SUSE-SU-2019:1240-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed May 15 01:09:48 MDT 2019


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:1240-1
Rating:             important
References:         #1050549 #1051510 #1052904 #1053043 #1055117 
                    #1055121 #1061840 #1065600 #1065729 #1070872 
                    #1078216 #1082555 #1083647 #1085535 #1085536 
                    #1088804 #1093777 #1094120 #1094244 #1097583 
                    #1097584 #1097585 #1097586 #1097587 #1097588 
                    #1100132 #1103186 #1103259 #1107937 #1111331 
                    #1112128 #1112178 #1113399 #1113722 #1114279 
                    #1114542 #1114638 #1119086 #1119680 #1120318 
                    #1120902 #1122767 #1123105 #1125342 #1126221 
                    #1126356 #1126704 #1126740 #1127175 #1127371 
                    #1127372 #1127374 #1127378 #1127445 #1128415 
                    #1128544 #1129276 #1129770 #1130130 #1130154 
                    #1130195 #1130335 #1130336 #1130337 #1130338 
                    #1130425 #1130427 #1130518 #1130527 #1130567 
                    #1131062 #1131107 #1131167 #1131168 #1131169 
                    #1131170 #1131171 #1131172 #1131173 #1131174 
                    #1131175 #1131176 #1131177 #1131178 #1131179 
                    #1131180 #1131290 #1131335 #1131336 #1131416 
                    #1131427 #1131442 #1131467 #1131574 #1131587 
                    #1131659 #1131673 #1131847 #1131848 #1131851 
                    #1131900 #1131934 #1131935 #1132083 #1132219 
                    #1132226 #1132227 #1132365 #1132368 #1132369 
                    #1132370 #1132372 #1132373 #1132384 #1132397 
                    #1132402 #1132403 #1132404 #1132405 #1132407 
                    #1132411 #1132412 #1132413 #1132414 #1132426 
                    #1132527 #1132531 #1132555 #1132558 #1132561 
                    #1132562 #1132563 #1132564 #1132570 #1132571 
                    #1132572 #1132589 #1132618 #1132681 #1132726 
                    #1132828 #1132943 #1133005 #1133094 #1133095 
                    #1133115 #1133149 #1133486 #1133529 #1133584 
                    #1133667 #1133668 #1133672 #1133674 #1133675 
                    #1133698 #1133702 #1133731 #1133769 #1133772 
                    #1133774 #1133778 #1133779 #1133780 #1133825 
                    #1133850 #1133851 #1133852 
Cross-References:   CVE-2018-12126 CVE-2018-12127 CVE-2018-12130
                    CVE-2018-16880 CVE-2019-11091 CVE-2019-3882
                    CVE-2019-9003 CVE-2019-9500 CVE-2019-9503
                   
Affected Products:
                    SUSE Linux Enterprise Module for Public Cloud 15
______________________________________________________________________________

   An update that solves 9 vulnerabilities and has 159 fixes
   is now available.

Description:



   The SUSE Linux Enterprise 15 for Azure kernel was updated to receive
   various security and bugfixes.

   Four new speculative execution issues have been identified in Intel CPUs.
   (bsc#1111331)

   - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
   - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
   - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
   - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
     (MDSUM)

   This kernel update contains software mitigations, utilizing CPU microcode
   updates shipped in parallel.

   For more information on this set of information leaks, check out
   https://www.suse.com/support/kb/doc/?id=7023736


   The following security bugs were fixed:

   - CVE-2019-9003: Attackers can trigger a
     drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging
     for certain simultaneous execution of the code, as demonstrated by a
     "service ipmievd restart" loop (bnc#1126704).
   - CVE-2018-16880: A flaw was found in the handle_rx() function in the
     [vhost_net] driver. A malicious virtual guest, under specific
     conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a
     virtual host which may lead to a kernel memory corruption and a system
     panic. Due to the nature of the flaw, privilege escalation cannot be
     fully ruled out. (bnc#1122767).
   - CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results
     was fixed. (bnc#1132681).
   - CVE-2019-9503: A brcmfmac frame validation bypass was fixed.
     (bnc#1132828).
   - CVE-2019-3882: A flaw was found in the vfio interface implementation
     that permits violation of the user's locked memory limit. If a device is
     bound to a vfio driver, such as vfio-pci, and the local attacker is
     administratively granted ownership of the device, it may cause a system
     memory exhaustion and thus a denial of service (DoS). (bnc#1131416
     bnc#1131427).

   The following non-security bugs were fixed:

   - 9p: do not trust pdu content for stat item size (bsc#1051510).
   - acpi: acpi_pad: Do not launch acpi_pad threads on idle cpus
     (bsc#1113399).
   - acpi, nfit: Prefer _DSM over _LSR for namespace label reads
     (bsc#1132426).
   - acpi / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510).
   - alsa: core: Fix card races between register and disconnect (bsc#1051510).
   - alsa: echoaudio: add a check for ioremap_nocache (bsc#1051510).
   - alsa: firewire: add const qualifier to identifiers for read-only symbols
     (bsc#1051510).
   - alsa: firewire-motu: add a flag for AES/EBU on XLR interface
     (bsc#1051510).
   - alsa: firewire-motu: add specification flag for position of flag for
     MIDI messages (bsc#1051510).
   - alsa: firewire-motu: add support for MOTU Audio Express (bsc#1051510).
   - alsa: firewire-motu: add support for Motu Traveler (bsc#1051510).
   - alsa: firewire-motu: use 'version' field of unit directory to identify
     model (bsc#1051510).
   - alsa: hda - add Lenovo IdeaCentre B550 to the power_save_blacklist
     (bsc#1051510).
   - alsa: hda - Add two more machines to the power_save_blacklist
     (bsc#1051510).
   - alsa: hda - Enforces runtime_resume after S3 and S4 for each codec
     (bsc#1051510).
   - alsa: hda: Initialize power_state field properly (bsc#1051510).
   - alsa: hda/realtek - Add quirk for Tuxedo XC 1509 (bsc#1131442).
   - alsa: hda/realtek - Add support for Acer Aspire E5-523G/ES1-432 headset
     mic (bsc#1051510).
   - alsa: hda/realtek - Add support headset mode for DELL WYSE AIO
     (bsc#1051510).
   - alsa: hda/realtek - Add support headset mode for New DELL WYSE NB
     (bsc#1051510).
   - alsa: hda/realtek - add two more pin configuration sets to quirk table
     (bsc#1051510).
   - alsa: hda/realtek: Enable ASUS X441MB and X705FD headset MIC with ALC256
     (bsc#1051510).
   - alsa: hda/realtek: Enable headset MIC of Acer AIO with ALC286
     (bsc#1051510).
   - alsa: hda/realtek: Enable headset MIC of Acer Aspire Z24-890 with ALC286
     (bsc#1051510).
   - alsa: hda/realtek: Enable headset mic of ASUS P5440FF with ALC256
     (bsc#1051510).
   - alsa: hda - Record the current power state before suspend/resume calls
     (bsc#1051510).
   - alsa: info: Fix racy addition/deletion of nodes (bsc#1051510).
   - alsa: opl3: fix mismatch between snd_opl3_drum_switch definition and
     declaration (bsc#1051510).
   - alsa: PCM: check if ops are defined before suspending PCM (bsc#1051510).
   - alsa: pcm: Do not suspend stream in unrecoverable PCM state
     (bsc#1051510).
   - alsa: pcm: Fix possible OOB access in PCM oss plugins (bsc#1051510).
   - alsa: rawmidi: Fix potential Spectre v1 vulnerability (bsc#1051510).
   - alsa: sb8: add a check for request_region (bsc#1051510).
   - alsa: seq: Fix OOB-reads from strlcpy (bsc#1051510).
   - alsa: seq: oss: Fix Spectre v1 vulnerability (bsc#1051510).
   - ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe
     (bsc#1051510).
   - ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510).
   - ASoC: topology: free created components in tplg load error (bsc#1051510).
   - assume flash part size to be 4MB, if it can't be determined
     (bsc#1127371).
   - ath10k: avoid possible string overflow (bsc#1051510).
   - auxdisplay: hd44780: Fix memory leak on ->remove() (bsc#1051510).
   - auxdisplay: ht16k33: fix potential user-after-free on module unload
     (bsc#1051510).
   - batman-adv: Reduce claim hash refcnt only for removed entry
     (bsc#1051510).
   - batman-adv: Reduce tt_global hash refcnt only for removed entry
     (bsc#1051510).
   - batman-adv: Reduce tt_local hash refcnt only for removed entry
     (bsc#1051510).
   - bcm2835: MMC issues (bsc#1070872).
   - blkcg: Introduce blkg_root_lookup() (bsc#1131673).
   - blkcg: Make blkg_root_lookup() work for queues in bypass mode
     (bsc#1131673).
   - blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues
     (bsc#1131673).
   - blk-mq: Avoid that submitting a bio concurrently with device removal
     triggers a crash (bsc#1131673).
   - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs
     (bsc#1131673).
   - blk-mq: fallback to previous nr_hw_queues when updating fails
     (bsc#1131673).
   - blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673).
   - blk-mq: realloc hctx when hw queue is mapped to another node
     (bsc#1131673).
   - blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
     (bsc#1131673).
   - block: Ensure that a request queue is dissociated from the cgroup
     controller (bsc#1131673).
   - block: Fix a race between request queue removal and the block cgroup
     controller (bsc#1131673).
   - block: Introduce blk_exit_queue() (bsc#1131673).
   - block: kABI fixes for bio_rewind_iter() removal (bsc#1131673).
   - block: remove bio_rewind_iter() (bsc#1131673).
   - Bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510).
   - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt
     (bsc#1051510).
   - Bluetooth: Fix decrementing reference count twice in releasing socket
     (bsc#1051510).
   - Bluetooth: hci_ldisc: Initialize hci_dev before open() (bsc#1051510).
   - Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in
     hci_uart_set_proto() (bsc#1051510).
   - Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf()
     (bsc#1133731).
   - bnxt_en: Drop oversize TX packets to prevent errors
     (networking-stable-19_03_07).
   - bonding: fix PACKET_ORIGDEV regression (git-fixes).
   - bpf: fix use after free in bpf_evict_inode (bsc#1083647).
   - btrfs: Avoid possible qgroup_rsv_size overflow in
     btrfs_calculate_inode_block_rsv_size (git-fixes).
   - btrfs: check for refs on snapshot delete resume (bsc#1131335).
   - Btrfs: fix assertion failure on fsync with NO_HOLES enabled
     (bsc#1131848).
   - btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes).
   - Btrfs: fix deadlock between clone/dedupe and rename (bsc#1130518).
   - Btrfs: fix incorrect file size after shrinking truncate and fsync
     (bsc#1130195).
   - btrfs: remove WARN_ON in log_dir_items (bsc#1131847).
   - btrfs: save drop_progress if we drop refs at all (bsc#1131336).
   - cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510).
   - cgroup: fix parsing empty mount option string (bsc#1133094).
   - cifs: allow guest mounts to work for smb3.11 (bsc#1051510).
   - cifs: Do not count -ENODATA as failure for query directory (bsc#1051510).
   - cifs: do not dereference smb_file_target before null check (bsc#1051510).
   - cifs: Do not hide EINTR after sending network packets (bsc#1051510).
   - cifs: Do not reconnect TCP session in add_credits() (bsc#1051510).
   - cifs: Do not reset lease state to NONE on lease break (bsc#1051510).
   - cifs: Fix adjustment of credits for MTU requests (bsc#1051510).
   - cifs: Fix credit calculation for encrypted reads with errors
     (bsc#1051510).
   - cifs: Fix credits calculations for reads with errors (bsc#1051510).
   - cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542).
   - cifs: Fix possible hang during async MTU reads and writes (bsc#1051510).
   - cifs: Fix potential OOB access of lock element array (bsc#1051510).
   - cifs: Fix read after write for files with read caching (bsc#1051510).
   - clk: clk-twl6040: Fix imprecise external abort for pdmclk (bsc#1051510).
   - clk: fractional-divider: check parent rate only if flag is set
     (bsc#1051510).
   - clk: ingenic: Fix doc of ingenic_cgu_div_info (bsc#1051510).
   - clk: ingenic: Fix round_rate misbehaving with non-integer dividers
     (bsc#1051510).
   - clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510).
   - clk: sunxi-ng: v3s: Fix TCON reset de-assert bit (bsc#1051510).
   - clk: vc5: Abort clock configuration without upstream clock (bsc#1051510).
   - clk: x86: Add system specific quirk to mark clocks as critical
     (bsc#1051510).
   - clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown
     (bsc#1051510).
   - clocksource/drivers/exynos_mct: Move one-shot check from tick clear to
     ISR (bsc#1051510).
   - cpcap-charger: generate events for userspace (bsc#1051510).
   - cpufreq: pxa2xx: remove incorrect __init annotation (bsc#1051510).
   - cpufreq: tegra124: add missing of_node_put() (bsc#1051510).
   - cpupowerutils: bench - Fix cpu online check (bsc#1051510).
   - cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178).
   - crypto: caam - add missing put_device() call (bsc#1129770).
   - crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510).
   - crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510).
   - crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510).
   - crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510).
   - crypto: x86/poly1305 - fix overflow during partial reduction
     (bsc#1051510).
   - cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick
     (bsc#1127371).
   - cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371).
   - cxgb4: Add flag tc_flower_initialized (bsc#1127371).
   - cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371).
   - cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371).
   - cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371).
   - cxgb4: add per rx-queue counter for packet errors (bsc#1127371).
   - cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371).
   - cxgb4: add support to display DCB info (bsc#1127371).
   - cxgb4: Add support to read actual provisioned resources (bsc#1127371).
   - cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371).
   - cxgb4: collect hardware queue descriptors (bsc#1127371).
   - cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371).
   - cxgb4: convert flower table to use rhashtable (bsc#1127371).
   - cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability
     (bsc#1127371).
   - cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371).
   - cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374).
   - cxgb4/cxgb4vf: Link management changes (bsc#1127371).
   - cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac()
     (bsc#1127371).
   - cxgb4: display number of rx and tx pages free (bsc#1127371).
   - cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371).
   - cxgb4: Export sge_host_page_size to ulds (bsc#1127371).
   - cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371).
   - cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371).
   - cxgb4: Mask out interrupts that are not enabled (bsc#1127175).
   - cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371).
   - cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm
     (bsc#1127371).
   - cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371).
   - cxgb4: remove the unneeded locks (bsc#1127371).
   - cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371).
   - cxgb4: Support ethtool private flags (bsc#1127371).
   - cxgb4: update supported DCB version (bsc#1127371).
   - cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371).
   - cxgb4vf: Few more link management changes (bsc#1127374).
   - cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374).
   - cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374).
   - device_cgroup: fix RCU imbalance in error case (bsc#1051510).
   - device property: Fix the length used in PROPERTY_ENTRY_STRING()
     (bsc#1051510).
   - Disable kgdboc failed by echo space to
     /sys/module/kgdboc/parameters/kgdboc (bsc#1051510).
   - dmaengine: imx-dma: fix warning comparison of distinct pointer types
     (bsc#1051510).
   - dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510).
   - dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid
     (bsc#1051510).
   - dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510).
   - dm: disable DISCARD if the underlying storage no longer supports it
     (bsc#1114638).
   - Drivers: hv: vmbus: Offload the handling of channels to two workqueues
     (bsc#1130567).
   - Drivers: hv: vmbus: Offload the handling of channels to two workqueues
     (bsc#1130567).
   - Drivers: hv: vmbus: Reset the channel callback in
     vmbus_onoffer_rescind() (bsc#1130567).
   - drm: Auto-set allow_fb_modifiers when given modifiers at plane init
     (bsc#1051510).
   - drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs
     (bsc#1113722)
   - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers
     (bsc#1051510).
   - drm/i915/bios: assume eDP is present on port A when there is no VBT
     (bsc#1051510).
   - drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722)
   - drm/i915/gvt: Annotate iomem usage (bsc#1051510).
   - drm/i915/gvt: do not deliver a workload if its creation fails
     (bsc#1051510).
   - drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722)
   - drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check
     (bsc#1051510).
   - drm/i915: Relax mmap VMA check (bsc#1051510).
   - drm/imx: ignore plane updates on disabled crtcs (bsc#1051510).
   - drm/imx: imx-ldb: add missing of_node_puts (bsc#1051510).
   - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata()
     (bsc#1113722)
   - drm/meson: Fix invalid pointer in meson_drv_unbind() (bsc#1051510).
   - drm/meson: Uninstall IRQ handler (bsc#1051510).
   - drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure
     (bsc#1051510).
   - drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510).
   - drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510).
   - drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722)
   - drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind
     (bsc#1113722)
   - drm/sun4i: Fix component unbinding and component master deletion
     (bsc#1113722)
   - drm/sun4i: Set device driver data at bind time for use in unbind
     (bsc#1113722)
   - drm/sun4i: Unbind components before releasing DRM and memory
     (bsc#1113722)
   - drm/udl: add a release method and delay modeset teardown (bsc#1085536)
   - drm/vc4: Fix memory leak during gpu reset. (bsc#1113722)
   - dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit
     (networking-stable-19_02_20).
   - e1000e: fix cyclic resets at link up with active tx (bsc#1051510).
   - e1000e: Fix -Wformat-truncation warnings (bsc#1051510).
   - ext2: Fix underflow in ext2_max_size() (bsc#1131174).
   - ext4: add mask of ext4 flags to swap (bsc#1131170).
   - ext4: add missing brelse() in add_new_gdb_meta_bg() (bsc#1131176).
   - ext4: Avoid panic during forced reboot (bsc#1126356).
   - ext4: brelse all indirect buffer in ext4_ind_remove_space()
     (bsc#1131173).
   - ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851).
   - ext4: cleanup pagecache before swap i_data (bsc#1131178).
   - ext4: fix check of inode in swap_inode_boot_loader (bsc#1131177).
   - ext4: fix data corruption caused by unaligned direct AIO (bsc#1131172).
   - ext4: fix EXT4_IOC_SWAP_BOOT (bsc#1131180).
   - ext4: fix NULL pointer dereference while journal is aborted
     (bsc#1131171).
   - ext4: update quota information while swapping boot loader inode
     (bsc#1131179).
   - fbdev: fbmem: fix memory access if logo is bigger than the screen
     (bsc#1051510).
   - fix cgroup_do_mount() handling of failure exits (bsc#1133095).
   - Fix kabi after "md: batch flush requests." (bsc#1119680).
   - fm10k: Fix a potential NULL pointer dereference (bsc#1051510).
   - fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range()
     (bsc#1132384, bsc#1132219).
   - fs/dax: deposit pagetable even when installing zero page (bsc#1126740).
   - fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes).
   - futex: Cure exit race (bsc#1050549).
   - futex: Ensure that futex address is aligned in handle_futex_death()
     (bsc#1050549).
   - futex: Handle early deadlock return correctly (bsc#1050549).
   - gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input
     (bsc#1051510).
   - gpio: gpio-omap: fix level interrupt idling (bsc#1051510).
   - gpio: of: Fix of_gpiochip_add() error path (bsc#1051510).
   - gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes).
   - hid: i2c-hid: Ignore input report if there's no data present on Elan
     touchpanels (bsc#1133486).
   - hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510).
   - hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR
     busy_clear bit (bsc#1051510).
   - hv_netvsc: Fix IP header checksum for coalesced packets
     (networking-stable-19_03_07).
   - hv: reduce storvsc_ringbuffer_size from 1M to 128K to simplify booting
     with 1k vcpus ().
   - hv: reduce storvsc_ringbuffer_size from 1M to 128K to simplify  booting
     with 1k vcpus (fate#323887).
   - hwrng: virtio - Avoid repeated init of completion (bsc#1051510).
   - i2c: tegra: fix maximum transfer size (bsc#1051510).
   - ibmvnic: Enable GRO (bsc#1132227).
   - ibmvnic: Fix completion structure initialization (bsc#1131659).
   - ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227).
   - iio: adc: at91: disable adc channel interrupt in timeout case
     (bsc#1051510).
   - iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510).
   - iio: ad_sigma_delta: select channel when reading register (bsc#1051510).
   - iio: core: fix a possible circular locking dependency (bsc#1051510).
   - iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510).
   - iio: dac: mcp4725: add missing powerdown bits in store eeprom
     (bsc#1051510).
   - iio: Fix scan mask selection (bsc#1051510).
   - iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510).
   - iio: gyro: mpu3050: fix chip ID reading (bsc#1051510).
   - input: cap11xx - switch to using set_brightness_blocking() (bsc#1051510).
   - input: matrix_keypad - use flush_delayed_work() (bsc#1051510).
   - input: snvs_pwrkey - initialize necessary driver data before enabling
     IRQ (bsc#1051510).
   - input: st-keyscan - fix potential zalloc NULL dereference (bsc#1051510).
   - input: synaptics-rmi4 - write config register values to the right offset
     (bsc#1051510).
   - input: uinput - fix undefined behavior in uinput_validate_absinfo()
     (bsc#1120902).
   - intel_idle: add support for Jacobsville (jsc#SLE-5394).
   - io: accel: kxcjk1013: restore the range after resume (bsc#1051510).
   - iommu/amd: Fix NULL dereference bug in match_hid_uid (bsc#1130336).
   - iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE
     (bsc#1130337).
   - iommu/amd: Reserve exclusion range in iova-domain (bsc#1130425).
   - iommu/amd: Set exclusion range correctly (bsc#1130425).
   - iommu: Do not print warning when IOMMU driver only supports unmanaged
     domains (bsc#1130130).
   - iommu/vt-d: Check capability before disabling protected memory
     (bsc#1130338).
   - ip6: fix PMTU discovery when using /127 subnets (git-fixes).
   - ip6mr: Do not call __IP6_INC_STATS() from preemptible context
     (git-fixes).
   - ip6_tunnel: fix ip6 tunnel lookup in collect_md mode (git-fixes).
   - ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07).
   - ipv4/route: fail early when inet dev is missing (git-fixes).
   - ipv6: Fix dangling pointer when ipv6 fragment (git-fixes).
   - ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24).
   - ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07).
   - ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes).
   - ipvlan: disallow userns cap_net_admin to change global mode/flags
     (networking-stable-19_03_15).
   - ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes).
   - irqchip/gic-v3-its: Avoid parsing _indirect_ twice for Device table
     (bsc#1051510).
   - irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable
     (bsc#1051510).
   - iscsi_ibft: Fix missing break in switch statement (bsc#1051510).
   - iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371).
   - iwiwifi: fix bad monitor buffer register addresses (bsc#1129770).
   - iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770).
   - iwlwifi: mvm: fix firmware statistics usage (bsc#1129770).
   - jbd2: clear dirty flag when revoking a buffer from an older transaction
     (bsc#1131167).
   - jbd2: fix compile warning when using JBUFFER_TRACE (bsc#1131168).
   - kABI: restore icmp_send (kabi).
   - kabi/severities: add cxgb4 and cxgb4vf shared data to the whitelis
     (bsc#1127372)
   - kasan: fix shadow_size calculation error in kasan_module_alloc
     (bsc#1051510).
   - kbuild: fix false positive warning/error about missing libelf
     (bsc#1051510).
   - kbuild: modversions: Fix relative CRC byte order interpretation
     (bsc#1131290).
   - kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729).
   - kcm: switch order of device registration to fix a crash (bnc#1130527).
   - kernfs: do not set dentry->d_fsdata (boo#1133115).
   - keys: always initialize keyring_index_key::desc_len (bsc#1051510).
   - keys: user: Align the payload buffer (bsc#1051510).
   - kvm: Call kvm_arch_memslots_updated() before updating memslots
     (bsc#1132563).
   - kvm: Fix kABI for AMD SMAP Errata workaround (bsc#1133149).
   - kvm: nVMX: Apply addr size mask to effective address for VMX
     instructions (bsc#1132561).
   - kvm: nVMX: Ignore limit checks on VMX instructions using flat segments
     (bsc#1132564).
   - kvm: nVMX: Sign extend displacements of VMX instr's mem operands
     (bsc#1132562).
   - kvm: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode
     switch (bsc#1061840).
   - kvm: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation)
     (bsc#1133149).
   - kvm: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run
     (bsc#1132555).
   - kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279).
   - kvm: x86/mmu: Detect MMIO generation wrap in any address space
     (bsc#1132570).
   - kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux
     (bsc#1132571).
   - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331).
   - leds: pca9532: fix a potential NULL pointer dereference (bsc#1051510).
   - libceph: wait for latest osdmap in ceph_monc_blacklist_add()
     (bsc#1130427).
   - libertas_tf: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
   - lightnvm: if LUNs are already allocated fix return (bsc#1085535).
   - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to
     a new <linux/bits.h> file (bsc#1111331).
   - mac80211: do not call driver wake_tx_queue op during reconfig
     (bsc#1051510).
   - mac80211: Fix Tx aggregation session tear down with ITXQs (bsc#1051510).
   - mac80211_hwsim: propagate genlmsg_reply return code (bsc#1051510).
   - md: batch flush requests (bsc#1119680).
   - md: Fix failed allocation of md_register_thread (git-fixes).
   - md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes).
   - md/raid5: fix 'out of memory' during raid cache recovery (git-fixes).
   - media: mt9m111: set initial frame size other than 0x0 (bsc#1051510).
   - media: mtk-jpeg: Correct return type for mem2mem buffer helpers
     (bsc#1051510).
   - media: mx2_emmaprp: Correct return type for mem2mem buffer helpers
     (bsc#1051510).
   - media: rc: mce_kbd decoder: fix stuck keys (bsc#1100132).
   - media: s5p-g2d: Correct return type for mem2mem buffer helpers
     (bsc#1051510).
   - media: s5p-jpeg: Correct return type for mem2mem buffer helpers
     (bsc#1051510).
   - media: sh_veu: Correct return type for mem2mem buffer helpers
     (bsc#1051510).
   - media: v4l2-ctrls.c/uvc: zero v4l2_event (bsc#1051510).
   - media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed
     (bsc#1119086).
   - memremap: fix softlockup reports at teardown (bnc#1130154).
   - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
     (bsc#1051510).
   - missing barriers in some of unix_sock ->addr and ->path accesses
     (networking-stable-19_03_15).
   - mmc: davinci: remove extraneous __init annotation (bsc#1051510).
   - mmc: pxamci: fix enum type confusion (bsc#1051510).
   - mmc: sdhci: Fix data command CRC error handling (bsc#1051510).
   - mmc: sdhci: Handle auto-command errors (bsc#1051510).
   - mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR
     (bsc#1051510).
   - mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510).
   - mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934).
   - mm: Fix modifying of page protection by insert_pfn() (bsc#1126740).
   - mm: Fix warning in insert_pfn() (bsc#1126740).
   - mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd()
     (bsc#1126740).
   - mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate()
     (bsc#1131935).
   - mm/vmalloc: fix size check for remap_vmalloc_range_partial()
     (bsc#1133825).
   - mpls: Return error for RTA_GATEWAY attribute
     (networking-stable-19_03_07).
   - mt7601u: bump supported EEPROM version (bsc#1051510).
   - mwifiex: do not advertise IBSS features without FW support (bsc#1129770).
   - net: Add header for usage of fls64() (networking-stable-19_02_20).
   - net: Add __icmp_send helper (networking-stable-19_03_07).
   - net: avoid false positives in untrusted gso validation (git-fixes).
   - net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07).
   - net: bridge: add vlan_tunnel to bridge port policies (git-fixes).
   - net: bridge: fix per-port af_packet sockets (git-fixes).
   - net: bridge: multicast: use rcu to access port list from
     br_multicast_start_querier (git-fixes).
   - net: datagram: fix unbounded loop in __skb_try_recv_datagram()
     (git-fixes).
   - net: Do not allocate page fragments that are not skb aligned
     (networking-stable-19_02_20).
   - net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07).
   - net: ena: update driver version from 2.0.2 to 2.0.3 (bsc#1129276
     bsc#1125342).
   - netfilter: bridge: set skb transport_header before entering
     NF_INET_PRE_ROUTING (git-fixes).
   - netfilter: check for seqadj ext existence before adding it in
     nf_nat_setup_info (git-fixes).
   - netfilter: ip6t_MASQUERADE: add dependency on conntrack module
     (git-fixes).
   - netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to
     ip_set_net_exit() (git-fixes).
   - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
     (git-fixes).
   - netfilter: x_tables: avoid out-of-bounds reads in
     xt_request_find_{match|target} (git-fixes).
   - netfilter: x_tables: fix int overflow in xt_alloc_table_info()
     (git-fixes).
   - net: Fix for_each_netdev_feature on Big endian
     (networking-stable-19_02_20).
   - net: fix IPv6 prefix route residue (networking-stable-19_02_20).
   - net: Fix untag for vlan packets without ethernet header (git-fixes).
   - net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off
     (git-fixes).
   - net/hsr: Check skb_put_padto() return value (git-fixes).
   - net: hsr: fix memory leak in hsr_dev_finalize()
     (networking-stable-19_03_15).
   - net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15).
   - netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07).
   - netlink: fix nla_put_{u8,u16,u32} for KASAN (git-fixes).
   - net/mlx5e: Do not overwrite pedit action when multiple pedit used
     (networking-stable-19_02_24).
   - net/ncsi: Fix AEN HNCDSC packet length (git-fixes).
   - net/ncsi: Stop monitor if channel times out or is inactive (git-fixes).
   - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails
     (networking-stable-19_03_07).
   - net/packet: fix 4gb buffer limit due to overflow check
     (networking-stable-19_02_24).
   - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes).
   - net_sched: acquire RTNL in tc_action_net_exit() (git-fixes).
   - net_sched: fix two more memory leaks in cls_tcindex
     (networking-stable-19_02_24).
   - net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255
     (networking-stable-19_03_15).
   - net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07).
   - net: sit: fix UBSAN Undefined behaviour in check_6rd
     (networking-stable-19_03_15).
   - net: socket: set sock->sk to NULL after calling proto_ops::release()
     (networking-stable-19_03_07).
   - net-sysfs: Fix mem leak in netdev_register_kobject (git-fixes).
   - net: validate untrusted gso packets without csum offload
     (networking-stable-19_02_20).
   - net/x25: fix a race in x25_bind() (networking-stable-19_03_15).
   - net/x25: fix use-after-free in x25_device_event()
     (networking-stable-19_03_15).
   - net/x25: reset state in x25_connect() (networking-stable-19_03_15).
   - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
     (git-fixes).
   - nfc: nci: Add some bounds checking in nci_hci_cmd_received()
     (bsc#1051510).
   - nfsd4: catch some false session retries (git-fixes).
   - nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes).
   - nfsd: fix memory corruption caused by readdir (bsc#1127445).
   - nfs: Do not recoalesce on error in nfs_pageio_complete_mirror()
     (git-fixes).
   - nfs: Do not use page_file_mapping after removing the page (git-fixes).
   - nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes).
   - nfs: Fix a soft lockup in the delegation recovery code (git-fixes).
   - nfs: Fix a typo in nfs_init_timeout_values() (git-fixes).
   - nfs: Fix dentry revalidation on NFSv4 lookup (bsc#1132618).
   - nfs: Fix I/O request leakages (git-fixes).
   - nfs: fix mount/umount race in nlmclnt (git-fixes).
   - nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
     (git-fixes).
   - nfsv4.1 do not free interrupted slot on open (git-fixes).
   - nfsv4.1: Reinitialise sequence results before retransmitting a request
     (git-fixes).
   - nfsv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes).
   - nvme: add proper discard setup for the multipath device (bsc#1114638).
   - nvme: fix the dangerous reference of namespaces list (bsc#1131673).
   - nvme: make sure ns head inherits underlying device limits (bsc#1131673).
   - nvme-multipath: split bios with the ns_head bio_set before submitting
     (bsc#1103259, bsc#1131673).
   - nvme: only reconfigure discard if necessary (bsc#1114638).
   - nvme: schedule requeue whenever a LIVE state is entered (bsc#1123105).
   - ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock
     (bsc#1131169).
   - pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller
     (bsc#1051510).
   - pci: designware-ep: dw_pcie_ep_set_msi() should only set MMC bits
     (bsc#1051510).
   - pci: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable
     (bsc#1051510).
   - pci: pciehp: Convert to threaded IRQ (bsc#1133005).
   - pci: pciehp: Ignore Link State Changes after powering off a slot
     (bsc#1133005).
   - phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs
     (bsc#1051510).
   - pm / wakeup: Rework wakeup source timer cancellation (bsc#1051510).
   - powercap: intel_rapl: add support for Jacobsville ().
   - powercap: intel_rapl: add support for Jacobsville (FATE#327454).
   - powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107).
   - powerpc/64: Disable the speculation barrier from the command line
     (bsc#1131107).
   - powerpc64/ftrace: Include ftrace.h needed for enable/disable calls
     (bsc#1088804, git-fixes).
   - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107).
   - powerpc/64s: Add new security feature flags for count cache flush
     (bsc#1131107).
   - powerpc/64s: Add support for software count cache flush (bsc#1131107).
   - powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117).
   - powerpc/asm: Add a patch_site macro & helpers for patching instructions
     (bsc#1131107).
   - powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729).
   - powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729).
   - powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest
     (bsc#1061840).
   - powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107).
   - powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area
     callback (bsc#1131900).
   - powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840).
   - powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes).
   - powerpc/mm: Check secondary hash page table (bsc#1065729).
   - powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area
     topdown search (bsc#1131900).
   - powerpc/numa: document topology_updates_enabled, disable by default
     (bsc#1133584).
   - powerpc/numa: improve control of topology updates (bsc#1133584).
   - powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043).
   - powerpc/perf: Remove l2 bus events from HW cache event array
     (bsc#1053043).
   - powerpc/powernv/cpuidle: Init all present cpus for deep states
     (bsc#1055121).
   - powerpc/powernv: Do not reprogram SLW image on every KVM guest
     entry/exit (bsc#1061840).
   - powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840).
   - powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace
     addresses on demand (bsc#1061840).
   - powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU
     tables (bsc#1061840).
   - powerpc/powernv: Make opal log only readable by root (bsc#1065729).
   - powerpc/powernv: Query firmware for count cache flush settings
     (bsc#1131107).
   - powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840).
   - powerpc/pseries/mce: Fix misleading print for TLB mutlihit (bsc#1094244,
     git-fixes).
   - powerpc/pseries: Query hypervisor for count cache flush settings
     (bsc#1131107).
   - powerpc/security: Fix spectre_v2 reporting (bsc#1131107).
   - powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
   - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587).
   - powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038
     (bsc#1131587).
   - power: supply: charger-manager: Fix incorrect return value (bsc#1051510).
   - pwm-backlight: Enable/disable the PWM before/after LCD enable toggle
     (bsc#1051510).
   - qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07).
   - qmi_wwan: apply SET_DTR quirk to Sierra WP7607 (bsc#1051510).
   - qmi_wwan: Fix qmap header retrieval in qmimux_rx_fixup (bsc#1051510).
   - raid10: It's wrong to add len to sector_nr in raid10 reshape twice
     (git-fixes).
   - ras/CEC: Check the correct variable in the debugfs error handling
     (bsc#1085535).
   - ravb: Decrease TxFIFO depth of Q3 and Q2 to one
     (networking-stable-19_03_15).
   - rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371).
   - rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371).
   - rdma/cxgb4: Add support for srq functions & structs (bsc#1127371).
   - rdma/cxgb4: fix some info leaks (bsc#1127371).
   - rdma/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371).
   - rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371).
   - rdma/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371).
   - rds: fix refcount bug in rds_sock_addref (git-fixes).
   - rds: tcp: atomically purge entries from rds_tcp_conn_list during netns
     delete (git-fixes).
   - regulator: max77620: Initialize values for DT properties (bsc#1051510).
   - regulator: s2mpa01: Fix step values for some LDOs (bsc#1051510).
   - rhashtable: Still do rehash when we get EEXIST (bsc#1051510).
   - ring-buffer: Check if memory is available before allocation
     (bsc#1132531).
   - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race
     (networking-stable-19_03_15).
   - rtc: 88pm80x: fix unintended sign extension (bsc#1051510).
   - rtc: 88pm860x: fix unintended sign extension (bsc#1051510).
   - rtc: cmos: ignore bogus century byte (bsc#1051510).
   - rtc: ds1672: fix unintended sign extension (bsc#1051510).
   - rtc: Fix overflow when converting time64_t to rtc_time (bsc#1051510).
   - rtc: pm8xxx: fix unintended sign extension (bsc#1051510).
   - rtnetlink: bring NETDEV_CHANGE_TX_QUEUE_LEN event process back in
     rtnetlink_event (git-fixes).
   - rtnetlink: bring NETDEV_CHANGEUPPER event process back in
     rtnetlink_event (git-fixes).
   - rtnetlink: bring NETDEV_POST_TYPE_CHANGE event process back in
     rtnetlink_event (git-fixes).
   - rtnetlink: check DO_SETLINK_NOTIFY correctly in do_setlink (git-fixes).
   - rxrpc: Do not release call mutex on error pointer (git-fixes).
   - rxrpc: Do not treat call aborts as conn aborts (git-fixes).
   - rxrpc: Fix client call queueing, waiting for channel
     (networking-stable-19_03_15).
   - rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes).
   - s390/dasd: fix panic for failed online processing (bsc#1132589).
   - s390/pkey: move pckmo subfunction available checks away from module init
     (bsc#1128544).
   - s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
   - scsi: libiscsi: fix possible NULL pointer dereference in case of TMF
     (bsc#1127378).
   - scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467).
   - sctp: call gso_reset_checksum when computing checksum in
     sctp_gso_segment (networking-stable-19_02_24).
   - serial: 8250_of: assume reg-shift of 2 for mrvl,mmp-uart (bsc#1051510).
   - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
     (bsc#1051510).
   - serial: imx: Update cached mctrl value when changing RTS (bsc#1051510).
   - serial: max310x: Fix to avoid potential NULL pointer dereference
     (bsc#1051510).
   - serial: sh-sci: Fix setting SCSCR_TIE while transferring data
     (bsc#1051510).
   - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
     (networking-stable-19_02_24).
   - smb3: Fix SMB3.1.1 guest mounts to Samba (bsc#1051510).
   - soc: fsl: qbman: avoid race in clearing QMan interrupt (bsc#1051510).
   - SoC: imx-sgtl5000: add missing put_device() (bsc#1051510).
   - soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510).
   - soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510).
   - spi: pxa2xx: Setup maximum supported DMA transfer length (bsc#1051510).
   - spi: ti-qspi: Fix mmap read when more than one CS in use (bsc#1051510).
   - spi/topcliff_pch: Fix potential NULL dereference on allocation error
     (bsc#1051510).
   - staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf
     (bsc#1051510).
   - staging: comedi: ni_usb6501: Fix use of uninitialized mutex
     (bsc#1051510).
   - staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf
     (bsc#1051510).
   - staging: comedi: vmk80xx: Fix use of uninitialized semaphore
     (bsc#1051510).
   - staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510).
   - staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510).
   - staging: vt6655: Fix interrupt race condition on device start up
     (bsc#1051510).
   - staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510).
   - sunrpc/cache: handle missing listeners better (bsc#1126221).
   - sunrpc: fix 4 more call sites that were using stack memory with a
     scatterlist (git-fixes).
   - supported.conf: Add vxlan to kernel-default-base (bsc#1132083).
   - supported.conf: dw_mmc-bluefield is not needed in kernel-default-base
     (bsc#1131574).
   - svm/avic: Fix invalidate logical APIC id entry (bsc#1132726).
   - svm: Fix AVIC DFR and LDR handling (bsc#1132558).
   - svm: Fix improper check when deactivate AVIC (bsc#1130335).
   - sysctl: handle overflow for file-max (bsc#1051510).
   - tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes).
   - tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20).
   - thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs (bsc#1051510).
   - thermal/intel_powerclamp: fix truncated kthread name ().
   - thermal/intel_powerclamp: fix truncated kthread name  (FATE#326597).
   - tipc: fix race condition causing hung sendto
     (networking-stable-19_03_07).
   - tpm: Fix some name collisions with drivers/char/tpm.h (bsc#1051510).
   - tpm: Fix the type of the return value in calc_tpm2_event_size()
     (bsc#1082555).
   - tpm_tis_spi: Pass the SPI IRQ down to the driver (bsc#1051510).
   - tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bsc#1051510).
   - tracing: Fix a memory leak by early error exit in trace_pid_write()
     (bsc#1133702).
   - tracing: Fix buffer_ref pipe ops (bsc#1133698).
   - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes
     into account (bsc#1132527).
   - tty: atmel_serial: fix a potential NULL pointer dereference
     (bsc#1051510).
   - tun: fix blocking read (networking-stable-19_03_07).
   - tun: remove unnecessary memory barrier (networking-stable-19_03_07).
   - udf: Fix crash on IO error during truncate (bsc#1131175).
   - uio: Reduce return paths from uio_write() (bsc#1051510).
   - Update patches.kabi/kabi-cxgb4-MU.patch (bsc#1097585 bsc#1097586
     bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584 bsc#1127371).
   - usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).
   - usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510).
   - usb: common: Consider only available nodes for dr_mode (bsc#1129770).
   - usb: core: only clean up what we allocated (bsc#1051510).
   - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
     (bsc#1051510).
   - usb: dwc3: gadget: synchronize_irq dwc irq in suspend (bsc#1051510).
   - usb: f_fs: Avoid crash due to out-of-scope stack ptr access
     (bsc#1051510).
   - usb: gadget: f_hid: fix deadlock in f_hidg_write() (bsc#1129770).
   - usb: gadget: Potential NULL dereference on allocation error
     (bsc#1051510).
   - usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk (bsc#1051510).
   - usb: mtu3: fix EXTCON dependency (bsc#1051510).
   - usb: phy: fix link errors (bsc#1051510).
   - usb: phy: twl6030-usb: fix possible use-after-free on remove
     (bsc#1051510).
   - usb: serial: cp210x: add ID for Ingenico 3070 (bsc#1129770).
   - usb: serial: cp210x: add new device id (bsc#1051510).
   - usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902).
   - usb: serial: ftdi_sio: add additional NovaTech products (bsc#1051510).
   - usb: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485
     (bsc#1129770).
   - usb: serial: mos7720: fix mos_parport refcount imbalance on error path
     (bsc#1129770).
   - usb: serial: option: add Olicard 600 (bsc#1051510).
   - usb: serial: option: add support for Quectel EM12 (bsc#1051510).
   - usb: serial: option: add Telit ME910 ECM composition (bsc#1129770).
   - usb: serial: option: set driver_info for SIM5218 and compatibles
     (bsc#1129770).
   - vfs: allow dedupe of user owned read-only files (bsc#1133778,
     bsc#1132219).
   - vfs: avoid problematic remapping requests into partial EOF block
     (bsc#1133850, bsc#1132219).
   - vfs: dedupe: extract helper for a single dedup (bsc#1133769,
     bsc#1132219).
   - vfs: dedupe should return EPERM if permission is not granted
     (bsc#1133779, bsc#1132219).
   - vfs: exit early from zero length remap operations (bsc#1132411,
     bsc#1132219).
   - vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772,
     bsc#1132219).
   - vfs: limit size of dedupe (bsc#1132397, bsc#1132219).
   - vfs: rename clone_verify_area to remap_verify_area (bsc#1133852,
     bsc#1132219).
   - vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219).
   - vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774,
     bsc#1132219).
   - vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from
     beyond EOF (bsc#1133780, bsc#1132219).
   - video: fbdev: Set pixclock = 0 in goldfishfb (bsc#1051510).
   - vxlan: test dev->flags & IFF_UP before calling netif_rx()
     (networking-stable-19_02_20).
   - wil6210: check null pointer in _wil_cfg80211_merge_extra_ies
     (bsc#1051510).
   - wlcore: Fix memory leak in case wl12xx_fetch_firmware failure
     (bsc#1051510).
   - x86/cpu: Add Atom Tremont (Jacobsville) ().
   - x86/cpu: Add Atom Tremont (Jacobsville) (FATE#327454).
   - x86/CPU/AMD: Set the CPB bit unconditionally on F17h (bsc#1114279).
   - x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331).
   - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331).
   - x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init
     (bsc#1132572).
   - x86/kvm/vmx: Add MDS protection when L1D Flush is not active
     (bsc#1111331).
   - x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank
     types (bsc#1128415).
   - x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units
     (bsc#1128415).
   - x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types
     (bsc#1128415).
   - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type
     (bsc#1128415).
   - x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415).
   - x86/MCE: Fix kABI for new AMD bank names (bsc#1128415).
   - x86/mce: Handle varying MCA bank counts (bsc#1128415).
   - x86/mce: Improve error message when kernel cannot recover, p2
     (bsc#1114279).
   - x86/msr-index: Cleanup bit defines (bsc#1111331).
   - x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318).
   - x86/speculation: Consolidate CPU whitelists (bsc#1111331).
   - x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331).
   - x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331).
   - x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331).
   - x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331).
   - x86/speculation/mds: Add mitigation control for MDS (bsc#1111331).
   - x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331).
   - x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331).
   - x86/speculation/mds: Add SMT warning message (bsc#1111331).
   - x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331).
   - x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331).
   - x86/speculation/mds: Conditionally clear CPU buffers on idle entry
     (bsc#1111331).
   - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off
     (bsc#1111331).
   - x86/speculation: Move arch_smt_update() call to after mitigation
     decisions (bsc#1111331).
   - x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279).
   - x86/speculation: Simplify the CPU bug detection logic (bsc#1111331).
   - x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178).
   - x86/tsc: Force inlining of cyc2ns bits (bsc#1052904).
   - x86/uaccess: Do not leak the AC flag into __put_user() value evaluation
     (bsc#1114279).
   - xen-netback: do not populate the hash cache on XenBus disconnect
     (networking-stable-19_03_07).
   - xen-netback: fix occasional leak of grant ref mappings under memory
     pressure (networking-stable-19_03_07).
   - xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600).
   - xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos
     (git-fixes).
   - xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes).
   - xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes).
   - xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674).
   - xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes
     (bsc#1132370, bsc#1132219).
   - xfs: call xfs_qm_dqattach before performing reflink operations
     (bsc#1132368, bsc#1132219).
   - xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219).
   - xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413,
     bsc#1132219).
   - xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405,
     bsc#1132219).
   - xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407,
     bsc#1132219).
   - xfs: fix pagecache truncation prior to reflink (bsc#1132412,
     bsc#1132219).
   - xfs: fix reporting supported extra file attributes for statx()
     (bsc#1133529).
   - xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414,
     bsc#1132219).
   - xfs: hold xfs_buf locked between shortform->leaf conversion and the
     addition of an attribute (bsc#1133675).
   - xfs: only grab shared inode locks for source file during reflink
     (bsc#1132372, bsc#1132219).
   - xfs: refactor clonerange preparation into a separate helper
     (bsc#1132402, bsc#1132219).
   - xfs: refactor xfs_trans_roll (bsc#1133667).
   - xfs: reflink find shared should take a transaction (bsc#1132226,
     bsc#1132219).
   - xfs: reflink should break pnfs leases before sharing blocks
     (bsc#1132369, bsc#1132219).
   - xfs: remove dest file's post-eof preallocations before reflinking
     (bsc#1132365, bsc#1132219).
   - xfs: remove the ip argument to xfs_defer_finish (bsc#1133672).
   - xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668).
   - xfs: update ctime and remove suid before cloning files (bsc#1132404,
     bsc#1132219).
   - xfs: zero posteof blocks when cloning above eof (bsc#1132403,
     bsc#1132219).
   - xhci: Do not let USB3 ports stuck in polling state prevent suspend
     (bsc#1051510).
   - xhci: Fix port resume done detection for SS ports with LPM enabled
     (bsc#1051510).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Public Cloud 15:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2019-1240=1



Package List:

   - SUSE Linux Enterprise Module for Public Cloud 15 (x86_64):

      kernel-azure-4.12.14-5.27.1
      kernel-azure-base-4.12.14-5.27.1
      kernel-azure-base-debuginfo-4.12.14-5.27.1
      kernel-azure-debuginfo-4.12.14-5.27.1
      kernel-azure-devel-4.12.14-5.27.1
      kernel-syms-azure-4.12.14-5.27.1

   - SUSE Linux Enterprise Module for Public Cloud 15 (noarch):

      kernel-devel-azure-4.12.14-5.27.1
      kernel-source-azure-4.12.14-5.27.1


References:

   https://www.suse.com/security/cve/CVE-2018-12126.html
   https://www.suse.com/security/cve/CVE-2018-12127.html
   https://www.suse.com/security/cve/CVE-2018-12130.html
   https://www.suse.com/security/cve/CVE-2018-16880.html
   https://www.suse.com/security/cve/CVE-2019-11091.html
   https://www.suse.com/security/cve/CVE-2019-3882.html
   https://www.suse.com/security/cve/CVE-2019-9003.html
   https://www.suse.com/security/cve/CVE-2019-9500.html
   https://www.suse.com/security/cve/CVE-2019-9503.html
   https://bugzilla.suse.com/1050549
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1052904
   https://bugzilla.suse.com/1053043
   https://bugzilla.suse.com/1055117
   https://bugzilla.suse.com/1055121
   https://bugzilla.suse.com/1061840
   https://bugzilla.suse.com/1065600
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1070872
   https://bugzilla.suse.com/1078216
   https://bugzilla.suse.com/1082555
   https://bugzilla.suse.com/1083647
   https://bugzilla.suse.com/1085535
   https://bugzilla.suse.com/1085536
   https://bugzilla.suse.com/1088804
   https://bugzilla.suse.com/1093777
   https://bugzilla.suse.com/1094120
   https://bugzilla.suse.com/1094244
   https://bugzilla.suse.com/1097583
   https://bugzilla.suse.com/1097584
   https://bugzilla.suse.com/1097585
   https://bugzilla.suse.com/1097586
   https://bugzilla.suse.com/1097587
   https://bugzilla.suse.com/1097588
   https://bugzilla.suse.com/1100132
   https://bugzilla.suse.com/1103186
   https://bugzilla.suse.com/1103259
   https://bugzilla.suse.com/1107937
   https://bugzilla.suse.com/1111331
   https://bugzilla.suse.com/1112128
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1113399
   https://bugzilla.suse.com/1113722
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1114542
   https://bugzilla.suse.com/1114638
   https://bugzilla.suse.com/1119086
   https://bugzilla.suse.com/1119680
   https://bugzilla.suse.com/1120318
   https://bugzilla.suse.com/1120902
   https://bugzilla.suse.com/1122767
   https://bugzilla.suse.com/1123105
   https://bugzilla.suse.com/1125342
   https://bugzilla.suse.com/1126221
   https://bugzilla.suse.com/1126356
   https://bugzilla.suse.com/1126704
   https://bugzilla.suse.com/1126740
   https://bugzilla.suse.com/1127175
   https://bugzilla.suse.com/1127371
   https://bugzilla.suse.com/1127372
   https://bugzilla.suse.com/1127374
   https://bugzilla.suse.com/1127378
   https://bugzilla.suse.com/1127445
   https://bugzilla.suse.com/1128415
   https://bugzilla.suse.com/1128544
   https://bugzilla.suse.com/1129276
   https://bugzilla.suse.com/1129770
   https://bugzilla.suse.com/1130130
   https://bugzilla.suse.com/1130154
   https://bugzilla.suse.com/1130195
   https://bugzilla.suse.com/1130335
   https://bugzilla.suse.com/1130336
   https://bugzilla.suse.com/1130337
   https://bugzilla.suse.com/1130338
   https://bugzilla.suse.com/1130425
   https://bugzilla.suse.com/1130427
   https://bugzilla.suse.com/1130518
   https://bugzilla.suse.com/1130527
   https://bugzilla.suse.com/1130567
   https://bugzilla.suse.com/1131062
   https://bugzilla.suse.com/1131107
   https://bugzilla.suse.com/1131167
   https://bugzilla.suse.com/1131168
   https://bugzilla.suse.com/1131169
   https://bugzilla.suse.com/1131170
   https://bugzilla.suse.com/1131171
   https://bugzilla.suse.com/1131172
   https://bugzilla.suse.com/1131173
   https://bugzilla.suse.com/1131174
   https://bugzilla.suse.com/1131175
   https://bugzilla.suse.com/1131176
   https://bugzilla.suse.com/1131177
   https://bugzilla.suse.com/1131178
   https://bugzilla.suse.com/1131179
   https://bugzilla.suse.com/1131180
   https://bugzilla.suse.com/1131290
   https://bugzilla.suse.com/1131335
   https://bugzilla.suse.com/1131336
   https://bugzilla.suse.com/1131416
   https://bugzilla.suse.com/1131427
   https://bugzilla.suse.com/1131442
   https://bugzilla.suse.com/1131467
   https://bugzilla.suse.com/1131574
   https://bugzilla.suse.com/1131587
   https://bugzilla.suse.com/1131659
   https://bugzilla.suse.com/1131673
   https://bugzilla.suse.com/1131847
   https://bugzilla.suse.com/1131848
   https://bugzilla.suse.com/1131851
   https://bugzilla.suse.com/1131900
   https://bugzilla.suse.com/1131934
   https://bugzilla.suse.com/1131935
   https://bugzilla.suse.com/1132083
   https://bugzilla.suse.com/1132219
   https://bugzilla.suse.com/1132226
   https://bugzilla.suse.com/1132227
   https://bugzilla.suse.com/1132365
   https://bugzilla.suse.com/1132368
   https://bugzilla.suse.com/1132369
   https://bugzilla.suse.com/1132370
   https://bugzilla.suse.com/1132372
   https://bugzilla.suse.com/1132373
   https://bugzilla.suse.com/1132384
   https://bugzilla.suse.com/1132397
   https://bugzilla.suse.com/1132402
   https://bugzilla.suse.com/1132403
   https://bugzilla.suse.com/1132404
   https://bugzilla.suse.com/1132405
   https://bugzilla.suse.com/1132407
   https://bugzilla.suse.com/1132411
   https://bugzilla.suse.com/1132412
   https://bugzilla.suse.com/1132413
   https://bugzilla.suse.com/1132414
   https://bugzilla.suse.com/1132426
   https://bugzilla.suse.com/1132527
   https://bugzilla.suse.com/1132531
   https://bugzilla.suse.com/1132555
   https://bugzilla.suse.com/1132558
   https://bugzilla.suse.com/1132561
   https://bugzilla.suse.com/1132562
   https://bugzilla.suse.com/1132563
   https://bugzilla.suse.com/1132564
   https://bugzilla.suse.com/1132570
   https://bugzilla.suse.com/1132571
   https://bugzilla.suse.com/1132572
   https://bugzilla.suse.com/1132589
   https://bugzilla.suse.com/1132618
   https://bugzilla.suse.com/1132681
   https://bugzilla.suse.com/1132726
   https://bugzilla.suse.com/1132828
   https://bugzilla.suse.com/1132943
   https://bugzilla.suse.com/1133005
   https://bugzilla.suse.com/1133094
   https://bugzilla.suse.com/1133095
   https://bugzilla.suse.com/1133115
   https://bugzilla.suse.com/1133149
   https://bugzilla.suse.com/1133486
   https://bugzilla.suse.com/1133529
   https://bugzilla.suse.com/1133584
   https://bugzilla.suse.com/1133667
   https://bugzilla.suse.com/1133668
   https://bugzilla.suse.com/1133672
   https://bugzilla.suse.com/1133674
   https://bugzilla.suse.com/1133675
   https://bugzilla.suse.com/1133698
   https://bugzilla.suse.com/1133702
   https://bugzilla.suse.com/1133731
   https://bugzilla.suse.com/1133769
   https://bugzilla.suse.com/1133772
   https://bugzilla.suse.com/1133774
   https://bugzilla.suse.com/1133778
   https://bugzilla.suse.com/1133779
   https://bugzilla.suse.com/1133780
   https://bugzilla.suse.com/1133825
   https://bugzilla.suse.com/1133850
   https://bugzilla.suse.com/1133851
   https://bugzilla.suse.com/1133852



More information about the sle-security-updates mailing list