SUSE-SU-2019:3289-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Dec 12 13:13:35 MST 2019


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2019:3289-1
Rating:             important
References:         #1048942 #1051510 #1071995 #1078248 #1082635 
                    #1089644 #1091041 #1108043 #1113722 #1114279 
                    #1117169 #1120853 #1131107 #1135966 #1135967 
                    #1138039 #1140948 #1141054 #1142095 #1143706 
                    #1144333 #1149448 #1150466 #1151548 #1151900 
                    #1153628 #1153811 #1154043 #1154058 #1154124 
                    #1154355 #1154526 #1155021 #1155689 #1155897 
                    #1155921 #1156258 #1156429 #1156466 #1156471 
                    #1156494 #1156609 #1156700 #1156729 #1156882 
                    #1157038 #1157042 #1157070 #1157143 #1157145 
                    #1157158 #1157162 #1157171 #1157173 #1157178 
                    #1157180 #1157182 #1157183 #1157184 #1157191 
                    #1157193 #1157197 #1157298 #1157307 #1157324 
                    #1157333 #1157424 #1157463 #1157499 #1157678 
                    #1157698 #1157778 #1157908 #1158049 #1158063 
                    #1158064 #1158065 #1158066 #1158067 #1158068 
                    #1158082 #1158381 #1158394 #1158398 #1158407 
                    #1158410 #1158413 #1158417 #1158427 #1158445 
                    
Cross-References:   CVE-2019-0154 CVE-2019-0155 CVE-2019-14895
                    CVE-2019-14901 CVE-2019-15916 CVE-2019-16231
                    CVE-2019-18660 CVE-2019-18683 CVE-2019-18809
                    CVE-2019-19049 CVE-2019-19052 CVE-2019-19056
                    CVE-2019-19057 CVE-2019-19058 CVE-2019-19060
                    CVE-2019-19062 CVE-2019-19063 CVE-2019-19065
                    CVE-2019-19067 CVE-2019-19068 CVE-2019-19073
                    CVE-2019-19074 CVE-2019-19075 CVE-2019-19077
                    CVE-2019-19227 CVE-2019-19524 CVE-2019-19525
                    CVE-2019-19528 CVE-2019-19529 CVE-2019-19530
                    CVE-2019-19531 CVE-2019-19534 CVE-2019-19536
                    CVE-2019-19543
Affected Products:
                    SUSE Linux Enterprise Module for Public Cloud 15
______________________________________________________________________________

   An update that solves 34 vulnerabilities and has 56 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 kernel-azure was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2019-19531: Fixed a use-after-free due to a malicious USB device in
     the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca (bsc#1158445).
   - CVE-2019-19543: Fixed a use-after-free in serial_ir_init_module() in
     drivers/media/rc/serial_ir.c (bsc#1158427).
   - CVE-2019-19525: Fixed a use-after-free due to a malicious USB device in
     the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035
     (bsc#1158417).
   - CVE-2019-19530: Fixed a use-after-free due to a malicious USB device in
     the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef
     (bsc#1158410).
   - CVE-2019-19536: Fixed a potential information leak due to a malicious
     USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver,
     aka CID-ead16e53c2f0 (bsc#1158394).
   - CVE-2019-19524: Fixed a use-after-free due to a malicious USB device in
     the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9
     (bsc#1158413).
   - CVE-2019-19528: Fixed a use-after-free due to a malicious USB device in
     the drivers/usb/misc/iowarrior.c driver, aka CID-edc4746f253d
     (bsc#1158407).
   - CVE-2019-19534: Fixed a potential information leak due to a malicious
     USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver,
     aka CID-f7a1337f0d29 (bsc#1158398).
   - CVE-2019-19529: Fixed a use-after-free due to a malicious USB device in
     the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41
     (bsc#1158381).
   - CVE-2019-14901: Fixed a heap overflow in Marvell WiFi chip driver which
     could have allowed a remote attacker to cause denial of service or
     execute arbitrary code (bsc#1157042).
   - CVE-2019-14895: Fixed a heap-based buffer overflow in Marvell WiFi chip
     driver which may occur when the station attempts a connection
     negotiation during the handling of the remote devices country settings
     leading to denial of service (bsc#1157158).
   - CVE-2019-18660: Fixed a potential information leak on powerpc because
     the Spectre-RSB mitigation was not in place for all applicable CPUs, aka
     CID-39e72bf96f58 (bsc#1157038).
   - CVE-2019-18683: Fixed a privilege escalation due to multiple race
     conditions (bsc#1155897).
   - CVE-2019-18809: Fixed a memory leak in the af9005_identify_state()
     function in drivers/media/usb/dvb-usb/af9005.c aka CID-2289adbfa559
     (bsc#1156258).
   - CVE-2019-19062: Fixed a memory leak in the crypto_report() function in
     crypto/crypto_user_base.c aka CID-ffdde5932042 (bsc#1157333).
   - CVE-2019-19057: Fixed two memory leaks in the
     mwifiex_pcie_init_evt_ring() function in
     drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-d10dcb615c8e
     (bsc#1157193).
   - CVE-2019-19056: Fixed a memory leak in the
     mwifiex_pcie_alloc_cmdrsp_buf() function in
     drivers/net/wireless/marvell/mwifiex/pcie.c aka CID-db8fd2cde932
     (bsc#1157197).
   - CVE-2019-19068: Fixed a memory leak in the rtl8xxxu_submit_int_urb()
     function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c aka
     CID-a2cdd07488e6 (bsc#1157307).
   - CVE-2019-19063: Fixed two memory leaks in the rtl_usb_probe() function
     in drivers/net/wireless/realtek/rtlwifi/usb.c aka CID-3f9361695113
     (bsc#1157298).
   - CVE-2019-19227: Fixed a potential null pointer dereference in the
     AppleTalk subsystem leadind to denial of service in net/appletalk/aarp.c
     and net/appletalk/ddp.c aka CID-9804501fa122 (bsc#1157678).
   - CVE-2019-19065: Fixed a memory leak in the sdma_init() function in
     drivers/infiniband/hw/hfi1/sdma.c aka CID-34b3be18a04e (bsc#1157191).
   - CVE-2019-19077: Fixed a memory leak in the bnxt_re_create_srq() function
     in drivers/infiniband/hw/bnxt_re/ib_verbs.c aka CID-4a9d46a9fe14
     (bsc#1157171).
   - CVE-2019-19052: Fixed a memory leak in the gs_can_open() function in
     drivers/net/can/usb/gs_usb.c aka CID-fb5be6a7b486 (bsc#1157324).
   - CVE-2019-19067: Fixed multiple memory leaks in acp_hw_init (bsc#1157180).
   - CVE-2019-19060: Fixed a memory leak in the adis_update_scan_mode()
     function in drivers/iio/imu/adis_buffer.c aka CID-ab612b1daf41
     (bsc#1157178).
   - CVE-2019-19049: Fixed a memory leak in unittest_data_add (bsc#1157173).
   - CVE-2019-19075: Fixed a memory leak in the ca8210_probe() function in
     drivers/net/ieee802154/ca8210.c aka CID-6402939ec86e (bsc#1157162).
   - CVE-2019-19058: Fixed a memory leak in the alloc_sgtable() function in
     drivers/net/wireless/intel/iwlwifi/fw/dbg.c aka CID-b4b814fec1a5
     (bsc#1157145).
   - CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd() function in
     drivers/net/wireless/ath/ath9k/wmi.c aka CID-728c1e2a05e4 (bsc#1157143).
   - CVE-2019-19073: Fixed multiple memory leaks in
     drivers/net/wireless/ath/ath9k/htc_hst.c aka CID-853acf7caf10
     (bsc#1157070).
   - CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() in
     net/core/net-sysfs.c, which would have caused denial of service
     (bsc#1149448).
   - CVE-2019-16231: Fixed a null pointer dereference in
     drivers/net/fjes/fjes_main.c (bsc#1150466).
   - CVE-2019-0154: Fixed a local denial of service via read of unprotected
     i915 registers. (bsc#1135966)
   - CVE-2019-0155: Fixed a privilege escalation in the i915 driver. Batch
     buffers from usermode could have escalated privileges via blitter
     command stream. (bsc#1135967)

   The following non-security bugs were fixed:

   - ACPICA: Never run _REG on system_memory and system_IO (bsc#1051510).
   - ACPICA: Use %d for signed int print formatting instead of %u
     (bsc#1051510).
   - ACPI / LPSS: Exclude I2C busses shared with PUNIT from pmc_atom_d3_mask
     (bsc#1051510).
   - ACPI / SBS: Fix rare oops when removing modules (bsc#1051510).
   - ALSA: 6fire: Drop the dead code (git-fixes).
   - ALSA: bebob: fix to detect configured source of sampling clock for
     Focusrite Saffire Pro i/o series (git-fixes).
   - ALSA: cs4236: fix error return comparison of an unsigned integer
     (git-fixes).
   - ALSA: firewire-motu: Correct a typo in the clock proc string (git-fixes).
   - ALSA: hda: Add Cometlake-S PCI ID (git-fixes).
   - ALSA: hda - Add mute led support for HP ProBook 645 G4 (git-fixes).
   - ALSA: hda - Fix pending unsol events at shutdown (git-fixes).
   - ALSA: hda/intel: add CometLake PCI IDs (bsc#1156729).
   - ALSA: hda/realtek - Move some alc236 pintbls to fallback table
     (git-fixes).
   - ALSA: hda/realtek - Move some alc256 pintbls to fallback table
     (git-fixes).
   - ALSA: i2c/cs8427: Fix int to char conversion (bsc#1051510).
   - ALSA: intel8x0m: Register irq handler after register initializations
     (bsc#1051510).
   - ALSA: pcm: Fix stream lock usage in snd_pcm_period_elapsed() (git-fixes).
   - ALSA: pcm: signedness bug in snd_pcm_plug_alloc() (bsc#1051510).
   - ALSA: seq: Do error checks at creating system ports (bsc#1051510).
   - ALSA: timer: Fix incorrectly assigned timer instance (git-fixes).
   - ALSA: usb-audio: Fix Focusrite Scarlett 6i6 gen1 - input handling
     (git-fixes).
   - ALSA: usb-audio: Fix missing error check at mixer resolution test
     (git-fixes).
   - ALSA: usb-audio: not submit urb for stopped endpoint (git-fixes).
   - arm64: Update config files. (bsc#1156466) Enable HW_RANDOM_OMAP driver
     and mark driver omap-rng as supported.
   - ASoC: davinci: Kill BUG_ON() usage (stable 4.14.y).
   - ASoC: davinci-mcasp: Handle return value of devm_kasprintf (stable
     4.14.y).
   - ASoC: dpcm: Properly initialise hw->rate_max (bsc#1051510).
   - ASoC: Intel: hdac_hdmi: Limit sampling rates at dai creation
     (bsc#1051510).
   - ASoC: kirkwood: fix external clock probe defer (git-fixes).
   - ASoC: msm8916-wcd-analog: Fix RX1 selection in RDAC2 MUX (git-fixes).
   - ASoC: sgtl5000: avoid division by zero if lo_vag is zero (bsc#1051510).
   - ASoC: tegra_sgtl5000: fix device_node refcounting (bsc#1051510).
   - ASoC: tlv320aic31xx: Handle inverted BCLK in non-DSP modes (stable
     4.14.y).
   - ASoC: tlv320dac31xx: mark expected switch fall-through (stable 4.14.y).
   - ata: ep93xx: Use proper enums for directions (bsc#1051510).
   - ath10k: fix kernel panic by moving pci flush after napi_disable
     (bsc#1051510).
   - ath10k: fix vdev-start timeout on error (bsc#1051510).
   - ath10k: limit available channels via DT ieee80211-freq-limit
     (bsc#1051510).
   - ath10k: wmi: disable softirq's while calling ieee80211_rx (bsc#1051510).
   - ath9k: add back support for using active monitor interfaces for tx99
     (bsc#1051510).
   - ath9k: Fix a locking bug in ath9k_add_interface() (bsc#1051510).
   - ath9k: fix reporting calculated new FFT upper max (bsc#1051510).
   - ath9k: fix tx99 with monitor mode interface (bsc#1051510).
   - ath9k_hw: fix uninitialized variable data (bsc#1051510).
   - ax88172a: fix information leak on short answers (bsc#1051510).
   - backlight: lm3639: Unconditionally call led_classdev_unregister
     (bsc#1051510).
   - Bluetooth: btusb: fix PM leak in error case of setup (bsc#1051510).
   - Bluetooth: delete a stray unlock (bsc#1051510).
   - Bluetooth: Fix invalid-free in bcsp_close() (git-fixes).
   - Bluetooth: Fix memory leak in hci_connect_le_scan (bsc#1051510).
   - Bluetooth: hci_core: fix init for HCI_USER_CHANNEL (bsc#1051510).
   - Bluetooth: L2CAP: Detect if remote is not able to use the whole MPS
     (bsc#1051510).
   - brcmfmac: fix full timeout waiting for action frame on-channel tx
     (bsc#1051510).
   - brcmfmac: reduce timeout for action frame scan (bsc#1051510).
   - brcmsmac: AP mode: update beacon when TIM changes (bsc#1051510).
   - brcmsmac: never log "tid x is not agg'able" by default (bsc#1051510).
   - Btrfs: fix log context list corruption after rename exchange operation
     (bsc#1156494).
   - can: c_can: c_can_poll(): only read status register after status IRQ
     (git-fixes).
   - can: mcba_usb: fix use-after-free on disconnect (git-fixes).
   - can: peak_usb: fix a potential out-of-sync while decoding packets
     (git-fixes).
   - can: peak_usb: fix slab info leak (git-fixes).
   - can: rx-offload: can_rx_offload_offload_one(): do not increase the
     skb_queue beyond skb_queue_len_max (git-fixes).
   - can: rx-offload: can_rx_offload_queue_sorted(): fix error handling,
     avoid skb mem leak (git-fixes).
   - can: rx-offload: can_rx_offload_queue_tail(): fix error handling, avoid
     skb mem leak (git-fixes).
   - can: usb_8dev: fix use-after-free on disconnect (git-fixes).
   - ceph: add missing check in d_revalidate snapdir handling (bsc#1157183).
   - ceph: do not try to handle hashed dentries in non-O_CREAT atomic_open
     (bsc#1157184).
   - ceph: fix use-after-free in __ceph_remove_cap() (bsc#1154058).
   - ceph: just skip unrecognized info in ceph_reply_info_extra (bsc#1157182).
   - cfg80211: Avoid regulatory restore when COUNTRY_IE_IGNORE is set
     (bsc#1051510).
   - cfg80211: call disconnect_wk when AP stops (bsc#1051510).
   - cfg80211: Prevent regulatory restore during STA disconnect in concurrent
     interfaces (bsc#1051510).
   - CIFS: add a helper to find an existing readable handle to a file
     (bsc#1144333, bsc#1154355).
   - CIFS: avoid using MID 0xFFFF (bsc#1144333, bsc#1154355).
   - CIFS: create a helper to find a writeable handle by path name
     (bsc#1144333, bsc#1154355).
   - CIFS: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
     (bsc#1144333, bsc#1154355).
   - CIFS: fix max ea value size (bsc#1144333, bsc#1154355).
   - CIFS: Fix missed free operations (bsc#1144333, bsc#1154355).
   - CIFS: Fix oplock handling for SMB 2.1+ protocols (bsc#1144333,
     bsc#1154355).
   - CIFS: Fix retry mid list corruption on reconnects (bsc#1144333,
     bsc#1154355).
   - CIFS: Fix SMB2 oplock break processing (bsc#1144333, bsc#1154355).
   - CIFS: Fix use after free of file info structures (bsc#1144333,
     bsc#1154355).
   - CIFS: Force reval dentry if LOOKUP_REVAL flag is set (bsc#1144333,
     bsc#1154355).
   - CIFS: Force revalidate inode when dentry is stale (bsc#1144333,
     bsc#1154355).
   - CIFS: Gracefully handle QueryInfo errors during open (bsc#1144333,
     bsc#1154355).
   - CIFS: move cifsFileInfo_put logic into a work-queue (bsc#1144333,
     bsc#1154355).
   - CIFS: prepare SMB2_Flush to be usable in compounds (bsc#1144333,
     bsc#1154355).
   - CIFS: set domainName when a domain-key is used in multiuser
     (bsc#1144333, bsc#1154355).
   - CIFS: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
     (bsc#1144333, bsc#1154355).
   - CIFS: use existing handle for compound_op(OP_SET_INFO) when possible
     (bsc#1144333, bsc#1154355).
   - CIFS: Use kzfree() to zero out the password (bsc#1144333, bsc#1154355).
   - clk: at91: avoid sleeping early (git-fixes).
   - clk: pxa: fix one of the pxa RTC clocks (bsc#1051510).
   - clk: samsung: exynos5420: Preserve CPU clocks configuration during
     suspend/resume (bsc#1051510).
   - clk: samsung: exynos5420: Preserve PLL configuration during
     suspend/resume (git-fixes).
   - clk: samsung: Use clk_hw API for calling clk framework from clk
     notifiers (bsc#1051510).
   - clk: sunxi-ng: a80: fix the zero'ing of bits 16 and 18 (git-fixes).
   - clocksource/drivers/sh_cmt: Fix clocksource width for 32-bit machines
     (bsc#1051510).
   - clocksource/drivers/sh_cmt: Fixup for 64-bit machines (bsc#1051510).
   - compat_ioctl: handle SIOCOUTQNSD (bsc#1051510).
   - component: fix loop condition to call unbind() if bind() fails
     (bsc#1051510).
   - cpufreq: intel_pstate: Register when ACPI PCCH is present (bsc#1051510).
   - cpufreq/pasemi: fix use-after-free in pas_cpufreq_cpu_init()
     (bsc#1051510).
   - cpufreq: powernv: fix stack bloat and hard limit on number of CPUs
     (bsc#1051510).
   - cpufreq: Skip cpufreq resume if it's not suspended (bsc#1051510).
   - cpufreq: ti-cpufreq: add missing of_node_put() (bsc#1051510).
   - cpupower: Fix coredump on VMWare (bsc#1051510).
   - cpupower : Fix cpupower working when cpu0 is offline (bsc#1051510).
   - cpupower : frequency-set -r option misses the last cpu in related cpu
     list (bsc#1051510).
   - crypto: af_alg - cast ki_complete ternary op to int (bsc#1051510).
   - crypto: crypto4xx - fix double-free in crypto4xx_destroy_sdr
     (bsc#1051510).
   - crypto: ecdh - fix big endian bug in ECC library (bsc#1051510).
   - crypto: fix a memory leak in rsa-kcs1pad's encryption mode (bsc#1051510).
   - crypto: geode-aes - switch to skcipher for cbc(aes) fallback
     (bsc#1051510).
   - crypto: mxs-dcp - Fix AES issues (bsc#1051510).
   - crypto: mxs-dcp - Fix SHA null hashes and output length (bsc#1051510).
   - crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash'
     static (bsc#1051510).
   - crypto: s5p-sss: Fix Fix argument list alignment (bsc#1051510).
   - crypto: tgr192 - remove unneeded semicolon (bsc#1051510).
   - cw1200: Fix a signedness bug in cw1200_load_firmware() (bsc#1051510).
   - cxgb4: fix panic when attaching to ULD fail (networking-stable-19_11_05).
   - dccp: do not leak jiffies on the wire (networking-stable-19_11_05).
   - Disable SGL_ALLOC
   - dlm: do not leak kernel pointer to userspace (bsc#1051510).
   - dlm: fix invalid free (bsc#1051510).
   - dmaengine: dma-jz4780: Do not depend on MACH_JZ4780 (bsc#1051510).
   - dmaengine: dma-jz4780: Further residue status fix (bsc#1051510).
   - dmaengine: ep93xx: Return proper enum in ep93xx_dma_chan_direction
     (bsc#1051510).
   - dmaengine: imx-sdma: fix use-after-free on probe error path
     (bsc#1051510).
   - dmaengine: rcar-dmac: set scatter/gather max segment size (bsc#1051510).
   - dmaengine: timb_dma: Use proper enum in td_prep_slave_sg (bsc#1051510).
   - docs: move protection-keys.rst to the core-api book (bsc#1078248).
   - Documentation: debugfs: Document debugfs helper for unsigned long values
     (git-fixes).
   - Documentation: x86: convert protection-keys.txt to reST (bsc#1078248).
   - drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)
   - drm/omap: fix max fclk divider for omap36xx (bsc#1113722)
   - drm/radeon: fix bad DMA from INTERRUPT_CNTL2 (git-fixes).
   - drm/radeon: fix si_enable_smc_cac() failed issue (bsc#1113722)
   - e1000e: Drop unnecessary __E1000_DOWN bit twiddling (bsc#1158049).
   - e1000e: Use dev_get_drvdata where possible (bsc#1158049).
   - e1000e: Use rtnl_lock to prevent race conditions between net and pci/pm
     (bsc#1158049).
   - EDAC/ghes: Fix Use after free in ghes_edac remove path (bsc#1114279).
   - extcon: cht-wc: Return from default case to avoid warnings (bsc#1051510).
   - fbdev: sbuslib: integer overflow in sbusfb_ioctl_helper() (bsc#1051510).
   - fbdev: sbuslib: use checked version of put_user() (bsc#1051510).
   - fix SCTP regression (networking-stable-19_10_24 bsc#1158082).
   - ftrace: Introduce PERMANENT ftrace_ops flag (bsc#1120853).
   - gpiolib: acpi: Add Terra Pad 1061 to the
     run_edge_events_on_boot_blacklist (bsc#1051510).
   - gpio: mpc8xxx: Do not overwrite default irq_set_type callback
     (bsc#1051510).
   - gpio: syscon: Fix possible NULL ptr usage (bsc#1051510).
   - gsmi: Fix bug in append_to_eventlog sysfs handler (bsc#1051510).
   - HID: Add ASUS T100CHI keyboard dock battery quirks (bsc#1051510).
   - HID: Add quirk for Microsoft PIXART OEM mouse (bsc#1051510).
   - HID: asus: Add T100CHI bluetooth keyboard dock special keys mapping
     (bsc#1051510).
   - HID: Fix assumption that devices have inputs (git-fixes).
   - HID: wacom: generic: Treat serial number and related fields as unsigned
     (git-fixes).
   - hwmon: (ina3221) Fix INA3221_CONFIG_MODE macros (bsc#1051510).
   - hwmon: (pwm-fan) Silence error on probe deferral (bsc#1051510).
   - hwrng: omap3-rom - Call clk_disable_unprepare() on exit only if not
     idled (bsc#1051510).
   - hwrng: omap - Fix RNG wait loop timeout (bsc#1051510).
   - hypfs: Fix error number left in struct pointer member (bsc#1051510).
   - ibmvnic: Bound waits for device queries (bsc#1155689 ltc#182047).
   - ibmvnic: Fix completion structure initialization (bsc#1155689
     ltc#182047).
   - ibmvnic: Serialize device queries (bsc#1155689 ltc#182047).
   - ibmvnic: Terminate waiting device threads after loss of service
     (bsc#1155689 ltc#182047).
   - iio: adc: max9611: explicitly cast gain_selectors (bsc#1051510).
   - iio: adc: stm32-adc: fix stopping dma (git-fixes).
   - iio: dac: mcp4922: fix error handling in mcp4922_write_raw (bsc#1051510).
   - iio: imu: adis16480: assign bias value only if operation succeeded
     (git-fixes).
   - iio: imu: adis16480: make sure provided frequency is positive
     (git-fixes).
   - iio: imu: adis: assign read val in debugfs hook only if op successful
     (git-fixes).
   - iio: imu: adis: assign value only if return code zero in read funcs
     (git-fixes).
   - include/linux/bitrev.h: fix constant bitrev (bsc#1114279).
   - inet: stop leaking jiffies on the wire (networking-stable-19_11_05).
   - Input: ff-memless - kill timer in destroy() (bsc#1051510).
   - Input: silead - try firmware reload after unsuccessful resume
     (bsc#1051510).
   - Input: st1232 - set INPUT_PROP_DIRECT property (bsc#1051510).
   - Input: synaptics-rmi4 - clear IRQ enables for F54 (bsc#1051510).
   - Input: synaptics-rmi4 - destroy F54 poller workqueue when removing
     (bsc#1051510).
   - Input: synaptics-rmi4 - disable the relative position IRQ in the F12
     driver (bsc#1051510).
   - Input: synaptics-rmi4 - do not consume more data than we have (F11, F12)
     (bsc#1051510).
   - Input: synaptics-rmi4 - fix video buffer size (git-fixes).
   - intel_th: Fix a double put_device() in error path (git-fixes).
   - iommu/vt-d: Fix QI_DEV_IOTLB_PFSID and QI_DEV_EIOTLB_PFSID macros
     (bsc#1158063).
   - ipmi:dmi: Ignore IPMI SMBIOS entries with a zero base address
     (bsc#1051510).
   - ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
     (networking-stable-19_10_24).
   - iwlwifi: api: annotate compressed BA notif array sizes (bsc#1051510).
   - iwlwifi: check kasprintf() return value (bsc#1051510).
   - iwlwifi: exclude GEO SAR support for 3168 (git-fixes).
   - iwlwifi: mvm: avoid sending too many BARs (bsc#1051510).
   - iwlwifi: mvm: do not send keys when entering D3 (bsc#1051510).
   - kABI: Fix for "KVM: x86: Introduce vcpu->arch.xsaves_enabled"
     (bsc#1158066).
   - kABI workaround for ath10k last_wmi_vdev_start_status field
     (bsc#1051510).
   - kABI workaround for struct mwifiex_power_cfg change (bsc#1051510).
   - KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH
     (bsc#1114279).
   - KVM: SVM: Serialize access to the SEV ASID bitmap (bsc#1114279).
   - KVM: VMX: Consider PID.PIR to determine if vCPU has pending interrupts
     (bsc#1158064).
   - KVM: VMX: Fix conditions for guest IA32_XSS support (bsc#1158065).
   - KVM: x86: Introduce vcpu->arch.xsaves_enabled (bsc#1158066).
   - KVM: x86/mmu: Take slots_lock when using kvm_mmu_zap_all_fast()
     (bsc#1158067).
   - lib/scatterlist: Fix chaining support in sgl_alloc_order() (git-fixes).
   - lib/scatterlist: Introduce sgl_alloc() and sgl_free() (git-fixes).
   - liquidio: fix race condition in instruction completion processing
     (bsc#1051510).
   - livepatch: Allow to distinguish different version of system state
     changes (bsc#1071995).
   - livepatch: Basic API to track system state changes (bsc#1071995 ).
   - livepatch: Keep replaced patches until post_patch callback is called
     (bsc#1071995).
   - livepatch: Selftests of the API for tracking system state changes
     (bsc#1071995).
   - loop: add ioctl for changing logical block size (bsc#1108043).
   - mac80211: consider QoS Null frames for STA_NULLFUNC_ACKED (bsc#1051510).
   - mac80211: minstrel: fix CCK rate group streams value (bsc#1051510).
   - mac80211: minstrel: fix sampling/reporting of CCK rates in HT mode
     (bsc#1051510).
   - macvlan: schedule bc_work even if error (bsc#1051510).
   - mailbox: reset txdone_method TXDONE_BY_POLL if client knows_txdone
     (git-fixes).
   - media: au0828: Fix incorrect error messages (bsc#1051510).
   - media: bdisp: fix memleak on release (git-fixes).
   - media: cxusb: detect cxusb_ctrl_msg error in query (bsc#1051510).
   - media: davinci: Fix implicit enum conversion warning (bsc#1051510).
   - media: exynos4-is: Fix recursive locking in isp_video_release()
     (git-fixes).
   - media: fix: media: pci: meye: validate offset to avoid arbitrary access
     (bsc#1051510).
   - media: flexcop-usb: ensure -EIO is returned on error condition
     (git-fixes).
   - media: imon: invalid dereference in imon_touch_event (bsc#1051510).
   - media: isif: fix a NULL pointer dereference bug (bsc#1051510).
   - media: pci: ivtv: Fix a sleep-in-atomic-context bug in ivtv_yuv_init()
     (bsc#1051510).
   - media: pxa_camera: Fix check for pdev->dev.of_node (bsc#1051510).
   - media: radio: wl1273: fix interrupt masking on release (git-fixes).
   - media: ti-vpe: vpe: Fix Motion Vector vpdma stride (git-fixes).
   - media: usbvision: Fix races among open, close, and disconnect
     (bsc#1051510).
   - media: vim2m: Fix abort issue (git-fixes).
   - media: vivid: Set vid_cap_streaming and vid_out_streaming to true
     (bsc#1051510).
   - mei: fix modalias documentation (git-fixes).
   - mei: samples: fix a signedness bug in amt_host_if_call() (bsc#1051510).
   - mfd: intel-lpss: Add default I2C device properties for Gemini Lake
     (bsc#1051510).
   - mfd: max8997: Enale irq-wakeup unconditionally (bsc#1051510).
   - mfd: mc13xxx-core: Fix PMIC shutdown when reading ADC values
     (bsc#1051510).
   - mfd: palmas: Assign the right powerhold mask for tps65917 (git-fixes).
   - mfd: ti_am335x_tscadc: Keep ADC interface on if child is wakeup capable
     (bsc#1051510).
   - mISDN: Fix type of switch control variable in ctrl_teimanager
     (bsc#1051510).
   - mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
   - mlx5: add parameter to disable enhanced IPoIB (bsc#1142095)
   - mmc: core: fix wl1251 sdio quirks (git-fixes).
   - mmc: host: omap_hsmmc: add code for special init of wl1251 to get rid of
     pandora_wl1251_init_card (git-fixes).
   - mmc: mediatek: fix cannot receive new request when msdc_cmd_is_ready
     fail (bsc#1051510).
   - mm/compaction.c: clear total_{migrate,free}_scanned before scanning a
     new zone (git fixes (mm/compaction)).
   - mmc: sdhci-esdhc-imx: correct the fix of ERR004536 (git-fixes).
   - mmc: sdhci-of-at91: fix quirk2 overwrite (git-fixes).
   - mmc: sdio: fix wl1251 vendor id (git-fixes).
   - mm/debug.c: PageAnon() is true for PageKsm() pages (git fixes
     (mm/debug)).
   - mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d()
     (git fixes (mm/gup)).
   - mt7601u: fix bbp version check in mt7601u_wait_bbp_ready (bsc#1051510).
   - mtd: nand: mtk: fix incorrect register setting order about ecc irq.
   - mtd: spear_smi: Fix Write Burst mode (bsc#1051510).
   - mtd: spi-nor: fix silent truncation in spi_nor_read() (bsc#1051510).
   - mwifiex: Fix NL80211_TX_POWER_LIMITED (bsc#1051510).
   - net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
     (networking-stable-19_11_05).
   - net: add skb_queue_empty_lockless() (networking-stable-19_11_05).
   - net: annotate accesses to sk->sk_incoming_cpu
     (networking-stable-19_11_05).
   - net: annotate lockless accesses to sk->sk_napi_id
     (networking-stable-19_11_05).
   - net: avoid potential infinite loop in tc_ctl_action()
     (networking-stable-19_10_24).
   - net: bcmgenet: Fix RGMII_MODE_EN value for GENET v1/2/3
     (networking-stable-19_10_24).
   - net: bcmgenet: reset 40nm EPHY on energy detect
     (networking-stable-19_11_05).
   - net: bcmgenet: Set phydev->dev_flags only for internal PHYs
     (networking-stable-19_10_24).
   - net: dsa: b53: Do not clear existing mirrored port mask
     (networking-stable-19_11_05).
   - net: dsa: bcm_sf2: Fix IMP setup for port different than 8
     (networking-stable-19_11_05).
   - net: dsa: fix switch tree list (networking-stable-19_11_05).
   - net: ethernet: ftgmac100: Fix DMA coherency issue with SW checksum
     (networking-stable-19_11_05).
   - net: fix sk_page_frag() recursion from memory reclaim
     (networking-stable-19_11_05).
   - net: hisilicon: Fix ping latency when deal with high throughput
     (networking-stable-19_11_05).
   - net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE mode
     (bsc#1089644, ltc#166495, ltc#165544, git-fixes).
   - net/mlx4_core: Dynamically set guaranteed amount of counters per VF
     (networking-stable-19_11_05).
   - net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget
     (networking-stable-19_11_05).
   - netns: fix GFP flags in rtnl_net_notifyid() (networking-stable-19_11_05).
   - net: stmmac: disable/enable ptp_ref_clk in suspend/resume flow
     (networking-stable-19_10_24).
   - net: use skb_queue_empty_lockless() in busy poll contexts
     (networking-stable-19_11_05).
   - net: use skb_queue_empty_lockless() in poll() handlers
     (networking-stable-19_11_05).
   - net: wireless: ti: remove local VENDOR_ID and DEVICE_ID definitions
     (git-fixes).
   - net: wireless: ti: wl1251 use new SDIO_VENDOR_ID_TI_WL1251 definition
     (git-fixes).
   - net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
     (networking-stable-19_11_05).
   - nfc: netlink: fix double device reference drop (git-fixes).
   - nfc: nxp-nci: Fix NULL pointer dereference after I2C communication error
     (git-fixes).
   - nfc: port100: handle command failure cleanly (git-fixes).
   - nl80211: Fix a GET_KEY reply attribute (bsc#1051510).
   - openvswitch: fix flow command message size (git-fixes).
   - padata: use smp_mb in padata_reorder to avoid orphaned padata jobs
     (git-fixes).
   - PCI/ACPI: Correct error message for ASPM disabling (bsc#1051510).
   - PCI: Apply Cavium ACS quirk to ThunderX2 and ThunderX3 (bsc#1051510).
   - PCI: dwc: Fix find_next_bit() usage (bsc#1051510).
   - PCI: Fix Intel ACS quirk UPDCR register address (bsc#1051510).
   - PCI/MSI: Fix incorrect MSI-X masking on resume (bsc#1051510).
   - PCI/PME: Fix possible use-after-free on remove (git-fixes).
   - PCI/PTM: Remove spurious "d" from granularity message (bsc#1051510).
   - PCI: rcar: Fix missing MACCTLR register setting in initialization
     sequence (bsc#1051510).
   - PCI: sysfs: Ignore lockdep for remove attribute (git-fixes).
   - PCI: tegra: Enable Relaxed Ordering only for Tegra20 & Tegra30
     (git-fixes).
   - phy: phy-twl4030-usb: fix denied runtime access (git-fixes).
   - pinctl: ti: iodelay: fix error checking on pinctrl_count_index_with_args
     call (git-fixes).
   - pinctrl: at91: do not use the same irqchip with multiple gpiochips
     (git-fixes).
   - pinctrl: cherryview: Allocate IRQ chip dynamic (git-fixes).
   - pinctrl: lewisburg: Update pin list according to v1.1v6 (bsc#1051510).
   - pinctrl: lpc18xx: Use define directive for PIN_CONFIG_GPIO_PIN_INT
     (bsc#1051510).
   - pinctrl: qcom: spmi-gpio: fix gpio-hog related boot issues (bsc#1051510).
   - pinctrl: samsung: Fix device node refcount leaks in init code
     (bsc#1051510).
   - pinctrl: samsung: Fix device node refcount leaks in S3C24xx wakeup
     controller init (bsc#1051510).
   - pinctrl: samsung: Fix device node refcount leaks in S3C64xx wakeup
     controller init (bsc#1051510).
   - pinctrl: sunxi: Fix a memory leak in 'sunxi_pinctrl_build_state()'
     (bsc#1051510).
   - pinctrl: zynq: Use define directive for PIN_CONFIG_IO_STANDARD
     (bsc#1051510).
   - PM / devfreq: Check NULL governor in available_governors_show
     (git-fixes).
   - PM / devfreq: exynos-bus: Correct clock enable sequence (bsc#1051510).
   - PM / devfreq: Lock devfreq in trans_stat_show (git-fixes).
   - PM / devfreq: passive: fix compiler warning (bsc#1051510).
   - PM / devfreq: passive: Use non-devm notifiers (bsc#1051510).
   - PM / hibernate: Check the success of generating md5 digest before
     hibernation (bsc#1051510).
   - powerpc/64: Make meltdown reporting Book3S 64 specific (bsc#1091041).
   - powerpc/book3s64/hash: Use secondary hash for bolted mapping if the
     primary is full (bsc#1157778 ltc#182520).
   - powerpc/bpf: Fix tail call implementation (bsc#1157698).
   - powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu
     (bsc#1156700 ltc#182459).
   - powerpc/pseries: Do not fail hash page table insert for bolted mapping
     (bsc#1157778 ltc#182520).
   - powerpc/pseries: Do not opencode HPTE_V_BOLTED (bsc#1157778 ltc#182520).
   - powerpc/pseries: safely roll back failed DLPAR cpu add (bsc#1156700
     ltc#182459).
   - powerpc/security/book3s64: Report L1TF status in sysfs (bsc#1091041).
   - powerpc/security: Fix wrong message when RFI Flush is disable
     (bsc#1131107).
   - powerpc/xive: Prevent page fault issues in the machine crash handler
     (bsc#1156882 ltc#182435).
   - power: reset: at91-poweroff: do not procede if at91_shdwc is allocated
     (bsc#1051510).
   - power: supply: ab8500_fg: silence uninitialized variable warnings
     (bsc#1051510).
   - power: supply: max14656: fix potential use-after-free (bsc#1051510).
   - power: supply: twl4030_charger: disable eoc interrupt on linear charge
     (bsc#1051510).
   - power: supply: twl4030_charger: fix charging current out-of-bounds
     (bsc#1051510).
   - ppdev: fix PPGETTIME/PPSETTIME ioctls (bsc#1051510).
   - printk: Export console_printk (bsc#1071995).
   - pwm: bcm-iproc: Prevent unloading the driver module while in use
     (git-fixes).
   - pwm: lpss: Only set update bit if we are actually changing the settings
     (bsc#1051510).
   - r8152: add device id for Lenovo ThinkPad USB-C Dock Gen 2
     (networking-stable-19_11_05).
   - regulator: ab8500: Remove AB8505 USB regulator (bsc#1051510).
   - regulator: ab8500: Remove SYSCLKREQ from enum ab8505_regulator_id
     (bsc#1051510).
   - remoteproc: Check for NULL firmwares in sysfs interface (git-fixes).
   - Remove patches that reportedly cause regression (bsc#1155689 ltc#182047).
   - reset: fix of_reset_simple_xlate kerneldoc comment (bsc#1051510).
   - reset: Fix potential use-after-free in __of_reset_control_get()
     (bsc#1051510).
   - reset: fix reset_control_get_exclusive kerneldoc comment (bsc#1051510).
   - Revert "drm/etnaviv: fix dumping of iommuv2 (bsc#1113722)" This reverts
     commit 71e3a1b8d8cf73f711f3e4100aa51f68e631f94f.
   - rpm/kernel-binary.spec.in: add COMPRESS_VMLINUX (bnc#1155921) Let
     COMPRESS_VMLINUX determine the compression used for vmlinux. By default
     (historically), it is gz.
   - rpm/kernel-source.spec.in: Fix dependency of kernel-devel (bsc#1154043)
   - rtl8187: Fix warning generated when strncpy() destination length matches
     the sixe argument (bsc#1051510).
   - rtlwifi: Remove unnecessary NULL check in rtl_regd_init (bsc#1051510).
   - rtlwifi: rtl8192de: Fix misleading REG_MCUFWDL information (bsc#1051510).
   - rtlwifi: rtl8192de: Fix missing code to retrieve RX buffer address
     (bsc#1051510).
   - rtlwifi: rtl8192de: Fix missing enable interrupt flag (bsc#1051510).
   - s390/bpf: fix lcgr instruction encoding (bsc#1051510).
   - s390/bpf: use 32-bit index for tail calls (bsc#1051510).
   - s390/cio: avoid calling strlen on null pointer (bsc#1051510).
   - s390/cio: exclude subchannels with no parent from pseudo check
     (bsc#1051510).
   - s390/cmm: fix information leak in cmm_timeout_handler() (bsc#1051510).
   - s390: fix stfle zero padding (bsc#1051510).
   - s390/idle: fix cpu idle time calculation (bsc#1051510).
   - s390/mm: properly clear _PAGE_NOEXEC bit when it is not supported
     (bsc#1051510).
   - s390/process: avoid potential reading of freed stack (bsc#1051510).
   - s390/qdio: do not touch the dsci in tiqdio_add_input_queues()
     (bsc#1051510).
   - s390/qdio: (re-)initialize tiqdio list entries (bsc#1051510).
   - s390/qeth: return proper errno on IO error (bsc#1051510).
   - s390/setup: fix boot crash for machine without EDAT-1 (bsc#1051510
     bsc#1140948).
   - s390/setup: fix early warning messages (bsc#1051510 bsc#1140948).
   - s390/topology: avoid firing events before kobjs are created
     (bsc#1051510).
   - sc16is7xx: Fix for "Unexpected interrupt: 8" (bsc#1051510).
   - scsi: lpfc: Fix Oops in nvme_register with target logout/login
     (bsc#1151900).
   - scsi: lpfc: Honor module parameter lpfc_use_adisc (bsc#1153628).
   - scsi: lpfc: Limit xri count for kdump environment (bsc#1154124).
   - scsi: qla2xxx: Add debug dump of LOGO payload and ELS IOCB (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Allow PLOGI in target mode (bsc#1157424, bsc#1157908.
     bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Change discovery state before PLOGI (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Configure local loop for N2N target (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Do command completion on abort timeout (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Do not call qlt_async_event twice (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Do not defer relogin unconditonally (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: do not use zero for FC4_PRIORITY_NVME (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Drop superfluous INIT_WORK of del_work (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Fix a dma_pool_free() call (bsc#1143706 bsc#1082635
     bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Fix device connect issues in P2P configuration
     (bsc#1143706 bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Fix double scsi_done for abort path (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Fix driver unload hang (bsc#1143706 bsc#1082635
     bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Fix memory leak when sending I/O fails (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Fix PLOGI payload and ELS IOCB dump length (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Fix qla2x00_request_irqs() for MSI (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: fix rports not being mark as lost in sync fabric scan
     (bsc#1138039).
   - scsi: qla2xxx: Fix SRB leak on switch command timeout (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Ignore NULL pointer in tcm_qla2xxx_free_mcmd
     (bsc#1157424, bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: initialize fc4_type_priority (bsc#1143706 bsc#1082635
     bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Initialize free_work before flushing it (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: Remove an include directive (bsc#1143706 bsc#1082635
     bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Send Notify ACK after N2N PLOGI (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: qla2xxx: unregister ports after GPN_FT failure (bsc#1138039).
   - scsi: qla2xxx: Update driver version to 10.01.00.21-k (bsc#1143706
     bsc#1082635 bsc#1154526 bsc#1048942).
   - scsi: qla2xxx: Use explicit LOGO in target mode (bsc#1157424,
     bsc#1157908. bsc#1117169, bsc#1151548).
   - scsi: sd: Ignore a failure to sync cache due to lack of authorization
     (git-fixes).
   - scsi: storvsc: Add ability to change scsi queue depth (bsc#1155021).
   - scsi: zfcp: fix request object use-after-free in send path causing wrong
     traces (bsc#1051510).
   - sctp: change sctp_prot .no_autobind with true
     (networking-stable-19_10_24).
   - selftests: net: reuseport_dualstack: fix uninitalized parameter
     (networking-stable-19_11_05).
   - serial: fix kernel-doc warning in comments (bsc#1051510).
   - serial: mctrl_gpio: Check for NULL pointer (bsc#1051510).
   - serial: mxs-auart: Fix potential infinite loop (bsc#1051510).
   - serial: samsung: Enable baud clock for UART reset procedure in resume
     (bsc#1051510).
   - serial: uartlite: fix exit path null pointer (bsc#1051510).
   - serial: uartps: Fix suspend functionality (bsc#1051510).
   - signal: Properly set TRACE_SIGNAL_LOSE_INFO in __send_signal
     (bsc#1157463).
   - slcan: Fix memory leak in error path (bsc#1051510).
   - slip: Fix memory leak in slip_open error path (bsc#1051510).
   - slip: Fix use-after-free Read in slip_open (bsc#1051510).
   - smb3: fix leak in "open on server" perf counter (bsc#1144333,
     bsc#1154355).
   - smb3: fix signing verification of large reads (bsc#1144333, bsc#1154355).
   - smb3: fix unmount hang in open_shroot (bsc#1144333, bsc#1154355).
   - smb3: improve handling of share deleted (and share recreated)
     (bsc#1144333, bsc#1154355).
   - smb3: Incorrect size for netname negotiate context (bsc#1144333,
     bsc#1154355).
   - soc: imx: gpc: fix PDN delay (bsc#1051510).
   - soc: qcom: wcnss_ctrl: Avoid string overflow (bsc#1051510).
   - spi: atmel: Fix CS high support (bsc#1051510).
   - spi: atmel: fix handling of cs_change set on non-last xfer (bsc#1051510).
   - spi: fsl-lpspi: Prevent FIFO under/overrun by default (bsc#1051510).
   - spi: mediatek: Do not modify spi_transfer when transfer (bsc#1051510).
   - spi: mediatek: use correct mata->xfer_len when in fifo transfer
     (bsc#1051510).
   - spi: pic32: Use proper enum in dmaengine_prep_slave_rg (bsc#1051510).
   - spi: rockchip: initialize dma_slave_config properly (bsc#1051510).
   - spi: spidev: Fix OF tree warning logic (bsc#1051510).
   - staging: rtl8188eu: fix null dereference when kzalloc fails
     (bsc#1051510).
   - supported.conf:
   - synclink_gt(): fix compat_ioctl() (bsc#1051510).
   - tcp_nv: fix potential integer overflow in tcpnv_acked (bsc#1051510).
   - thunderbolt: Fix lockdep circular locking depedency warning (git-fixes).
   - tipc: Avoid copying bytes beyond the supplied data (bsc#1051510).
   - tipc: check bearer name with right length in
     tipc_nl_compat_bearer_enable (bsc#1051510).
   - tipc: check link name with right length in tipc_nl_compat_link_set
     (bsc#1051510).
   - tipc: check msg->req data len in tipc_nl_compat_bearer_disable
     (bsc#1051510).
   - tipc: compat: allow tipc commands without arguments (bsc#1051510).
   - tipc: fix tipc_mon_delete() oops in tipc_enable_bearer() error path
     (bsc#1051510).
   - tipc: fix wrong timeout input for tipc_wait_for_cond() (bsc#1051510).
   - tipc: handle the err returned from cmd header function (bsc#1051510).
   - tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb (bsc#1051510).
   - tipc: tipc clang warning (bsc#1051510).
   - tpm: add check after commands attribs tab allocation (bsc#1051510).
   - tracing: Get trace_array reference for available_tracers files
     (bsc#1156429).
   - tty: serial: fsl_lpuart: use the sg count from dma_map_sg (bsc#1051510).
   - tty: serial: imx: use the sg count from dma_map_sg (bsc#1051510).
   - tty: serial: msm_serial: Fix flow control (bsc#1051510).
   - tty: serial: pch_uart: correct usage of dma_unmap_sg (bsc#1051510).
   - UAS: Revert commit 3ae62a42090f ("UAS: fix alignment of scatter/gather
     segments").
   - udp: use skb_queue_empty_lockless() (networking-stable-19_11_05).
   - USB: chaoskey: fix error case of a timeout (git-fixes).
   - USB: chipidea: Fix otg event handler (bsc#1051510).
   - USB: chipidea: imx: enable OTG overcurrent in case USB subsystem is
     already started (bsc#1051510).
   - USB: dwc3: gadget: Check ENBLSLPM before sending ep command
     (bsc#1051510).
   - USB: gadget: Reject endpoints with 0 maxpacket value (bsc#1051510).
   - USB: gadget: udc: fotg210-udc: Fix a sleep-in-atomic-context bug in
     fotg210_get_status() (bsc#1051510).
   - USB: gadget: uvc: configfs: Drop leaked references to config items
     (bsc#1051510).
   - USB: gadget: uvc: configfs: Prevent format changes after linking header
     (bsc#1051510).
   - USB: gadget: uvc: Factor out video USB request queueing (bsc#1051510).
   - USB: gadget: uvc: Only halt video streaming endpoint in bulk mode
     (bsc#1051510).
   - USB: handle warm-reset port requests on hub resume (bsc#1051510).
   - USBIP: add config dependency for SGL_ALLOC (git-fixes).
   - USBip: Fix free of unallocated memory in vhci tx (git-fixes).
   - USBip: Fix vhci_urb_enqueue() URB null transfer buffer error path
     (git-fixes).
   - USBip: Implement SG support to vhci-hcd and stub driver (git-fixes).
   - USBip: tools: fix fd leakage in the function of read_attr_usbip_status
     (git-fixes).
   - USB: misc: appledisplay: fix backlight update_status return code
     (bsc#1051510).
   - usb-serial: cp201x: support Mark-10 digital force gauge (bsc#1051510).
   - USB: serial: mos7720: fix remote wakeup (git-fixes).
   - USB: serial: mos7840: add USB ID to support Moxa UPort 2210
     (bsc#1051510).
   - USB: serial: mos7840: fix remote wakeup (git-fixes).
   - USB: serial: option: add support for DW5821e with eSIM support
     (bsc#1051510).
   - USB: serial: option: add support for Foxconn T77W968 LTE modules
     (bsc#1051510).
   - USB: serial: whiteheat: fix line-speed endianness (bsc#1051510).
   - usb-storage: Revert commit 747668dbc061 ("usb-storage: Set
     virt_boundary_mask to avoid SG overflows") (bsc#1051510).
   - USB: xhci-mtk: fix ISOC error when interval is zero (bsc#1051510).
   - vfio-ccw: Fix misleading comment when setting orb.cmd.c64 (bsc#1051510).
   - vfio: ccw: push down unsupported IDA check (bsc#1156471 LTC#182362).
   - vfio-ccw: Set pa_nr to 0 if memory allocation fails for pa_iova_pfn
     (bsc#1051510).
   - video/hdmi: Fix AVI bar unpack (git-fixes).
   - virtio_console: allocate inbufs in add_port() only if it is needed
     (git-fixes).
   - virtio_ring: fix return code on DMA mapping fails (git-fixes).
   - virtio/s390: fix race on airq_areas (bsc#1051510).
   - vmxnet3: turn off lro when rxcsum is disabled (bsc#1157499).
   - vsock/virtio: fix sock refcnt holding during the shutdown (git-fixes).
   - watchdog: meson: Fix the wrong value of left time (bsc#1051510).
   - x86/alternatives: Add int3_emulate_call() selftest (bsc#1153811).
   - x86/alternatives: Fix int3_emulate_call() selftest stack corruption
     (bsc#1153811).
   - x86/mm/pkeys: Fix typo in Documentation/x86/protection-keys.txt
     (bsc#1078248).
   - x86/pkeys: Update documentation about availability (bsc#1078248).
   - x86/resctrl: Fix potential lockdep warning (bsc#1114279).
   - x86/resctrl: Prevent NULL pointer dereference when reading mondata
     (bsc#1114279).
   - x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
     (bsc#1158068).
   - xfrm: fix sa selector validation (bsc#1156609).
   - xfrm: Fix xfrm sel prefix length validation (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Public Cloud 15:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-2019-3289=1



Package List:

   - SUSE Linux Enterprise Module for Public Cloud 15 (noarch):

      kernel-devel-azure-4.12.14-5.47.1
      kernel-source-azure-4.12.14-5.47.1

   - SUSE Linux Enterprise Module for Public Cloud 15 (x86_64):

      kernel-azure-4.12.14-5.47.1
      kernel-azure-base-4.12.14-5.47.1
      kernel-azure-base-debuginfo-4.12.14-5.47.1
      kernel-azure-debuginfo-4.12.14-5.47.1
      kernel-azure-devel-4.12.14-5.47.1
      kernel-syms-azure-4.12.14-5.47.1


References:

   https://www.suse.com/security/cve/CVE-2019-0154.html
   https://www.suse.com/security/cve/CVE-2019-0155.html
   https://www.suse.com/security/cve/CVE-2019-14895.html
   https://www.suse.com/security/cve/CVE-2019-14901.html
   https://www.suse.com/security/cve/CVE-2019-15916.html
   https://www.suse.com/security/cve/CVE-2019-16231.html
   https://www.suse.com/security/cve/CVE-2019-18660.html
   https://www.suse.com/security/cve/CVE-2019-18683.html
   https://www.suse.com/security/cve/CVE-2019-18809.html
   https://www.suse.com/security/cve/CVE-2019-19049.html
   https://www.suse.com/security/cve/CVE-2019-19052.html
   https://www.suse.com/security/cve/CVE-2019-19056.html
   https://www.suse.com/security/cve/CVE-2019-19057.html
   https://www.suse.com/security/cve/CVE-2019-19058.html
   https://www.suse.com/security/cve/CVE-2019-19060.html
   https://www.suse.com/security/cve/CVE-2019-19062.html
   https://www.suse.com/security/cve/CVE-2019-19063.html
   https://www.suse.com/security/cve/CVE-2019-19065.html
   https://www.suse.com/security/cve/CVE-2019-19067.html
   https://www.suse.com/security/cve/CVE-2019-19068.html
   https://www.suse.com/security/cve/CVE-2019-19073.html
   https://www.suse.com/security/cve/CVE-2019-19074.html
   https://www.suse.com/security/cve/CVE-2019-19075.html
   https://www.suse.com/security/cve/CVE-2019-19077.html
   https://www.suse.com/security/cve/CVE-2019-19227.html
   https://www.suse.com/security/cve/CVE-2019-19524.html
   https://www.suse.com/security/cve/CVE-2019-19525.html
   https://www.suse.com/security/cve/CVE-2019-19528.html
   https://www.suse.com/security/cve/CVE-2019-19529.html
   https://www.suse.com/security/cve/CVE-2019-19530.html
   https://www.suse.com/security/cve/CVE-2019-19531.html
   https://www.suse.com/security/cve/CVE-2019-19534.html
   https://www.suse.com/security/cve/CVE-2019-19536.html
   https://www.suse.com/security/cve/CVE-2019-19543.html
   https://bugzilla.suse.com/1048942
   https://bugzilla.suse.com/1051510
   https://bugzilla.suse.com/1071995
   https://bugzilla.suse.com/1078248
   https://bugzilla.suse.com/1082635
   https://bugzilla.suse.com/1089644
   https://bugzilla.suse.com/1091041
   https://bugzilla.suse.com/1108043
   https://bugzilla.suse.com/1113722
   https://bugzilla.suse.com/1114279
   https://bugzilla.suse.com/1117169
   https://bugzilla.suse.com/1120853
   https://bugzilla.suse.com/1131107
   https://bugzilla.suse.com/1135966
   https://bugzilla.suse.com/1135967
   https://bugzilla.suse.com/1138039
   https://bugzilla.suse.com/1140948
   https://bugzilla.suse.com/1141054
   https://bugzilla.suse.com/1142095
   https://bugzilla.suse.com/1143706
   https://bugzilla.suse.com/1144333
   https://bugzilla.suse.com/1149448
   https://bugzilla.suse.com/1150466
   https://bugzilla.suse.com/1151548
   https://bugzilla.suse.com/1151900
   https://bugzilla.suse.com/1153628
   https://bugzilla.suse.com/1153811
   https://bugzilla.suse.com/1154043
   https://bugzilla.suse.com/1154058
   https://bugzilla.suse.com/1154124
   https://bugzilla.suse.com/1154355
   https://bugzilla.suse.com/1154526
   https://bugzilla.suse.com/1155021
   https://bugzilla.suse.com/1155689
   https://bugzilla.suse.com/1155897
   https://bugzilla.suse.com/1155921
   https://bugzilla.suse.com/1156258
   https://bugzilla.suse.com/1156429
   https://bugzilla.suse.com/1156466
   https://bugzilla.suse.com/1156471
   https://bugzilla.suse.com/1156494
   https://bugzilla.suse.com/1156609
   https://bugzilla.suse.com/1156700
   https://bugzilla.suse.com/1156729
   https://bugzilla.suse.com/1156882
   https://bugzilla.suse.com/1157038
   https://bugzilla.suse.com/1157042
   https://bugzilla.suse.com/1157070
   https://bugzilla.suse.com/1157143
   https://bugzilla.suse.com/1157145
   https://bugzilla.suse.com/1157158
   https://bugzilla.suse.com/1157162
   https://bugzilla.suse.com/1157171
   https://bugzilla.suse.com/1157173
   https://bugzilla.suse.com/1157178
   https://bugzilla.suse.com/1157180
   https://bugzilla.suse.com/1157182
   https://bugzilla.suse.com/1157183
   https://bugzilla.suse.com/1157184
   https://bugzilla.suse.com/1157191
   https://bugzilla.suse.com/1157193
   https://bugzilla.suse.com/1157197
   https://bugzilla.suse.com/1157298
   https://bugzilla.suse.com/1157307
   https://bugzilla.suse.com/1157324
   https://bugzilla.suse.com/1157333
   https://bugzilla.suse.com/1157424
   https://bugzilla.suse.com/1157463
   https://bugzilla.suse.com/1157499
   https://bugzilla.suse.com/1157678
   https://bugzilla.suse.com/1157698
   https://bugzilla.suse.com/1157778
   https://bugzilla.suse.com/1157908
   https://bugzilla.suse.com/1158049
   https://bugzilla.suse.com/1158063
   https://bugzilla.suse.com/1158064
   https://bugzilla.suse.com/1158065
   https://bugzilla.suse.com/1158066
   https://bugzilla.suse.com/1158067
   https://bugzilla.suse.com/1158068
   https://bugzilla.suse.com/1158082
   https://bugzilla.suse.com/1158381
   https://bugzilla.suse.com/1158394
   https://bugzilla.suse.com/1158398
   https://bugzilla.suse.com/1158407
   https://bugzilla.suse.com/1158410
   https://bugzilla.suse.com/1158413
   https://bugzilla.suse.com/1158417
   https://bugzilla.suse.com/1158427
   https://bugzilla.suse.com/1158445



More information about the sle-security-updates mailing list