEF_ETHHDR libc define (git-fixes).
- uapi/if_ether.h: prevent redefinition of struct ethhdr (git-fixes).
- usb: add RESET_RESUME quirk for Snapscan 1212 (git-fixes).
- usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul (git-fixes).
- usb: dummy-hcd: Fix uninitialized array use in init() (git-fixes).
- usb: dwc2: Fix IN FIFO allocation (git-fixes).
- usb: dwc3: remove the call trace of USBx_GFLADJ (git-fixes).
- usb: ehci-omap: Fix PM disable depth umbalance in ehci_hcd_omap_probe (git-fixes).
- usb: Fix: Do not skip endpoint descriptors with maxpacket=0 (git-fixes).
- usb: fsl: Check memory resource before releasing it (git-fixes).
- usb: gadget: composite: Fix possible double free memory bug (git-fixes).
- usb: gadget: configfs: fix concurrent issue between composite APIs (git-fixes).
- usb: gadget: configfs: Fix missing spin_lock_init() (git-fixes).
- usb: gadget: f_acm: add support for SuperSpeed Plus (git-fixes).
- usb: gadget: f_fs: Use local copy of descriptors for userspace copy (git-fixes).
- usb: gadget: f_midi: setup SuperSpeed Plus descriptors (git-fixes).
- usb: gadget: f_rndis: fix bitrate for SuperSpeed and above (git-fixes).
- usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags (git-fixes).
- usb: gadget: fix wrong endpoint desc (git-fixes).
- usb: gadget: goku_udc: fix potential crashes in probe (git-fixes).
- usb: gadget: net2280: fix memory leak on probe error handling paths (git-fixes).
- usb: gadget: serial: fix Tx stall after buffer overflow (git-fixes).
- usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe() (git-fixes).
- usb: gadget: udc: gr_udc: fix memleak on error handling path in gr_ep_init() (git-fixes).
- usb: hso: Fix debug compile warning on sparc32 (git-fixes).
- usb: ldusb: use unsigned size format specifiers (git-fixes).
- usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue (git-fixes).
- usb: oxu210hp-hcd: Fix memory leak in oxu_create (git-fixes).
- usb: serial: ch341: add new Product ID for CH341A (git-fixes).
- usb: serial: ch341: sort device-id entries (git-fixes).
- usb: serial: digi_acceleport: clean up modem-control handling (git-fixes).
- usb: serial: digi_acceleport: clean up set_termios (git-fixes).
- usb: serial: digi_acceleport: fix write-wakeup deadlocks (git-fixes).
- usb: serial: digi_acceleport: remove in_interrupt() usage.
- usb: serial: digi_acceleport: remove redundant assignment to pointer priv (git-fixes).
- usb: serial: digi_acceleport: rename tty flag variable (git-fixes).
- usb: serial: digi_acceleport: use irqsave() in USB's complete callback (git-fixes).
- usb: serial: keyspan_pda: fix dropped unthrottle interrupts (git-fixes).
- usb: serial: keyspan_pda: fix stalled writes (git-fixes).
- usb: serial: keyspan_pda: fix tx-unthrottle use-after-free (git-fixes).
- usb: serial: keyspan_pda: fix write deadlock (git-fixes).
- usb: serial: keyspan_pda: fix write unthrottling (git-fixes).
- usb: serial: keyspan_pda: fix write-wakeup use-after-free (git-fixes).
- usb: serial: kl5kusb105: fix memleak on open (git-fixes).
- usb: serial: mos7720: fix parallel-port state restore (git-fixes).
- usb: serial: option: add Fibocom NL668 variants (git-fixes).
- usb: serial: option: add interface-number sanity check to flag handling (git-fixes).
- usb: serial: option: add support for Thales Cinterion EXS82 (git-fixes).
- usb: serial: option: fix Quectel BG96 matching (git-fixes).
- usb: Skip endpoints with 0 maxpacket length (git-fixes).
- usb: UAS: introduce a quirk to set no_write_same (git-fixes).
- usb: usbfs: Suppress problematic bind and unbind uevents (git-fixes).
- usblp: poison URBs upon disconnect (git-fixes).
- usbnet: ipheth: fix connectivity with iOS 14 (git-fixes).
- video: fbdev: neofb: fix memory leak in neo_scan_monitor() (git-fixes).
- vt: do not hardcode the mem allocation upper bound (git-fixes).
- vt: Reject zero-sized screen buffer size (git-fixes).
- watchdog: coh901327: add COMMON_CLK dependency (git-fixes).
- watchdog: da9062: do not ping the hw during stop() (git-fixes).
- watchdog: da9062: No need to ping manually before setting timeout (git-fixes).
- watchdog: qcom: Avoid context switch in restart handler (git-fixes).
- watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (git-fixes).
- wimax: fix duplicate initializer warning (git-fixes).
- wireless: Use linux/stddef.h instead of stddef.h (git-fixes).
- wireless: Use offsetof instead of custom macro (git-fixes).
- x86/apic: Fix integer overflow on 10 bit left shift of cpu_khz (bsc#1112178).
- x86/insn-eval: Use new for_each_insn_prefix() macro to loop over prefixes bytes (bsc#1112178).
- x86/mm/ident_map: Check for errors from ident_pud_init() (bsc#1112178).
- x86/mm/mem_encrypt: Fix definition of PMD_FLAGS_DEC_WP (bsc#1112178).
- x86/resctrl: Add necessary kernfs_put() calls to prevent refcount leak (bsc#1112178).
- x86/resctrl: Fix incorrect local bandwidth when mba_sc is enabled (bsc#1112178).
- x86/resctrl: Remove superfluous kernfs_get() calls to prevent refcount leak (bsc#1112178).
- x86/resctrl: Remove unused struct mbm_state::chunks_bw (bsc#1112178).
- x86/speculation: Fix prctl() when spectre_v2_user={seccomp,prctl},ibpb (bsc#1112178).
- x86/tracing: Introduce a static key for exception tracing (bsc#1179895).
- x86/traps: Simplify pagefault tracing logic (bsc#1179895).
- x86/uprobes: Do not use prefixes.nbytes when looping over prefixes.bytes (bsc#1112178).
- xhci: Give USB2 ports time to enter U3 in bus suspend (git-fixes).
- xprtrdma: fix incorrect header size calculations (git-fixes).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:129-1
Released:    Thu Jan 14 12:26:15 2021
Summary:     Security update for openldap2
Type:        security
Severity:    moderate
References:  1178909,1179503,CVE-2020-25709,CVE-2020-25710
This update for openldap2 fixes the following issues:

Security issues fixed:

- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).

Non-security issue fixed:

- Retry binds in the LDAP backend when the remote LDAP server disconnected the (idle) LDAP connection. (bsc#1179503)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:178-1
Released:    Wed Jan 20 13:38:02 2021
Summary:     Recommended update for wicked
Type:        recommended
Severity:    moderate
References:  1160939,1168155,1171234,1172082,1174099,959556
This update for wicked fixes the following issues:

- Fix to avoid incomplete ifdown/timeout on route deletion error. (bsc#1174099)
- Allow 'linuxrc' to send 'RFC2132' without providing the MAC address. (jsc#SLE-15770)
- Fixes to ifreload on port changes. (bsc#1168155, bsc#1172082)
- Fix schema to use correct 'hwaddr_policy' property. (bsc#1171234)
- Enable IPv6 on ports when 'nsna_ping' linkwatch is used. (bsc#959556)
- Implement support for RFC7217. (jsc#SLE-6960)
- Fix for schema to avoid not applying 'rto_min' including new time format. (bsc#1160939)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:179-1
Released:    Wed Jan 20 13:38:51 2021
Summary:     Recommended update for timezone
Type:        recommended
Severity:    moderate
References:  1177460
This update for timezone fixes the following issues:

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

- timezone update 2020f (bsc#1177460)
  * 'make rearguard_tarballs' no longer generates a bad rearguard.zi,
    fixing a 2020e bug.

- timezone update 2020e (bsc#1177460)
  * Volgograd switches to Moscow time on 2020-12-27 at 02:00.

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:220-1
Released:    Tue Jan 26 14:00:51 2021
Summary:     Recommended update for keyutils
Type:        recommended
Severity:    moderate
References:  1180603
This update for keyutils fixes the following issues:

- Adjust the library license to be LPGL-2.1+ only (the tools are GPL2+, the library is just LGPL-2.1+) (bsc#1180603)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:221-1
Released:    Tue Jan 26 14:31:39 2021
Summary:     Recommended update for SUSEConnect
Type:        recommended
Severity:    low
References:  
This update for SUSEConnect fixes the following issue:

Update to version 0.3.29

- Replace the Ruby path with the native one during build phase.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:227-1
Released:    Tue Jan 26 19:22:14 2021
Summary:     Security update for sudo
Type:        security
Severity:    important
References:  1180684,1180685,1180687,1181090,CVE-2021-23239,CVE-2021-23240,CVE-2021-3156
This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges 
  [bsc#1181090,CVE-2021-3156]
- It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit`
  [bsc#1180684,CVE-2021-23239]
- A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685,
  CVE-2021-23240]
- It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:233-1
Released:    Wed Jan 27 12:15:33 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    moderate
References:  1141597,1174436,1175458,1177490,1179363,1179824,1180225
This update for systemd fixes the following issues:

- Added a timestamp to the output of the busctl monitor command (bsc#1180225)
- Fixed a NULL pointer dereference bug when attempting to close the journal file handle (bsc#1179824)
- Improved the caching of cgroups member mask (bsc#1175458)
- Fixed the dependency definition of sound.target (bsc#1179363)
- Fixed a bug that could lead to a potential error, when daemon-reload is called between
  StartTransientUnit and scope_start() (bsc#1174436)
- time-util: treat /etc/localtime missing as UTC (bsc#1141597)
- Removed mq-deadline selection from 60-io-scheduler.rules (bsc#1177490)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:239-1
Released:    Fri Jan 29 06:49:13 2021
Summary:     Recommended update for btrfsprogs
Type:        recommended
Severity:    moderate
References:  1174206
This update for btrfsprogs fixes the following issues:

- Add patches to fix the logical-resolve lookup process and to accept the 'ignore offsets' kernel feature. (bsc#1174206)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:265-1
Released:    Mon Feb  1 15:06:45 2021
Summary:     Recommended update for systemd
Type:        recommended
Severity:    important
References:  1178775,1180885
This update for systemd fixes the following issues:

- Fix for udev creating '/dev/disk/by-label' symlink for 'LUKS2' to avoid mount issues. (bsc#1180885, #8998))
- Fix for an issue when container start causes interference in other containers. (bsc#1178775)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2021:266-1
Released:    Mon Feb  1 21:02:37 2021
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1177533,1179326,1179691,1179738
This update for lvm2 fixes the following issue:

- Fixes an issue when boot logical volume gets unmounted during patching. (bsc#1177533)
- Fix for lvm2 to use 'external_device_info_source='udev'' by default. (bsc#1179691)
- Fixed an issue in configuration for an item that is commented out by default. (bsc#1179738)
- Fixed an issue when after storage migration major performance issues occurred on the system. (bsc#1179326)

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
/main-polls/52-how-frequently-do-you-patch-update-your-system?task=poll.vote&format=json
52
radio
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"47","type":"x","order":"1","pct":79.66,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"7","type":"x","order":"2","pct":11.86,"resources":[]},{"id":"181","title":"Hardly ever","votes":"5","type":"x","order":"3","pct":8.47,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.

VOTE ON THE POLL PAGE


VIEW MORE POLLS

bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.