SUSE-SU-2018:3593-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Oct 31 11:32:55 MDT 2018


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:3593-1
Rating:             important
References:         #1046540 #1050319 #1050536 #1050540 #1051510 
                    #1055120 #1065600 #1066674 #1067126 #1067906 
                    #1076830 #1079524 #1083647 #1084760 #1084831 
                    #1086283 #1086288 #1094825 #1095805 #1099125 
                    #1100132 #1102881 #1103308 #1103543 #1104731 
                    #1105025 #1105536 #1106105 #1106110 #1106237 
                    #1106240 #1106838 #1107685 #1108241 #1108377 
                    #1108468 #1108828 #1108841 #1108870 #1109151 
                    #1109158 #1109217 #1109330 #1109739 #1109784 
                    #1109806 #1109818 #1109907 #1109911 #1109915 
                    #1109919 #1109951 #1110006 #1110096 #1110538 
                    #1110561 #1110921 #1111028 #1111076 #1111506 
                    #1111806 #1111819 #1111830 #1111834 #1111841 
                    #1111870 #1111901 #1111904 #1111928 #1111983 
                    #1112170 #1112173 #1112208 #1112219 #1112221 
                    #1112246 #1112372 #1112514 #1112554 #1112708 
                    #1112710 #1112711 #1112712 #1112713 #1112731 
                    #1112732 #1112733 #1112734 #1112735 #1112736 
                    #1112738 #1112739 #1112740 #1112741 #1112743 
                    #1112745 #1112746 #1112894 #1112899 #1112902 
                    #1112903 #1112905 #1112906 #1112907 #1113257 
                    #1113284 
Cross-References:   CVE-2017-16533 CVE-2017-18224 CVE-2018-18386
                    CVE-2018-18445
Affected Products:
                    SUSE Linux Enterprise Module for Live Patching 15
______________________________________________________________________________

   An update that solves four vulnerabilities and has 102
   fixes is now available.

Description:



   The SUSE Linux Enterprise 15 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2018-18445: A faulty computation of numeric bounds in the BPF
     verifier permits out-of-bounds memory accesses because
     adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit
     right shifts (bnc#1112372).
   - CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are
     able to access pseudo terminals) to hang/block further usage of any
     pseudo terminal devices due to an EXTPROC versus ICANON confusion in
     TIOCINQ (bnc#1094825).
   - CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and
     consequently has a race condition for access to the extent tree during
     read operations in DIRECT mode, which allowed local users to cause a
     denial of service (BUG) by modifying a certain e_cpos field
     (bnc#1084831).
   - CVE-2017-16533: The usbhid_parse function in
     drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of
     service (out-of-bounds read and system crash) or possibly have
     unspecified other impact via a crafted USB device (bnc#1066674).

   The following non-security bugs were fixed:

   - acpi / processor: Fix the return value of acpi_processor_ids_walk()
     (bsc#1051510).
   - acpica: Reference Counts: increase max to 0x4000 for large servers
     (bsc#1108241).
   - alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760
     (bsc#1051510).
   - arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
   - arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
   - arm: exynos: Clear global variable on init error path (bsc#1051510).
   - arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
   - arm: hwmod: RTC: Do not assume lock/unlock will be called with irq
     enabled (bsc#1051510).
   - arm: mvebu: declare asm symbols as character arrays in pmsu.c
     (bsc#1051510).
   - ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
   - ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
   - ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
   - ASoC: rt5514: Fix the issue of the delay volume applied again
     (bsc#1051510).
   - ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
   - ASoC: wm8804: Add ACPI support (bsc#1051510).
   - Btrfs: fix file data corruption after cloning a range and fsync
     (bsc#1111901).
   - Btrfs: fix mount failure after fsync due to hard link recreation
     (bsc#1103543).
   - Btrfs: send, fix invalid access to commit roots due to concurrent
     snapshotting (bsc#1111904).
   - cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
   - Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch.
     (bsc#1110921)
   - Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
   - EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
   - EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
   - EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
   - EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
   - HID: add support for Apple Magic Keyboards (bsc#1051510).
   - HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
   - HID: hid-sensor-hub: Force logical minimum to 1 for power and report
     state (bsc#1051510).
   - HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
   - HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub
     report (bsc#1051510).
   - input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
   - input: atakbd - fix Atari keymap (bsc#1051510).
   - kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR
     path as unlikely() (bsc#1110006).
   - kvm: svm: Add MSR-based feature support for serializing LFENCE
     (bsc#1106240).
   - kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry
     (bsc#1106240).
   - kvm: vmx: raise internal error for exception during invalid protected
     mode state (bsc#1110006).
   - kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR
     (bsc#1106240).
   - kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
   - kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).
   - kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update
     (bsc#1110006).
   - kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in
     use (bsc#1110006).
   - kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled
     (bsc#1106240).
   - kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2
     (bsc#1110006).
   - kvm: vmx: track host_state.loaded using a loaded_vmcs pointer
     (bsc#1110006).
   - kvm: vmx: use local variable for current_vmptr when emulating VMPTRST
     (bsc#1110006).
   - kvm: x86: Add a framework for supporting MSR-based features
     (bsc#1106240).
   - kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
   - kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed
     (bsc#1110006).
   - kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
   - kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
   - kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).
   - kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
   - nfc: trf7970a: fix check of clock frequencies, use && instead of ||
     (bsc#1051510).
   - nfs: Avoid quadratic search when freeing delegations (bsc#1084760).
   - pci: Reprogram bridge prefetch registers on resume (bsc#1051510).
   - pci: dwc: Fix scheduling while atomic issues (git-fixes).
   - pci: hv: Do not wait forever on a device that has disappeared
     (bsc#1109806).
   - pm / Domains: Fix genpd to deal with drivers returning 1 from
     ->prepare() (bsc#1051510).
   - pm / core: Clear the direct_complete flag on errors (bsc#1051510).
   - pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
   - rdma/bnxt_re: Fix system crash during RDMA resource initialization
     (bsc#1086283).
   - Revert "Limit kernel-source build to architectures for which we build
     binaries" This reverts commit d6435125446d740016904abe30a60611549ae812.
   - Revert "cdc-acm: implement put_char() and flush_chars()" (bsc#1051510).
   - Revert "drm/amdgpu: Add an ATPX quirk for hybrid laptop" (bsc#1051510).
   - Revert "drm/i915/gvt: set max priority for gvt context" (bsc#1051510).
   - Revert "gpio: set up initial state from .get_direction()" (bsc#1051510).
   - Revert "iommu/io-pgtable: Avoid redundant TLB syncs" (bsc#1106237).
   - Revert "mwifiex: fix incorrect ht capability problem" (bsc#1051510).
   - Revert "mwifiex: handle race during mwifiex_usb_disconnect"
     (bsc#1051510).
   - Revert "pinctrl: sunxi: Do not enforce bias disable (for now)"
     (bsc#1051510).
   - Revert "slab: __GFP_ZERO is incompatible with a constructor"
     (bnc#1108828) This reverts commit
     de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have
     false possitives in the tree.
   - Revert "ubifs: xattr: Do not operate on deleted inodes" (bsc#1051510).
   - Squashfs: Compute expected length from inode size rather than block
     length (bsc#1051510).
   - usb: Add quirk to support DJI CineSSD (bsc#1051510).
   - usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB
     controller (bsc#1051510).
   - usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).
   - usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).
   - usb: remove LPM management from usb_driver_claim_interface()
     (bsc#1051510).
   - usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
   - usb: yurex: Check for truncation in yurex_read() (bsc#1051510).
   - usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
   - Use upstream version of pci-hyperv patch (35a88a1)
   - acpi, nfit: Add function to look up nvdimm device and provide SMBIOS
     handle (bsc#1099125).
   - aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
   - apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
   - apparmor: Fix failure to audit context info in build_change_hat
     (bsc#1051510).
   - apparmor: Fully initialize aa_perms struct when answering userspace
     query (bsc#1051510).
   - apparmor: fix mediation of prlimit (bsc#1051510).
   - apparmor: fix memory leak when deduping profile load (bsc#1051510).
   - apparmor: fix ptrace read check (bsc#1051510).
   - asix: Check for supported Wake-on-LAN modes (bsc#1051510).
   - ath10k: fix kernel panic issue during pci probe (bsc#1051510).
   - ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
   - ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
   - ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
   - audit: fix use-after-free in audit_add_watch (bsc#1051510).
   - batman-adv: Avoid probe ELP information leak (bsc#1051510).
   - batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
   - batman-adv: Fix segfault when writing to sysfs elp_interval
     (bsc#1051510).
   - batman-adv: Fix segfault when writing to throughput_override
     (bsc#1051510).
   - batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
   - batman-adv: Prevent duplicated global TT entry (bsc#1051510).
   - batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
   - batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
   - batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
   - batman-adv: fix backbone_gw refcount on queue_work() failure
     (bsc#1051510).
   - batman-adv: fix hardif_neigh refcount on queue_work() failure
     (bsc#1051510).
   - bdi: Fix another oops in wb_workfn() (bsc#1112746).
   - bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
   - be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
   - be2net: remove unused old AIC info (bsc#1086288).
   - be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
   - blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
   - blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers
     (bsc#1111819).
   - block, bfq: fix wrong init of saved start time for weight raising
     (bsc#1112708).
   - block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
   - block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
   - bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
   - bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
   - bpf/verifier: disallow pointer subtraction (bsc#1083647).
   - bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
   - btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes
     bsc#1109919).
   - btrfs: handle errors while updating refcounts in update_ref_for_cow
     (Git-fixes bsc#1109915).
   - cdc-acm: fix race between reset and control messaging (bsc#1051510).
   - ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
   - cfg80211: fix a type issue in ieee80211_chandef_to_operating_class()
     (bsc#1051510).
   - cifs: Fix use after free of a mid_q_entry (bsc#1112903).
   - cifs: fix memory leak in SMB2_open() (bsc#1112894).
   - cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
   - clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure
     (bsc#1051510).
   - clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399
     (bsc#1051510).
   - clk: tegra: bpmp: Do not crash when a clock fails to register
     (bsc#1051510).
   - clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
   - clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail
     (bsc#1051510).
   - clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for
     non-am43 SoCs (bsc#1051510).
   - clocksource/drivers/timer-atmel-pit: Properly handle error cases
     (bsc#1051510).
   - coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
   - cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
   - cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC
     (bnc#1108841).
   - crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
   - crypto: cavium/nitrox - fix for command corruption in queue full case
     with backlog submissions (bsc#1051510).
   - crypto: ccp - add timeout support in the SEV command (bsc#1106838).
   - crypto: chelsio - Fix memory corruption in DMA Mapped buffers
     (bsc#1051510).
   - crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
   - crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe()
     (bsc#1051510).
   - cxgb4: fix abort_req_rss6 struct (bsc#1046540).
   - cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
   - dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
   - debugobjects: Make stack check warning more informative (bsc#1051510).
   - declance: Fix continuation with the adapter identification message
     (bsc#1051510).
   - dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
   - drivers/base: stop new probing during shutdown (bsc#1051510).
   - drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
   - drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
   - drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
   - drm/amdgpu: Fix vce work queue was not cancelled when suspend
     (bsc#1106110)
   - drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
   - drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
   - drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
   - drm/amdgpu: add new polaris pci id (bsc#1051510).
   - drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk
     (bsc#1106110)
   - drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset
     v2" (bsc#1051510).
   - drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
   - drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
   - drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
   - drm/i915: Handle incomplete Z_FINISH for compressed error states
     (bsc#1100132)
   - drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from
     VBIOS (bsc#1051510).
   - drm/nouveau/debugfs: Wake up GPU before doing any reclocking
     (bsc#1051510).
   - drm/nouveau/disp: fix DP disable race (bsc#1051510).
   - drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on
     suspend/unload (bsc#1051510).
   - drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early
     (bsc#1051510).
   - drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in
     connector_detect() (bsc#1051510).
   - drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
   - drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
   - drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
   - drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
   - drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
   - drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
   - drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
   - e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
   - e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
   - eeprom: at24: change nvmem stride to 1 (bsc#1051510).
   - eeprom: at24: check at24_read/write arguments (bsc#1051510).
   - eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
   - efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32'
     definition for mixed mode (bsc#1110006).
   - enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
   - enic: handle mtu change for vf properly (bsc#1051510).
   - enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
   - ethtool: Remove trailing semicolon for static inline (bsc#1051510).
   - ethtool: fix a privilege escalation bug (bsc#1076830).
   - evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
   - ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
   - ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
   - ext4: avoid divide by zero fault when deleting corrupted inline
     directories (bsc#1112735).
   - ext4: check for NUL characters in extended attribute's name
     (bsc#1112732).
   - ext4: check to make sure the rename(2)'s destination is not freed
     (bsc#1112734).
   - ext4: do not mark mmp buffer head dirty (bsc#1112743).
   - ext4: fix online resize's handling of a too-small final block group
     (bsc#1112739).
   - ext4: fix online resizing for bigalloc file systems with a 1k block size
     (bsc#1112740).
   - ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
   - ext4: recalucate superblock checksum after updating free blocks/inodes
     (bsc#1112738).
   - ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
   - ext4: show test_dummy_encryption mount option in /proc/mounts
     (bsc#1112741).
   - fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
   - firmware, DMI: Add function to look up a handle and return DIMM size
     (bsc#1099125).
   - firmware: raspberrypi: Register hwmon driver (bsc#1108468).
   - floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl
     (bsc#1051510).
   - fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
   - fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
   - gpio: Fix crash due to registration race (bsc#1051510).
   - gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
   - gpio: mb86s70: Revert "Return error if requesting an already assigned
     gpio" (bsc#1051510).
   - gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall
     (bsc#1051510).
   - gpiolib: Free the last requested descriptor (bsc#1051510).
   - hfs: prevent crash on exit from failed search (bsc#1051510).
   - hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
   - hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
   - hv: avoid crash in vmbus sysfs files (bnc#1108377).
   - hv_netvsc: fix schedule in RCU context ().
   - hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
   - hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
   - hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
   - hwmon: Add support for RPi voltage sensor (bsc#1108468).
   - hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
   - hypfs_kill_super(): deal with failed allocations (bsc#1051510).
   - i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
   - i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
   - intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
   - iommu/amd: Clear memory encryption mask from physical address
     (bsc#1106105).
   - iommu/arm-smmu: Error out only if not enough context interrupts
     (bsc#1106237).
   - iommu/vt-d: Add definitions for PFSID (bsc#1106237).
   - iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
   - iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
   - ipmi:ssif: Add support for multi-part transmit messages > 2 parts
     (bsc#1103308).
   - ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
   - irq/core: Fix boot crash when the irqaffinity= boot parameter is passed
     on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
   - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a
     debug dump (bsc#1051510).
   - iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
   - iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
   - iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface
     (bsc#1051510).
   - iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
   - iwlwifi: mvm: send BCAST management frames to the right station
     (bsc#1051510).
   - iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value
     (bsc#1051510).
   - iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
   - jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
   - kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
   - kabi protect enum mem_type (bsc#1099125).
   - kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
   - kprobes/x86: Fix %p uses in error messages (bsc#1110006).
   - kprobes/x86: Prohibit probing on exception masking instructions
     (bsc#1110006).
   - ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM
     Functionality bsc#1111806).
   - kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
   - kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
   - kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
   - kvm: x86: Set highest physical address bits in non-present/reserved
     SPTEs (bsc#1106240).
   - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
   - kvmclock: fix TSC calibration for nested guests (bsc#1110006).
   - lib/bug.c: exclude non-BUG/WARN exceptions from report_bug()
     (bsc#1110006).
   - lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
   - lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
   - libertas: call into generic suspend code before turning off power
     (bsc#1051510).
   - liquidio: fix hang when re-binding VF host drv after running DPDK VF
     driver (bsc#1067126).
   - liquidio: fix kernel panic in VF driver (bsc#1067126).
   - loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
   - loop: do not call into filesystem while holding lo_ctl_mutex
     (bsc#1112710).
   - loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
   - mac80211: Fix station bandwidth setting after channel switch
     (bsc#1051510).
   - mac80211: Run TXQ teardown code before de-registering interfaces
     (bsc#1051510).
   - mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
   - mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
   - mac80211: do not convert to A-MSDU if frag/subframe limited
     (bsc#1051510).
   - mac80211: fix a race between restart and CSA flows (bsc#1051510).
   - mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys
     (bsc#1051510).
   - mac80211: mesh: fix HWMP sequence numbering to follow standard
     (bsc#1051510).
   - mac80211: minstrel: fix using short preamble CCK rates on HT clients
     (bsc#1051510).
   - mac80211: shorten the IBSS debug messages (bsc#1051510).
   - mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
   - mac80211_hwsim: require at least one channel (bsc#1051510).
   - mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
   - media: af9035: prevent buffer overflow on write (bsc#1051510).
   - media: davinci: vpif_display: Mix memory leak on probe error path
     (bsc#1051510).
   - media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
   - media: helene: fix xtal frequency setting at power on (bsc#1051510).
   - media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power
     (bsc#1051510).
   - media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new,
     copy_time} functions (bsc#1051510).
   - media: soc_camera: ov772x: correct setting of banding filter
     (bsc#1051510).
   - media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
   - media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
   - media: videobuf2-core: check for q->error in vb2_core_qbuf()
     (bsc#1051510).
   - mm/migrate: Use spin_trylock() while resetting rate limit ().
   - mm: /proc/pid/pagemap: hide swap entries from unprivileged users
     (Git-fixes bsc#1109907).
   - mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
   - mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal
     (bsc#1111841).
   - mmc: block: avoid multiblock reads for the last sector in SPI mode
     (bsc#1051510).
   - mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
   - net: add support for Cavium PTP coprocessor (bsc#1110096).
   - net: cavium: fix NULL pointer dereference in cavium_ptp_put
     (bsc#1110096).
   - net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
   - net: thunder: change q_len's type to handle max ring size (bsc#1110096).
   - net: thunderx: Set max queue count taking XDP_TX into account
     (bsc#1110096).
   - net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
   - net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
   - net: thunderx: add multicast filter management support (bsc#1110096).
   - net: thunderx: add ndo_set_rx_mode callback implementation for VF
     (bsc#1110096).
   - net: thunderx: add new messages for handle ndo_set_rx_mode callback
     (bsc#1110096).
   - net: thunderx: add timestamping support (bsc#1110096).
   - net: thunderx: add workqueue control structures for handle
     ndo_set_rx_mode request (bsc#1110096).
   - net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
   - net: thunderx: fix double free error (bsc#1110096).
   - net: thunderx: move filter register related macro into proper place
     (bsc#1110096).
   - net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode
     (bsc#1110096).
   - net: thunderx: remove a couple of redundant assignments (bsc#1110096).
   - net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
   - nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O
     (bsc#1107685).
   - objtool, kprobes/x86: Sync the latest <asm/insn.h> header with
     tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
   - orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
   - orangefs: initialize op on loop restart in orangefs_devreq_read
     (bsc#1051510).
   - orangefs: use list_for_each_entry_safe in purge_waiting_ops
     (bsc#1051510).
   - orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
   - ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
   - ovl: fix format of setxattr debug (git-fixes).
   - perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
   - perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr
     (bsc#1110006).
   - perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
   - perf/x86/intel/uncore: Correct fixed counter index check for NHM
     (bsc#1110006).
   - perf/x86/intel/uncore: Correct fixed counter index check in generic code
     (bsc#1110006).
   - perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
   - perf/x86/intel: Do not accidentally clear high bits in
     bdw_limit_period() (bsc#1110006).
   - perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
   - perf/x86/intel: Fix large period handling on Broadwell CPUs
     (bsc#1110006).
   - perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs
     (bsc#1110006).
   - perf/x86/intel: Properly save/restore the PMU state in the NMI handler
     (bsc#1110006).
   - perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver
     (bsc#1110006).
   - perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map()
     (bsc#1110006).
   - perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_*
     (bsc#1110006).
   - powerpc/firmware: Add definitions for new drc-info firmware feature
     (bsc#1109158).
   - powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
   - powerpc/powernv/ioda2: Reduce upper limit for DMA window size
     (bsc#1055120).
   - powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
   - powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
   - powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
   - powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
   - powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug
     (bsc#1079524, git-fixes).
   - powerpc/pseries: Fix duplicate firmware feature for DRC_INFO
     (bsc#1109158).
   - powerpc/rtas: Fix a potential race between CPU-Offline & Migration
     (bsc#1111870).
   - printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
   - printk: drop in_nmi check from printk_safe_flush_on_panic()
     (bsc#1112170).
   - proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
   - ptrace,x86: Make user_64bit_mode() available to 32-bit builds
     (bsc#1110006).
   - qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
   - qed: Avoid sending mailbox commands when MFW is not responsive
     (bsc#1050536).
   - qed: Do not add VLAN 0 tag to untagged frames in multi-function mode
     (bsc#1050536).
   - qed: Fix populating the invalid stag value in multi function mode
     (bsc#1050536).
   - qed: Fix shmem structure inconsistency between driver and the mfw
     (bsc#1110561).
   - qed: Prevent a possible deadlock during driver load and unload
     (bsc#1050536).
   - qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
   - qed: Wait for ready indication before rereading the shmem (bsc#1050536).
   - qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
   - qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface
     (bsc#1051510).
   - qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
   - qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
   - r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED
     (bsc#1051510).
   - rculist: Improve documentation for list_for_each_entry_from_rcu()
     (bsc#1084760).
   - rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
   - reiserfs: add check to detect corrupted directory entry (bsc#1109818).
   - reiserfs: do not panic on bad directory entries (bsc#1109818).
   - rename a hv patch to reduce conflicts in -AZURE
   - reorder a qedi patch to allow further work in this branch
   - rpc_pipefs: fix double-dput() (bsc#1051510).
   - rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
   - sched/numa: Limit the conditions where scan period is reset ().
   - scsi: core: Allow state transitions from OFFLINE to BLOCKED
     (bsc#1112246).
   - scsi: ipr: Eliminate duplicate barriers ().
   - scsi: ipr: Use dma_pool_zalloc() ().
   - scsi: ipr: fix incorrect indentation of assignment statement ().
   - scsi: libfc: check fc_frame_payload_get() return value for null
     (bsc#1104731).
   - scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
   - scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
   - scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
   - scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
   - scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
   - scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured
     (bsc#1108870).
   - scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
   - scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
   - scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
   - scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
   - scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
   - scsi: qla2xxx: Move log messages before issuing command to firmware
     (bsc#1108870).
   - scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
   - scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
   - scsi: target: prefer dbroot of /etc/target over /var/target
     (bsc#1111928).
   - selftests/x86: Add tests for User-Mode Instruction Prevention
     (bsc#1110006).
   - selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
   - serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
   - serial: cpm_uart: return immediately from console poll (bsc#1051510).
   - serial: imx: restore handshaking irq for imx1 (bsc#1051510).
   - series.conf: moved some Xen patches to the sorted region xen/blkfront:
     correct purging of persistent grants (bnc#1112514).
   - signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
   - smb2: fix missing files in root share directory listing (bsc#1112907).
   - smb3: fill in statfs fsid and correct namelen (bsc#1112905).
   - smb3: fix reset of bytes read and written stats (bsc#1112906).
   - smb3: on reconnect set PreviousSessionId field (bsc#1112899).
   - soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift()
     (bsc#1051510).
   - soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
   - sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
   - soreuseport: initialise timewait reuseport field (bsc#1051510).
   - sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
   - sound: enable interrupt after dma buffer initialization (bsc#1051510).
   - spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
   - spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
   - spi: sh-msiof: Fix handling of write value for SISTR register
     (bsc#1051510).
   - spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).
   - spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).
   - squashfs metadata 2: electric boogaloo (bsc#1051510).
   - squashfs: be more careful about metadata corruption (bsc#1051510).
   - squashfs: more metadata hardening (bsc#1051510).
   - squashfs: more metadata hardening (bsc#1051510).
   - stm: Potential read overflow in stm_char_policy_set_ioctl()
     (bsc#1051510).
   - supported.conf: added cavium_ptp
   - supported.conf: mark raspberrypi-hwmon as supported
   - switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
   - sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
   - target: log Data-Out timeouts as errors (bsc#1095805).
   - target: log NOP ping timeouts as errors (bsc#1095805).
   - target: split out helper for cxn timeout error stashing (bsc#1095805).
   - target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
   - target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
   - team: Forbid enslaving team device to itself (bsc#1051510).
   - thermal: of-thermal: disable passive polling when thermal zone is
     disabled (bsc#1051510).
   - tools/vm/page-types.c: fix "defined but not used" warning (bsc#1051510).
   - tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
   - tracing/x86/xen: Remove zero data size trace events
     trace_xen_mmu_flush_tlb{_all} (bsc#1110006).
   - tracing: Add barrier to trace_printk() buffer nesting modification
     (bsc#1112219).
   - tsl2550: fix lux1_input error in low light (bsc#1051510).
   - tty: Drop tty->count on tty_reopen() failure (bsc#1051510).
   - tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).
   - tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).
   - tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).
   - tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).
   - ubifs: Check for name being NULL while mounting (bsc#1051510).
   - udp: Unbreak modules that rely on external __skb_recv_udp() availability
     (bsc#1109151).
   - uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).
   - usb: Avoid use-after-free by flushing endpoints early in
     usb_set_interface() (bsc#1051510).
   - usb: cdc_acm: Do not leak URB buffers (bsc#1051510).
   - usb: dwc2: Turn on uframe_sched on "amlogic" platforms (bsc#1102881).
   - usb: dwc2: Turn on uframe_sched on "bcm" platforms (bsc#1102881).
   - usb: dwc2: Turn on uframe_sched on "his" platforms (bsc#1102881).
   - usb: dwc2: Turn on uframe_sched on "stm32f4x9_fsotg" platforms
     (bsc#1102881).
   - usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i]
     (bsc#1051510).
   - usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in
     u132_get_frame() (bsc#1051510).
   - usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).
   - usb: musb: dsps: do not disable CPPI41 irq in driver teardown
     (bsc#1051510).
   - usb: uas: add support for more quirk flags (bsc#1051510).
   - usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).
   - usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
   - userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access
     (bsc#1109739).
   - uwb: hwa-rc: fix memory leak at probe (bsc#1051510).
   - vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user
     page (bsc#1110006).
   - virtio: pci-legacy: Validate queue pfn (bsc#1051510).
   - vmbus: do not return values for uninitalized channels (bsc#1051510).
   - vti4: Do not count header length twice on tunnel setup (bsc#1051510).
   - vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
   - vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
   - x86-64/realmode: Add instruction suffix (bsc#1110006).
   - x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup
     to avoid even warning about statement without effect.
   - x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present
     (bsc#1110006).
   - x86/CPU: Add a microcode loader callback (bsc#1110006).
   - x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).
   - x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
   - x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr()
     (bsc#1110006).
   - x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush()
     (bsc#1110006).
   - x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush()
     (bsc#1110006).
   - x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond'
     (bsc#1110006).
   - x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).
   - x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).
   - x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).
   - x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read()
     (bsc#1110006).
   - x86/MCE: Remove min interval polling limitation (bsc#1110006).
   - x86/MCE: Report only DRAM ECC as memory errors on AMD systems
     (bsc#1110006).
   - x86/MCE: Serialize sysfs changes (bsc#1110006).
   - x86/acpi: Prevent X2APIC id 0xffffffff from being accounted
     (bsc#1110006).
   - x86/alternatives: Fixup alternative_call_2 (bsc#1110006).
   - x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic'
     specified (bsc#1110006).
   - x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h>
     (bsc#1110006).
   - x86/asm: Allow again using asm.h when building for the 'bpf' clang
     target (bsc#1110006).
   - x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).
   - x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).
   - x86/boot/compressed/64: Print error if 5-level paging is not supported
     (bsc#1110006).
   - x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).
   - x86/boot: Move EISA setup to a separate file (bsc#1110006).
   - x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).
   - x86/build: Beautify build log of syscall headers (bsc#1110006).
   - x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not
     (bsc#1110006).
   - x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).
   - x86/cpufeature: Add User-Mode Instruction Prevention definitions
     (bsc#1110006).
   - x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).
   - x86/cpufeatures: Add Intel Total Memory Encryption cpufeature
     (bsc#1110006).
   - x86/debug: Handle warnings before the notifier chain, to fix KGDB crash
     (bsc#1110006).
   - x86/decoder: Add new TEST instruction pattern (bsc#1110006).
   - x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y
     (bsc#1110006).
   - x86/eisa: Add missing include (bsc#1110006).
   - x86/entry/64: Add two more instruction suffixes (bsc#1110006).
   - x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).
   - x86/entry: Reduce the code footprint of the 'idtentry' macro
     (bsc#1110006).
   - x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt()
     (bsc#1110006).
   - x86/fpu/debug: Remove unused 'x86_fpu_state' and
     'x86_fpu_deactivate_state' tracepoints (bsc#1110006).
   - x86/fpu: Make XSAVE check the base CPUID features before enabling
     (bsc#1110006).
   - x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).
   - x86/fpu: Remove second definition of fpu in __fpu__restore_sig()
     (bsc#1110006).
   - x86/fpu: Remove the explicit clearing of XSAVE dependent features
     (bsc#1110006).
   - x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).
   - x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).
   - x86/intel_rdt: Fix incorrect returned value when creating rdgroup
     sub-directory in resctrl file system (bsc#1110006).
   - x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).
   - x86/intel_rdt: Fix potential deadlock during resctrl unmount
     (bsc#1110006).
   - x86/irq: Remove an old outdated comment about context tracking races
     (bsc#1110006).
   - x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
   - x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).
   - x86/kprobes: Fix kernel crash when probing .entry_trampoline code
     (bsc#1110006).
   - x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).
   - x86/mce/AMD: Get address from already initialized block (bsc#1110006).
   - x86/mce: Add notifier_block forward declaration (bsc#1110006).
   - x86/mce: Check for alternate indication of machine check recovery on
     Skylake (bsc#1110006).
   - x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).
   - x86/mce: Fix incorrect "Machine check from unknown source" message
     (bsc#1110006).
   - x86/microcode/intel: Check microcode revision before updating sibling
     threads (bsc#1110006).
   - x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).
   - x86/microcode/intel: Look into the patch cache first (bsc#1110006).
   - x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).
   - x86/microcode/intel: Writeback and invalidate caches before updating
     microcode (bsc#1110006).
   - x86/microcode: Allow late microcode loading with SMT disabled
     (bsc#1110006).
   - x86/microcode: Attempt late loading only when new microcode is present
     (bsc#1110006).
   - x86/microcode: Do not exit early from __reload_late() (bsc#1110006).
   - x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).
   - x86/microcode: Fix CPU synchronization routine (bsc#1110006).
   - x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).
   - x86/microcode: Make sure boot_cpu_data.microcode is up-to-date
     (bsc#1110006).
   - x86/microcode: Make the late update update_lock a raw lock for RT
     (bsc#1110006).
   - x86/microcode: Propagate return value from updating functions
     (bsc#1110006).
   - x86/microcode: Request microcode on the BSP (bsc#1110006).
   - x86/microcode: Synchronize late microcode loading (bsc#1110006).
   - x86/microcode: Update the new microcode revision unconditionally
     (bsc#1110006).
   - x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all()
     (bsc#1110006).
   - x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to
     'nr_pages' (bsc#1110006).
   - x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).
   - x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).
   - x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).
   - x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).
   - x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).
   - x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).
   - x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init
     (bsc#1110006).
   - x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead
     of this_cpu_has() in build_cr3_noflush() (bsc#1110006).
   - x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).
   - x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).
   - x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).
   - x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).
   - x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).
   - x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear
     (bsc#1110006).
   - x86/paravirt: Fix some warning messages (bnc#1065600).
   - x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).
   - x86/percpu: Fix this_cpu_read() (bsc#1110006).
   - x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).
   - x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).
   - x86/pti: Check the return value of pti_user_pagetable_walk_p4d()
     (bsc#1110006).
   - x86/pti: Check the return value of pti_user_pagetable_walk_pmd()
     (bsc#1110006).
   - x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).
   - x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).
   - x86/smp: fix non-SMP broken build due to redefinition of
     apic_id_is_primary_thread (bsc#1110006).
   - x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).
   - x86/spectre: Fix spelling mistake: "vunerable"-> "vulnerable"
     (bsc#1110006).
   - x86/speculation, objtool: Annotate indirect calls/jumps for objtool on
     32-bit kernels (bsc#1110006).
   - x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).
   - x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).
   - x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit
     (bsc#1105536).
   - x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).
   - x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).
   - x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).
   - x86/speculation/l1tf: Protect PAE swap entries against L1TF
     (bsc#1110006).
   - x86/speculation: Simplify sysfs report of VMX L1TF vulnerability
     (bsc#1110006).
   - x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
   - x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly
     across CPU hotplug operations (bsc#1110006).
   - x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).
   - x86/tsc: Allow TSC calibration without PIT (bsc#1110006).
   - x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).
   - x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
   - x86/vdso: Fix vDSO syscall fallback asm constraint regression
     (bsc#1110006).
   - x86/xen: Delay get_cpu_cap until stack canary is established
     (bsc#1110006).
   - x86/xen: Drop 5-level paging support code from the XEN_PV code
     (bsc#1110006).
   - x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).
   - x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).
   - x86: Add check for APIC access address for vmentry of L2 guests
     (bsc#1110006).
   - x86: Call fixup_exception() before notify_die() in math_error()
     (bsc#1110006).
   - x86: Delay skip of emulated hypercall instruction (bsc#1110006).
   - x86: PM: Make APM idle driver initialize polling state (bsc#1110006).
   - x86: i8259: Add missing include file (bsc#1110006).
   - x86: kvm: avoid unused variable warning (bsc#1110006).
   - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent
     (bnc#1065600).
   - xen/PVH: Set up GS segment for stack canary (bsc#1110006).
   - xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap()
     (bnc#1065600).
   - xen/x86/vpmu: Zero struct pt_regs before calling into sample handling
     code (bsc#1110006).
   - xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests
     (bsc#1110006).
   - xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
   - xfrm: use complete IPv6 addresses for hash (bsc#1109330).
   - xfs: do not fail when converting shortform attr to long form during
     ATTR_REPLACE (bsc#1105025).
   - xhci: Add missing CAS workaround for Intel Sunrise Point xHCI
     (bsc#1051510).
   - xhci: Do not print a warning when setting link state for disabled ports
     (bsc#1051510).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Live Patching 15:

      zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2018-2547=1



Package List:

   - SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):

      kernel-default-debuginfo-4.12.14-25.25.1
      kernel-default-debugsource-4.12.14-25.25.1
      kernel-default-livepatch-4.12.14-25.25.1
      kernel-livepatch-4_12_14-25_25-default-1-1.3.1
      kernel-livepatch-4_12_14-25_25-default-debuginfo-1-1.3.1


References:

   https://www.suse.com/security/cve/CVE-2017-16533.html
   https://www.suse.com/security/cve/CVE-2017-18224.html
   https://www.suse.com/security/cve/CVE-2018-18386.html
   https://www.suse.com/security/cve/CVE-2018-18445.html
   https://bugzilla.suse.com/1046540
   https://bugzilla.suse.com/1050319
   https://bugzilla.suse.com/1050536
   https://bugzilla.suse.com/1050540
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1055120
   https://bugzilla.suse.com/1065600
   https://bugzilla.suse.com/1066674
   https://bugzilla.suse.com/1067126
   https://bugzilla.suse.com/1067906
   https://bugzilla.suse.com/1076830
   https://bugzilla.suse.com/1079524
   https://bugzilla.suse.com/1083647
   https://bugzilla.suse.com/1084760
   https://bugzilla.suse.com/1084831
   https://bugzilla.suse.com/1086283
   https://bugzilla.suse.com/1086288
   https://bugzilla.suse.com/1094825
   https://bugzilla.suse.com/1095805
   https://bugzilla.suse.com/1099125
   https://bugzilla.suse.com/1100132
   https://bugzilla.suse.com/1102881
   https://bugzilla.suse.com/1103308
   https://bugzilla.suse.com/1103543
   https://bugzilla.suse.com/1104731
   https://bugzilla.suse.com/1105025
   https://bugzilla.suse.com/1105536
   https://bugzilla.suse.com/1106105
   https://bugzilla.suse.com/1106110
   https://bugzilla.suse.com/1106237
   https://bugzilla.suse.com/1106240
   https://bugzilla.suse.com/1106838
   https://bugzilla.suse.com/1107685
   https://bugzilla.suse.com/1108241
   https://bugzilla.suse.com/1108377
   https://bugzilla.suse.com/1108468
   https://bugzilla.suse.com/1108828
   https://bugzilla.suse.com/1108841
   https://bugzilla.suse.com/1108870
   https://bugzilla.suse.com/1109151
   https://bugzilla.suse.com/1109158
   https://bugzilla.suse.com/1109217
   https://bugzilla.suse.com/1109330
   https://bugzilla.suse.com/1109739
   https://bugzilla.suse.com/1109784
   https://bugzilla.suse.com/1109806
   https://bugzilla.suse.com/1109818
   https://bugzilla.suse.com/1109907
   https://bugzilla.suse.com/1109911
   https://bugzilla.suse.com/1109915
   https://bugzilla.suse.com/1109919
   https://bugzilla.suse.com/1109951
   https://bugzilla.suse.com/1110006
   https://bugzilla.suse.com/1110096
   https://bugzilla.suse.com/1110538
   https://bugzilla.suse.com/1110561
   https://bugzilla.suse.com/1110921
   https://bugzilla.suse.com/1111028
   https://bugzilla.suse.com/1111076
   https://bugzilla.suse.com/1111506
   https://bugzilla.suse.com/1111806
   https://bugzilla.suse.com/1111819
   https://bugzilla.suse.com/1111830
   https://bugzilla.suse.com/1111834
   https://bugzilla.suse.com/1111841
   https://bugzilla.suse.com/1111870
   https://bugzilla.suse.com/1111901
   https://bugzilla.suse.com/1111904
   https://bugzilla.suse.com/1111928
   https://bugzilla.suse.com/1111983
   https://bugzilla.suse.com/1112170
   https://bugzilla.suse.com/1112173
   https://bugzilla.suse.com/1112208
   https://bugzilla.suse.com/1112219
   https://bugzilla.suse.com/1112221
   https://bugzilla.suse.com/1112246
   https://bugzilla.suse.com/1112372
   https://bugzilla.suse.com/1112514
   https://bugzilla.suse.com/1112554
   https://bugzilla.suse.com/1112708
   https://bugzilla.suse.com/1112710
   https://bugzilla.suse.com/1112711
   https://bugzilla.suse.com/1112712
   https://bugzilla.suse.com/1112713
   https://bugzilla.suse.com/1112731
   https://bugzilla.suse.com/1112732
   https://bugzilla.suse.com/1112733
   https://bugzilla.suse.com/1112734
   https://bugzilla.suse.com/1112735
   https://bugzilla.suse.com/1112736
   https://bugzilla.suse.com/1112738
   https://bugzilla.suse.com/1112739
   https://bugzilla.suse.com/1112740
   https://bugzilla.suse.com/1112741
   https://bugzilla.suse.com/1112743
   https://bugzilla.suse.com/1112745
   https://bugzilla.suse.com/1112746
   https://bugzilla.suse.com/1112894
   https://bugzilla.suse.com/1112899
   https://bugzilla.suse.com/1112902
   https://bugzilla.suse.com/1112903
   https://bugzilla.suse.com/1112905
   https://bugzilla.suse.com/1112906
   https://bugzilla.suse.com/1112907
   https://bugzilla.suse.com/1113257
   https://bugzilla.suse.com/1113284



More information about the sle-security-updates mailing list