SUSE-SU-2020:2631-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Sep 14 16:16:27 MDT 2020


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:2631-1
Rating:             important
References:         #1065729 #1071995 #1074701 #1083548 #1085030 
                    #1085235 #1085308 #1087078 #1100394 #1102640 
                    #1105412 #1111666 #1112178 #1113956 #1120163 
                    #1133021 #1144333 #1169790 #1171688 #1172108 
                    #1172247 #1172418 #1172428 #1172781 #1172782 
                    #1172783 #1172871 #1172872 #1172963 #1173485 
                    #1173798 #1173954 #1174003 #1174026 #1174070 
                    #1174161 #1174205 #1174247 #1174298 #1174299 
                    #1174387 #1174484 #1174547 #1174549 #1174550 
                    #1174625 #1174658 #1174685 #1174689 #1174699 
                    #1174734 #1174757 #1174771 #1174840 #1174841 
                    #1174843 #1174844 #1174845 #1174852 #1174873 
                    #1174887 #1174904 #1174926 #1174968 #1175062 
                    #1175063 #1175064 #1175065 #1175066 #1175067 
                    #1175112 #1175127 #1175128 #1175149 #1175199 
                    #1175213 #1175228 #1175232 #1175284 #1175393 
                    #1175394 #1175396 #1175397 #1175398 #1175399 
                    #1175400 #1175401 #1175402 #1175403 #1175404 
                    #1175405 #1175406 #1175407 #1175408 #1175409 
                    #1175410 #1175411 #1175412 #1175413 #1175414 
                    #1175415 #1175416 #1175417 #1175418 #1175419 
                    #1175420 #1175421 #1175422 #1175423 #1175440 
                    #1175493 #1175515 #1175518 #1175526 #1175550 
                    #1175654 #1175666 #1175668 #1175669 #1175670 
                    #1175767 #1175768 #1175769 #1175770 #1175771 
                    #1175772 #1175786 #1175873 #1175992 
Cross-References:   CVE-2020-14314 CVE-2020-14331 CVE-2020-14356
                    CVE-2020-16166 CVE-2020-24394
Affected Products:
                    SUSE Linux Enterprise Module for Realtime 15-SP1
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 124 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 15 SP1 realtime kernel was updated to receive
   various security and bugfixes.


   The following security bugs were fixed:

   - CVE-2020-14314: Fixed a potential negative array index in do_split()
     (bsc#1173798).
   - CVE-2020-14356: Fixed a null pointer dereference in cgroupv2 subsystem
     which could have led to privilege escalation (bsc#1175213).
   - CVE-2020-14331: Fixed a missing check in vgacon scrollback handling
     (bsc#1174205).
   - CVE-2020-16166: Fixed a potential issue which could have allowed remote
     attackers to make observations that help to obtain sensitive information
     about the internal state of the network RNG (bsc#1174757).
   - CVE-2020-24394: Fixed an issue which could set incorrect permissions on
     new filesystem objects when the filesystem lacks ACL support
     (bsc#1175518).

   The following non-security bugs were fixed:

   - af_key: pfkey_dump needs parameter validation (git-fixes).
   - agp/intel: Fix a memory leak on module initialisation failure
     (git-fixes).
   - ACPI: kABI fixes for subsys exports (bsc#1174968).
   - ACPI / LPSS: Resume BYT/CHT I2C controllers from resume_noirq
     (bsc#1174968).
   - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for
     hibernate (bsc#1174968).
   - ACPI: PM: Introduce "poweroff" callbacks for ACPI PM domain and LPSS
     (bsc#1174968).
   - ACPI: PM: Simplify and fix PM domain hibernation callbacks (bsc#1174968).
   - ALSA: core: pcm_iec958: fix kernel-doc (bsc#1111666).
   - ALSA: echoaduio: Drop superfluous volatile modifier (bsc#1111666).
   - ALSA: echoaudio: Fix potential Oops in snd_echo_resume() (bsc#1111666).
   - ALSA: hda: Add support for Loongson 7A1000 controller (bsc#1111666).
   - ALSA: hda/ca0132 - Add new quirk ID for Recon3D (bsc#1111666).
   - ALSA: hda/ca0132 - Fix AE-5 microphone selection commands (bsc#1111666).
   - ALSA: hda/ca0132 - Fix ZxR Headphone gain control get value
     (bsc#1111666).
   - ALSA: hda: fix NULL pointer dereference during suspend (git-fixes).
   - ALSA: hda: fix snd_hda_codec_cleanup() documentation (bsc#1111666).
   - ALSA: hda - fix the micmute led status for Lenovo ThinkCentre AIO
     (bsc#1111666).
   - ALSA: hda/realtek: Add alc269/alc662 pin-tables for Loongson-3 laptops
     (bsc#1111666).
   - ALSA: hda/realtek: Add model alc298-samsung-headphone (git-fixes).
   - ALSA: hda/realtek: Add mute LED and micmute LED support for HP systems
     (bsc#1111666).
   - ALSA: hda/realtek - Add quirk for Lenovo Carbon X1 8th gen (bsc#1111666).
   - ALSA: hda/realtek - Add quirk for MSI GE63 laptop (bsc#1111666).
   - ALSA: hda/realtek - Add quirk for MSI GL63 (bsc#1111666).
   - ALSA: hda/realtek: Add quirk for Samsung Galaxy Book Ion (git-fixes).
   - ALSA: hda/realtek: Add quirk for Samsung Galaxy Flex Book (git-fixes).
   - ALSA: hda/realtek - change to suitable link model for ASUS platform
     (bsc#1111666).
   - ALSA: hda/realtek - Check headset type by unplug and resume
     (bsc#1111666).
   - ALSA: hda/realtek - Enable audio jacks of Acer vCopperbox with ALC269VC
     (bsc#1111666).
   - ALSA: hda/realtek: Enable headset mic of Acer C20-820 with ALC269VC
     (bsc#1111666).
   - ALSA: hda/realtek: Enable headset mic of Acer TravelMate B311R-31 with
     ALC256 (bsc#1111666).
   - ALSA: hda/realtek: Enable headset mic of Acer Veriton N4660G with
     ALC269VC (bsc#1111666).
   - ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G14(G401)
     series with ALC289 (bsc#1111666).
   - ALSA: hda/realtek: enable headset mic of ASUS ROG Zephyrus G15(GA502)
     series with ALC289 (bsc#1111666).
   - ALSA: hda/realtek - Enable Speaker for ASUS UX563 (bsc#1111666).
   - ALSA: hda/realtek: Fix add a "ultra_low_power" function for intel
     reference board (alc256) (bsc#1111666).
   - ALSA: hda/realtek: Fixed ALC298 sound bug by adding quirk for Samsung
     Notebook Pen S (bsc#1111666).
   - ALSA: hda/realtek - Fixed HP right speaker no sound (bsc#1111666).
   - ALSA: hda/realtek - Fix Lenovo Thinkpad X1 Carbon 7th quirk subdevice id
     (bsc#1111666).
   - ALSA: hda/realtek: Fix pin default on Intel NUC 8 Rugged (bsc#1111666).
   - ALSA: hda/realtek - Fix unused variable warning (bsc#1111666).
   - ALSA: hda/realtek: typo_fix: enable headset mic of ASUS ROG Zephyrus
     G14(GA401) series with ALC289 (bsc#1111666).
   - ALSA: hda - reverse the setting value in the micmute_led_set
     (bsc#1111666).
   - ALSA: hda: Workaround for spurious wakeups on some Intel platforms
     (git-fixes).
   - ALSA: pci: delete repeated words in comments (bsc#1111666).
   - ALSA: seq: oss: Serialize ioctls (bsc#1111666).
   - ALSA: usb-audio: Add capture support for Saffire 6 (USB 1.1) (git-fixes).
   - ALSA: usb-audio: add quirk for Pioneer DDJ-RB (bsc#1111666).
   - ALSA: usb-audio: add startech usb audio dock name (bsc#1111666).
   - ALSA: usb-audio: Add support for Lenovo ThinkStation P620 (bsc#1111666).
   - ALSA: usb-audio: Creative USB X-Fi Pro SB1095 volume knob support
     (bsc#1111666).
   - ALSA: usb-audio: Disable Lenovo P620 Rear line-in volume control
     (bsc#1111666).
   - ALSA: usb-audio: endpoint : remove needless check before
     usb_free_coherent() (bsc#1111666).
   - ALSA: usb-audio: fix overeager device match for MacroSilicon MS2109
     (bsc#1174625).
   - ALSA: usb-audio: fix spelling mistake "buss" -> "bus" (bsc#1111666).
   - ALSA: usb-audio: ignore broken processing/extension unit (git-fixes).
   - ALSA: usb-audio: Update documentation comment for MS2109 quirk
     (git-fixes).
   - ALSA: usb-audio: work around streaming quirk for MacroSilicon MS2109
     (bsc#1111666).
   - ALSA: usb/line6: remove 'defined but not used' warning (bsc#1111666).
   - arm64: Add MIDR encoding for HiSilicon Taishan CPUs (bsc#1174547).
   - arm64: Add MIDR encoding for NVIDIA CPUs (bsc#1174547).
   - arm64: add sysfs vulnerability show for meltdown (bsc#1174547).
   - arm64: Add sysfs vulnerability show for spectre-v1 (bsc#1174547).
   - arm64: add sysfs vulnerability show for spectre-v2 (bsc#1174547).
   - arm64: add sysfs vulnerability show for speculative store bypass
     (bsc#1174547).
   - arm64: Advertise mitigation of Spectre-v2, or lack thereof (bsc#1174547).
   - arm64: Always enable spectre-v2 vulnerability detection (bsc#1174547).
   - arm64: Always enable ssb vulnerability detection (bsc#1174547).
   - arm64: backtrace: Do not bother trying to unwind the userspace stack
     (bsc#1175397).
   - arm64: capabilities: Add NVIDIA Denver CPU to bp_harden list
     (bsc#1174547).
   - arm64: capabilities: Merge duplicate Cavium erratum entries
     (bsc#1174547).
   - arm64: capabilities: Merge entries for ARM64_WORKAROUND_CLEAN_CACHE
     (bsc#1174547).
   - arm64: cpufeature: Enable Qualcomm Falkor/Kryo errata 1003 (bsc#1175398).
   - arm64: Do not mask out PTE_RDONLY in pte_same() (bsc#1175393).
   - arm64: enable generic CPU vulnerabilites support (bsc#1174547).
   - arm64: Ensure VM_WRITE|VM_SHARED ptes are clean by default (bsc#1175394).
   - arm64: errata: Do not define type field twice for arm64_errata entries
     (bsc#1174547).
   - arm64: errata: Update stale comment (bsc#1174547).
   - arm64: Get rid of __smccc_workaround_1_hvc_* (bsc#1174547).
   - arm64: kpti: Avoid rewriting early page tables when KASLR is enabled
     (bsc#1174547).
   - arm64: kpti: Update arm64_kernel_use_ng_mappings() when forced on
     (bsc#1174547).
   - arm64: kpti: Whitelist Cortex-A CPUs that do not implement the CSV3
     field (bsc#1174547).
   - arm64: kpti: Whitelist HiSilicon Taishan v110 CPUs (bsc#1174547).
   - arm64: KVM: Avoid setting the upper 32 bits of VTCR_EL2 to 1
     (bsc#1133021).
   - arm64: KVM: Guests can skip __install_bp_hardening_cb()s HYP work
     (bsc#1174547).
   - arm64: KVM: Use SMCCC_ARCH_WORKAROUND_1 for Falkor BP hardening
     (bsc#1174547).
   - arm64: mm: Fix pte_mkclean, pte_mkdirty semantics (bsc#1175526).
   - arm64: Provide a command line to disable spectre_v2 mitigation
     (bsc#1174547).
   - arm64: Silence clang warning on mismatched value/register sizes
     (bsc#1175396).
   - arm64/speculation: Support 'mitigations=' cmdline option (bsc#1174547).
   - arm64: ssbs: Do not treat CPUs with SSBS as unaffected by SSB
     (bsc#1174547).
   - arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
     (bsc#1175669).
   - arm64/sve: Fix wrong free for task->thread.sve_state (bsc#1175400).
   - arm64: tlbflush: avoid writing RES0 bits (bsc#1175402).
   - arm64: Use firmware to detect CPUs that are not affected by Spectre-v2
     (bsc#1174547).
   - ARM: KVM: invalidate BTB on guest exit for Cortex-A12/A17 (bsc#1133021).
   - ARM: KVM: invalidate icache on guest exit for Cortex-A15 (bsc#1133021).
   - ARM: spectre-v2: KVM: invalidate icache on guest exit for Brahma B15
     (bsc#1133021).
   - ASoC: hda/tegra: Set buffer alignment to 128 bytes (bsc#1111666).
   - ASoC: intel: Fix memleak in sst_media_open (git-fixes).
   - ASoC: rt5670: Correct RT5670_LDO_SEL_MASK (git-fixes).
   - AX.25: Fix out-of-bounds read in ax25_connect() (git-fixes).
   - AX.25: Prevent integer overflows in connect and sendmsg (git-fixes).
   - AX.25: Prevent out-of-bounds read in ax25_sendmsg() (git-fixes).
   - ax88172a: fix ax88172a_unbind() failures (git-fixes).
   - b43: Remove uninitialized_var() usage (git-fixes).
   - block: Fix use-after-free in blkdev_get() (bsc#1174843).
   - Bluetooth: Fix slab-out-of-bounds read in
     hci_extended_inquiry_result_evt() (bsc#1111666).
   - Bluetooth: Fix update of connection state in `hci_encrypt_cfm`
     (git-fixes).
   - Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_evt()
     (bsc#1111666).
   - Bluetooth: Prevent out-of-bounds read in
     hci_inquiry_result_with_rssi_evt() (bsc#1111666).
   - bonding: fix active-backup failover for current ARP slave (bsc#1174771).
   - bonding: fix a potential double-unregister (git-fixes).
   - bonding: show saner speed for broadcast mode (git-fixes).
   - bpf: Fix map leak in HASH_OF_MAPS map (git-fixes).
   - brcmfmac: keep SDIO watchdog running when console_interval is non-zero
     (bsc#1111666).
   - brcmfmac: set state of hanger slot to FREE when flushing PSQ
     (bsc#1111666).
   - brcmfmac: To fix Bss Info flag definition Bug (bsc#1111666).
   - btrfs: change timing for qgroup reserved space for ordered extents to
     fix reserved space leak (bsc#1172247).
   - btrfs: file: reserve qgroup space after the hole punch range is locked
     (bsc#1172247).
   - btrfs: fix a block group ref counter leak after failure to remove block
     group (bsc#1175149).
   - btrfs: fix block group leak when removing fails (bsc#1175149).
   - btrfs: fix bytes_may_use underflow when running balance and scrub in
     parallel (bsc#1175149).
   - btrfs: fix corrupt log due to concurrent fsync of inodes with shared
     extents (bsc#1175149).
   - btrfs: fix data block group relocation failure due to concurrent scrub
     (bsc#1175149).
   - btrfs: fix double free on ulist after backref resolution failure
     (bsc#1175149).
   - btrfs: fix fatal extent_buffer readahead vs releasepage race
     (bsc#1175149).
   - btrfs: fix memory leaks after failure to lookup checksums during inode
     logging (bsc#1175550).
   - btrfs: fix page leaks after failure to lock page for delalloc
     (bsc#1175149).
   - btrfs: fix race between block group removal and block group creation
     (bsc#1175149).
   - btrfs: fix space_info bytes_may_use underflow after nocow buffered write
     (bsc#1175149).
   - btrfs: fix space_info bytes_may_use underflow during space cache
     writeout (bsc#1175149).
   - btrfs: fix wrong file range cleanup after an error filling dealloc range
     (bsc#1175149).
   - btrfs: inode: fix NULL pointer dereference if inode does not need
     compression (bsc#1174484).
   - btrfs: inode: move qgroup reserved space release to the callers of
     insert_reserved_file_extent() (bsc#1172247).
   - btrfs: inode: refactor the parameters of insert_reserved_file_extent()
     (bsc#1172247).
   - btrfs: make btrfs_ordered_extent naming consistent with
     btrfs_file_extent_item (bsc#1172247).
   - btrfs: Open code btrfs_write_and_wait_marked_extents (bsc#1175149).
   - btrfs: qgroup: allow to unreserve range without releasing other ranges
     (bsc#1120163).
   - btrfs: qgroup: fix data leak caused by race between writeback and
     truncate (bsc#1172247).
   - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve
     retry-after-EDQUOT (bsc#1120163).
   - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT
     (bsc#1120163).
   - btrfs: Rename and export clear_btree_io_tree (bsc#1175149).
   - btrfs: treat RWF_{,D}SYNC writes as sync for CRCs (bsc#1175493).
   - bus: hisi_lpc: Add .remove method to avoid driver unbind crash
     (bsc#1174658).
   - bus: hisi_lpc: Do not fail probe for unrecognised child devices
     (bsc#1174658).
   - bus: hisi_lpc: Unregister logical PIO range to avoid potential
     use-after-free (bsc#1174658).
   - cdc-acm: Add DISABLE_ECHO quirk for Microchip/SMSC chip (git-fixes).
   - cfg80211: check vendor command doit pointer before use (git-fixes).
   - cifs: document and cleanup dfs mount (bsc#1144333 bsc#1172428).
   - cifs: Fix an error pointer dereference in cifs_mount() (bsc#1144333
     bsc#1172428).
   - cifs: fix double free error on share and prefix (bsc#1144333
     bsc#1172428).
   - cifs: handle empty list of targets in cifs_reconnect() (bsc#1144333
     bsc#1172428).
   - cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect
     (bsc#1144333 bsc#1172428).
   - cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect()
     (bsc#1144333 bsc#1172428).
   - cifs: only update prefix path of DFS links in cifs_tree_connect()
     (bsc#1144333 bsc#1172428).
   - cifs: reduce number of referral requests in DFS link lookups
     (bsc#1144333 bsc#1172428).
   - cifs: rename reconn_inval_dfs_target() (bsc#1144333 bsc#1172428).
   - clk: at91: clk-generated: check best_rate against ranges (bsc#1111666).
   - clk: clk-atlas6: fix return value check in atlas6_clk_init()
     (bsc#1111666).
   - clk: iproc: round clock rate to the closest (bsc#1111666).
   - clk: spear: Remove uninitialized_var() usage (git-fixes).
   - clk: st: Remove uninitialized_var() usage (git-fixes).
   - config: arm64: enable CONFIG_IOMMU_DEFAULT_PASSTHROUGH References:
     bsc#1174549
   - console: newport_con: fix an issue about leak related system resources
     (git-fixes).
   - crypto: ccp - Fix use of merged scatterlists (git-fixes).
   - crypto: cpt - do not sleep of CRYPTO_TFM_REQ_MAY_SLEEP was not specified
     (git-fixes).
   - crypto: qat - fix double free in qat_uclo_create_batch_init_list
     (git-fixes).
   - crypto: rockchip - fix scatterlist nents error (git-fixes).
   - crypto: stm32/crc32 - fix ext4 chksum BUG_ON() (git-fixes).
   - crypto: talitos - check AES key size (git-fixes).
   - crypto: talitos - fix ablkcipher for CONFIG_VMAP_STACK (git-fixes).
   - crypto: virtio: Fix src/dst scatterlist calculation in
     __virtio_crypto_skcipher_do_req() (git-fixes).
   - dev: Defer free of skbs in flush_backlog (git-fixes).
   - devres: keep both device name and resource name in pretty name
     (git-fixes).
   - dlm: Fix kobject memleak (bsc#1175768).
   - dlm: remove BUG() before panic() (bsc#1174844).
   - dmaengine: fsl-edma: Fix NULL pointer exception in fsl_edma_tx_handler
     (git-fixes).
   - Documentation/networking: Add net DIM documentation (bsc#1174852).
   - dpaa2-eth: Fix passing zero to 'PTR_ERR' warning (bsc#1175403).
   - dpaa2-eth: free already allocated channels on probe defer (bsc#1175404).
   - dpaa2-eth: prevent array underflow in update_cls_rule() (bsc#1175405).
   - dpaa_eth: add dropped frames to percpu ethtool stats (bsc#1174550).
   - dpaa_eth: add newline in dev_err() msg (bsc#1174550).
   - dpaa_eth: avoid timestamp read on error paths (bsc#1175406).
   - dpaa_eth: change DMA device (bsc#1174550).
   - dpaa_eth: cleanup skb_to_contig_fd() (bsc#1174550).
   - dpaa_eth: defer probing after qbman (bsc#1174550).
   - dpaa_eth: extend delays in ndo_stop (bsc#1174550).
   - dpaa_eth: fix DMA mapping leak (bsc#1174550).
   - dpaa_eth: Fix one possible memleak in dpaa_eth_probe (bsc#1174550).
   - dpaa_eth: FMan erratum A050385 workaround (bsc#1174550).
   - dpaa_eth: perform DMA unmapping before read (bsc#1175407).
   - dpaa_eth: register a device link for the qman portal used (bsc#1174550).
   - dpaa_eth: remove netdev_err() for user errors (bsc#1174550).
   - dpaa_eth: remove redundant code (bsc#1174550).
   - dpaa_eth: simplify variables used in dpaa_cleanup_tx_fd() (bsc#1174550).
   - dpaa_eth: use a page to store the SGT (bsc#1174550).
   - dpaa_eth: use fd information in dpaa_cleanup_tx_fd() (bsc#1174550).
   - dpaa_eth: use only one buffer pool per interface (bsc#1174550).
   - dpaa_eth: use page backed rx buffers (bsc#1174550).
   - driver core: Avoid binding drivers to dead devices (git-fixes).
   - Drivers: hv: vmbus: Fix virt_to_hvpfn() for X86_PAE (git-fixes).
   - Drivers: hv: vmbus: Only notify Hyper-V for die events that are oops
     (bsc#1175127, bsc#1175128).
   - drivers/perf: hisi: Fix typo in events attribute array (bsc#1175408).
   - drivers/perf: hisi: Fixup one DDRC PMU register offset (bsc#1175410).
   - drivers/perf: hisi: Fix wrong value for all counters enable
     (bsc#1175409).
   - drm: Added orientation quirk for ASUS tablet model T103HAF (bsc#1111666).
   - drm/amd/display: fix pow() crashing when given base 0 (git-fixes).
   - drm/amdgpu: avoid dereferencing a NULL pointer (bsc#1111666).
   - drm/amdgpu: Fix bug where DPM is not enabled after hibernate and resume
     (bsc#1111666).
   - drm/amdgpu: Fix NULL dereference in dpm sysfs handlers (bsc#1113956)
   - drm/amdgpu: Prevent kernel-infoleak in amdgpu_info_ioctl() (git-fixes).
   - drm/amdgpu: Replace invalid device ID with a valid device ID
     (bsc#1113956)
   - drm/arm: fix unintentional integer overflow on left shift (git-fixes).
   - drm/bridge: dw-hdmi: Do not cleanup i2c adapter and ddc ptr in
     (bsc#1113956)
   - drm/bridge: sil_sii8620: initialize return of sii8620_readb (git-fixes).
   - drm/dbi: Fix SPI Type 1 (9-bit) transfer (bsc#1113956)
   - drm/debugfs: fix plain echo to connector "force" attribute (bsc#1111666).
   - drm/etnaviv: Fix error path on failure to enable bus clk (git-fixes).
   - drm/etnaviv: fix ref count leak via pm_runtime_get_sync (bsc#1111666).
   - drm: fix drm_dp_mst_port refcount leaks in drm_dp_mst_allocate_vcpi
     (bsc#1112178)
   - drm: hold gem reference until object is no longer accessed (bsc#1113956)
   - drm/imx: fix use after free (git-fixes).
   - drm/imx: imx-ldb: Disable both channels for split mode in enc->disable()
     (git-fixes).
   - drm/imx: tve: fix regulator_disable error path (git-fixes).
   - drm/mipi: use dcs write for mipi_dsi_dcs_set_tear_scanline (git-fixes).
   - drm/msm: ratelimit crtc event overflow error (bsc#1111666).
   - drm/nouveau/fbcon: fix module unload when fbcon init has failed for some
     reason (git-fixes).
   - drm/nouveau/fbcon: zero-initialise the mode_cmd2 structure (git-fixes).
   - drm/nouveau: fix multiple instances of reference count leaks
     (bsc#1111666).
   - drm/panel: otm8009a: Drop unnessary backlight_device_unregister()
     (git-fixes).
   - drm: panel: simple: Fix bpc for LG LB070WV8 panel (git-fixes).
   - drm/radeon: disable AGP by default (bsc#1111666).
   - drm/radeon: fix array out-of-bounds read and write issues (git-fixes).
   - drm/radeon: Fix reference count leaks caused by pm_runtime_get_sync
     (bsc#1111666).
   - drm/rockchip: fix VOP_WIN_GET macro (bsc#1175411).
   - drm/ttm/nouveau: do not call tt destroy callback on alloc failure
     (bsc#1175232).
   - drm/vmwgfx: Fix two list_for_each loop exit tests (bsc#1111666).
   - drm/vmwgfx: Use correct vmw_legacy_display_unit pointer (bsc#1111666).
   - efi/memreserve: deal with memreserve entries in unmapped memory
     (bsc#1174685).
   - ext4: check journal inode extents more carefully (bsc#1173485).
   - ext4: do not allow overlapping system zones (bsc#1173485).
   - ext4: fix checking of directory entry validity for inline directories
     (bsc#1175771).
   - ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max (bsc#1174840).
   - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485).
   - fat: do not allow to mount if the FAT length == 0 (bsc#1174845).
   - fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
     (bsc#1112178)
   - firmware: google: check if size is valid when decoding VPD data
     (git-fixes).
   - firmware: google: increment VPD key_len properly (git-fixes).
   - fpga: dfl: fix bug in port reset handshake (git-fixes).
   - fsl/fman: add API to get the device behind a fman port (bsc#1174550).
   - fsl/fman: detect FMan erratum A050385 (bsc#1174550).
   - fsl/fman: do not touch liodn base regs reserved on non-PAMU SoCs
     (bsc#1174550).
   - fsl/fman: remove unused struct member (bsc#1174550).
   - fuse: fix memleak in cuse_channel_open (bsc#1174926).
   - fuse: fix missing unlock_page in fuse_writepage() (bsc#1174904).
   - fuse: Fix parameter for FS_IOC_{GET,SET}FLAGS (bsc#1175062).
   - fuse: fix weird page warning (bsc#1175063).
   - fuse: flush dirty data/metadata before non-truncate setattr
     (bsc#1175064).
   - fuse: truncate pending writes on O_TRUNC (bsc#1175065).
   - fuse: verify attributes (bsc#1175066).
   - fuse: verify nlink (bsc#1175067).
   - genetlink: remove genl_bind (networking-stable-20_07_17).
   - go7007: add sanity checking for endpoints (git-fixes).
   - gpu: host1x: debug: Fix multiple channels emitting messages
     simultaneously (bsc#1111666).
   - HID: hiddev: fix mess in hiddev_open() (git-fixes).
   - HISI LPC: Re-Add ACPI child enumeration support (bsc#1174658).
   - HISI LPC: Stop using MFD APIs (bsc#1174658).
   - hv_netvsc: do not use VF device if link is down (git-fixes).
   - hv_netvsc: Fix error handling in netvsc_attach() (git-fixes).
   - hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback()
     (git-fixes).
   - hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() (git-fixes).
   - hv_netvsc: Fix unwanted wakeup in netvsc_attach() (git-fixes).
   - hv_netvsc: Remove "unlikely" from netvsc_select_queue (git-fixes).
   - i2c: rcar: slave: only send STOP event when we have been addressed
     (bsc#1111666).
   - i40e: Fix crash during removing i40e driver (git-fixes).
   - i40e: Set RX_ONLY mode for unicast promiscuous on VLAN (git-fixes).
   - ibmveth: Fix use of ibmveth in a bridge (bsc#1174387 ltc#187506).
   - ibmvnic: Fix IRQ mapping disposal in error path (bsc#1175112 ltc#187459).
   - ibmvnic fix NULL tx_pools and rx_tools issue at do_reset (bsc#1175873
     ltc#187922).
   - include/linux/poison.h: remove obsolete comment (git fixes (poison)).
   - Input: psmouse - add a newline when printing 'proto' by sysfs
     (git-fixes).
   - Input: sentelic - fix error return when fsp_reg_write fails
     (bsc#1111666).
   - integrity: remove redundant initialization of variable ret (git-fixes).
   - io-mapping: indicate mapping failure (git-fixes).
   - ip6_gre: fix null-ptr-deref in ip6gre_init_net() (git-fixes).
   - ip6_gre: fix use-after-free in ip6gre_tunnel_lookup()
     (networking-stable-20_06_28).
   - ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
     (bsc#1175515).
   - ip_tunnel: allow not to count pkts on tstats by setting skb's dev to
     NULL (bsc#1175515).
   - ip_tunnel: Emit events for post-register MTU changes (git-fixes).
   - ip_tunnel: fix use-after-free in ip_tunnel_lookup()
     (networking-stable-20_06_28).
   - ip_tunnel: restore binding to ifaces with a large mtu (git-fixes).
   - ipv4: fill fl4_icmp_{type,code} in ping_v4_sendmsg
     (networking-stable-20_07_17).
   - ipv4: Silence suspicious RCU usage warning (git-fixes).
   - ipv6: fix memory leaks on IPV6_ADDRFORM path (git-fixes).
   - ipvlan: fix device features (git-fixes).
   - ipvs: allow connection reuse for unconfirmed conntrack (git-fixes).
   - ipvs: fix refcount usage for conns in ops mode (git-fixes).
   - ipvs: fix the connection sync failed in some cases (bsc#1174699).
   - irqchip/gic: Atomically update affinity (bsc#1111666).
   - iwlegacy: Check the return value of pcie_capability_read_*()
     (bsc#1111666).
   - jbd2: add the missing unlock_buffer() in the error path of
     jbd2_write_superblock() (bsc#1175772).
   - kABI: genetlink: remove genl_bind (kabi).
   - kernel/cpu_pm: Fix uninitted local in cpu_pm (git fixes (kernel/pm)).
   - kernel/relay.c: fix memleak on destroy relay channel (git-fixes).
   - kernfs: do not call fsnotify() with name without a parent (bsc#1175770).
   - KVM: arm64: Ensure 'params' is initialised when looking up sys register
     (bsc#1133021).
   - KVM: arm64: Stop clobbering x0 for HVC_SOFT_RESTART (bsc#1133021).
   - KVM: arm/arm64: Fix young bit from mmu notifier (bsc#1133021).
   - KVM: arm/arm64: vgic: Do not rely on the wrong pending table
     (bsc#1133021).
   - KVM: arm/arm64: vgic-its: Fix restoration of unmapped collections
     (bsc#1133021).
   - KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests (bsc#1133021).
   - KVM: arm: Make inject_abt32() inject an external abort instead
     (bsc#1133021).
   - kvm: Change offset in kvm_write_guest_offset_cached to unsigned
     (bsc#1133021).
   - KVM: Check for a bad hva before dropping into the ghc slow path
     (bsc#1133021).
   - KVM: PPC: Book3S PR: Remove uninitialized_var() usage (bsc#1065729).
   - l2tp: remove skb_dst_set() from l2tp_xmit_skb()
     (networking-stable-20_07_17).
   - leds: 88pm860x: fix use-after-free on unbind (git-fixes).
   - leds: core: Flush scheduled work for system suspend (git-fixes).
   - leds: da903x: fix use-after-free on unbind (git-fixes).
   - leds: lm3533: fix use-after-free on unbind (git-fixes).
   - leds: lm355x: avoid enum conversion warning (git-fixes).
   - leds: wm831x-status: fix use-after-free on unbind (git-fixes).
   - lib/dim: Fix -Wunused-const-variable warnings (bsc#1174852).
   - lib: dimlib: fix help text typos (bsc#1174852).
   - lib: logic_pio: Add logic_pio_unregister_range() (bsc#1174658).
   - lib: logic_pio: Avoid possible overlap for unregistering regions
     (bsc#1174658).
   - lib: logic_pio: Fix RCU usage (bsc#1174658).
   - linux/dim: Add completions count to dim_sample (bsc#1174852).
   - linux/dim: Fix overflow in dim calculation (bsc#1174852).
   - linux/dim: Move implementation to .c files (bsc#1174852).
   - linux/dim: Move logic to dim.h (bsc#1174852).
   - linux/dim: Remove "net" prefix from internal DIM members (bsc#1174852).
   - linux/dim: Rename externally exposed macros (bsc#1174852).
   - linux/dim: Rename externally used net_dim members (bsc#1174852).
   - linux/dim: Rename net_dim_sample() to net_dim_update_sample()
     (bsc#1174852).
   - liquidio: Fix wrong return value in cn23xx_get_pf_num() (git-fixes).
   - llc: make sure applications use ARPHRD_ETHER
     (networking-stable-20_07_17).
   - mac80211: mesh: Free ie data when leaving mesh (git-fixes).
   - mac80211: mesh: Free pending skb when destroying a mpath (git-fixes).
   - MAINTAINERS: add entry for Dynamic Interrupt Moderation (bsc#1174852).
   - md-cluster: Fix potential error pointer dereference in resize_bitmaps()
     (git-fixes).
   - md/raid5: Fix Force reconstruct-write io stuck in degraded raid5
     (git-fixes).
   - media: budget-core: Improve exception handling in budget_register()
     (git-fixes).
   - media: exynos4-is: Add missed check for pinctrl_lookup_state()
     (git-fixes).
   - media: firewire: Using uninitialized values in node_probe() (git-fixes).
   - media: omap3isp: Add missed v4l2_ctrl_handler_free() for
     preview_init_entities() (git-fixes).
   - media: vpss: clean up resources in init (git-fixes).
   - mfd: arizona: Ensure 32k clock is put on driver unbind and error
     (git-fixes).
   - mfd: dln2: Run event handler loop under spinlock (git-fixes).
   - mfd: rk808: Fix RK818 ID template (bsc#1175412).
   - mld: fix memory leak in ipv6_mc_destroy_dev()
     (networking-stable-20_06_28).
   - mm: filemap: clear idle flag for writes (bsc#1175769).
   - mm/migrate.c: add missing flush_dcache_page for non-mapped page migrate
     (git fixes (mm/migrate)).
   - mm/mmu_notifier: use hlist_add_head_rcu() (git fixes (mm/mmu_notifiers)).
   - mm: remove VM_BUG_ON(PageSlab()) from page_mapcount() (git fixes
     (mm/compaction)).
   - mm/rmap.c: do not reuse anon_vma if we just want a copy (git fixes
     (mm/rmap)).
   - mm/shmem.c: cast the type of unmap_start to u64 (git fixes (mm/shmem)).
   - mm, thp: fix defrag setting if newline is not used (git fixes (mm/thp)).
   - mm/vunmap: add cond_resched() in vunmap_pmd_range (bsc#1175654
     ltc#184617).
   - mtd: spi-nor: Fix an error code in spi_nor_read_raw() (bsc#1175413).
   - mtd: spi-nor: fix kernel-doc for spi_nor::info (bsc#1175414).
   - mtd: spi-nor: fix kernel-doc for spi_nor::reg_proto (bsc#1175415).
   - mtd: spi-nor: fix silent truncation in spi_nor_read_raw() (bsc#1175416).
   - mwifiex: Prevent memory corruption handling keys (git-fixes).
   - net: Added pointer check for dst->ops->neigh_lookup in
     dst_neigh_lookup_skb (git-fixes).
   - net: bridge: enfore alignment for ethernet address
     (networking-stable-20_06_28).
   - net: core: reduce recursion limit value (networking-stable-20_06_28).
   - net: Do not clear the sock TX queue in sk_set_socket()
     (networking-stable-20_06_28).
   - net: dsa: b53: check for timeout (git-fixes).
   - net: ena: Add first_interrupt field to napi struct (bsc#1174852).
   - net: ena: add reserved PCI device ID (bsc#1174852).
   - net: ena: add support for reporting of packet drops (bsc#1174852).
   - net: ena: add support for the rx offset feature (bsc#1174852).
   - net: ena: add support for traffic mirroring (bsc#1174852).
   - net: ena: add unmask interrupts statistics to ethtool (bsc#1174852).
   - net: ena: allow setting the hash function without changing the key
     (bsc#1174852).
   - net: ena: avoid unnecessary admin command when RSS function set fails
     (bsc#1174852).
   - net: ena: avoid unnecessary rearming of interrupt vector when
     busy-polling (bsc#1174852).
   - net: ena: change default RSS hash function to Toeplitz (bsc#1174852).
   - net: ena: change num_queues to num_io_queues for clarity and consistency
     (bsc#1174852).
   - net: ena: changes to RSS hash key allocation (bsc#1174852).
   - net: ena: Change WARN_ON expression in ena_del_napi_in_range()
     (bsc#1174852).
   - net: ena: clean up indentation issue (bsc#1174852).
   - net: ena: cosmetic: change ena_com_stats_admin stats to u64
     (bsc#1174852).
   - net: ena: cosmetic: code reorderings (bsc#1174852).
   - net: ena: cosmetic: extract code to ena_indirection_table_set()
     (bsc#1174852).
   - net: ena: cosmetic: fix line break issues (bsc#1174852).
   - net: ena: cosmetic: fix spacing issues (bsc#1174852).
   - net: ena: cosmetic: fix spelling and grammar mistakes in comments
     (bsc#1174852).
   - net: ena: cosmetic: minor code changes (bsc#1174852).
   - net: ena: cosmetic: remove unnecessary code (bsc#1174852).
   - net: ena: cosmetic: remove unnecessary spaces and tabs in ena_com.h
     macros (bsc#1174852).
   - net: ena: cosmetic: rename ena_update_tx/rx_rings_intr_moderation()
     (bsc#1174852).
   - net: ena: cosmetic: satisfy gcc warning (bsc#1174852).
   - net: ena: cosmetic: set queue sizes to u32 for consistency (bsc#1174852).
   - net: ena: drop superfluous prototype (bsc#1174852).
   - net: ena: enable support of rss hash key and function changes
     (bsc#1174852).
   - net: ena: enable the interrupt_moderation in driver_supported_features
     (bsc#1174852).
   - net: ena: ethtool: clean up minor indentation issue (bsc#1174852).
   - net: ena: ethtool: get_channels: use combined only (bsc#1174852).
   - net: ena: ethtool: remove redundant non-zero check on rc (bsc#1174852).
   - net: ena: ethtool: support set_channels callback (bsc#1174852).
   - net/ena: Fix build warning in ena_xdp_set() (bsc#1174852).
   - net: ena: fix ena_com_comp_status_to_errno() return value (bsc#1174852).
   - net: ena: fix error returning in ena_com_get_hash_function()
     (bsc#1174852).
   - net: ena: fix incorrect setting of the number of msix vectors
     (bsc#1174852).
   - net: ena: fix incorrect update of intr_delay_resolution (bsc#1174852).
   - net: ena: fix request of incorrect number of IRQ vectors (bsc#1174852).
   - net: ena: fix update of interrupt moderation register (bsc#1174852).
   - net: ena: Fix using plain integer as NULL pointer in
     ena_init_napi_in_range (bsc#1174852).
   - net: ena: implement XDP drop support (bsc#1174852).
   - net: ena: Implement XDP_TX action (bsc#1174852).
   - net: ena: make ethtool -l show correct max number of queues
     (bsc#1174852).
   - net: ena: Make missed_tx stat incremental (bsc#1083548).
   - net: ena: Make some functions static (bsc#1174852).
   - net: ena: move llq configuration from ena_probe to ena_device_init()
     (bsc#1174852).
   - net: ena: multiple queue creation related cleanups (bsc#1174852).
   - net: ena: Prevent reset after device destruction (bsc#1083548).
   - net: ena: reduce driver load time (bsc#1174852).
   - net: ena: remove all old adaptive rx interrupt moderation code from
     ena_com (bsc#1174852).
   - net: ena: remove code duplication in
     ena_com_update_nonadaptive_moderation_interval _*() (bsc#1174852).
   - net: ena: remove code that does nothing (bsc#1174852).
   - net: ena: remove ena_restore_ethtool_params() and relevant fields
     (bsc#1174852).
   - net: ena: remove old adaptive interrupt moderation code from ena_netdev
     (bsc#1174852).
   - net: ena: remove redundant print of number of queues (bsc#1174852).
   - net: ena: remove set but not used variable 'hash_key' (bsc#1174852).
   - net: ena: remove set but not used variable 'rx_ring' (bsc#1174852).
   - net: ena: rename ena_com_free_desc to make API more uniform
     (bsc#1174852).
   - net: ena: Select DIMLIB for ENA_ETHERNET (bsc#1174852).
   - net: ena: simplify ena_com_update_intr_delay_resolution() (bsc#1174852).
   - net: ena: support new LLQ acceleration mode (bsc#1174852).
   - net: ena: switch to dim algorithm for rx adaptive interrupt moderation
     (bsc#1174852).
   - net: ena: use explicit variable size for clarity (bsc#1174852).
   - net: ena: use SHUTDOWN as reset reason when closing interface
     (bsc#1174852).
   - net: ena: xdp: update napi budget for DROP and ABORTED (bsc#1174852).
   - net: ena: xdp: XDP_TX: fix memory leak (bsc#1174852).
   - net: ethernet: broadcom: have drivers select DIMLIB as needed
     (bsc#1174852).
   - net: ethernet: stmmac: Disable hardware multicast filter (git-fixes).
   - net: fec: correct the error path for regulator disable in probe
     (git-fixes).
   - netfilter: x_tables: add counters allocation wrapper (git-fixes).
   - netfilter: x_tables: cap allocations at 512 mbyte (git-fixes).
   - netfilter: x_tables: limit allocation requests for blob rule heads
     (git-fixes).
   - net: Fix a documentation bug wrt. ip_unprivileged_port_start (git-fixes).
   - net: fix memleak in register_netdevice() (networking-stable-20_06_28).
   - net: Fix the arp error in some cases (networking-stable-20_06_28).
   - net: gre: recompute gre csum for sctp over gre tunnels (git-fixes).
   - net: hns3: add autoneg and change speed support for fibre port
     (bsc#1174070).
   - net: hns3: add support for FEC encoding control (bsc#1174070).
   - net: hns3: add support for multiple media type (bsc#1174070).
   - net: hns3: fix a not link up issue when fibre port supports autoneg
     (bsc#1174070).
   - net: hns3: fix for FEC configuration (bsc#1174070).
   - net: hns3: fix port capbility updating issue (bsc#1174070).
   - net: hns3: fix port setting handle for fibre port (bsc#1174070).
   - net: hns3: fix selftest fail issue for fibre port with autoneg on
     (bsc#1174070).
   - net: hns3: restore the MAC autoneg state after reset (bsc#1174070).
   - net: increment xmit_recursion level in dev_direct_xmit()
     (networking-stable-20_06_28).
   - net: ip6_gre: Request headroom in __gre6_xmit() (git-fixes).
   - net: lan78xx: add missing endpoint sanity check (git-fixes).
   - net: lan78xx: fix transfer-buffer memory leak (git-fixes).
   - net: make symbol 'flush_works' static (git-fixes).
   - net: netsec: Fix signedness bug in netsec_probe() (bsc#1175417).
   - net: netsec: initialize tx ring on ndo_open (bsc#1175418).
   - net: phy: Check harder for errors in get_phy_id() (bsc#1111666).
   - net: Set fput_needed iff FDPUT_FPUT is set (git-fixes).
   - net: socionext: Fix a signedness bug in ave_probe() (bsc#1175419).
   - net: socionext: replace napi_alloc_frag with the netdev variant on init
     (bsc#1175420).
   - net: stmmac: dwmac1000: provide multicast filter fallback (git-fixes).
   - net: udp: Fix wrong clean up for IS_UDPLITE macro (git-fixes).
   - net: update net_dim documentation after rename (bsc#1174852).
   - net: usb: ax88179_178a: fix packet alignment padding
     (networking-stable-20_06_28).
   - net: usb: qmi_wwan: add support for Quectel EG95 LTE modem
     (networking-stable-20_07_17).
   - netvsc: unshare skb in VF rx handler (git-fixes).
   - net/xfrm: fix compress vs decompress serialization (bsc#1174298)
   - net/xfrm/input: Protect queue with lock (bsc#1174299)
   - nfc: nci: add missed destroy_workqueue in nci_register_device
     (git-fixes).
   - NTB: Fix an error in get link status (git-fixes).
   - ntb_netdev: fix sleep time mismatch (git-fixes).
   - NTB: ntb_transport: Use scnprintf() for avoiding potential buffer
     overflow (git-fixes).
   - nvme: explicitly update mpath disk capacity on revalidation (git-fixes).
   - nvme: fix possible deadlock when I/O is blocked (git-fixes).
   - nvme-multipath: do not fall back to __nvme_find_path() for non-optimized
     paths (bsc#1172108).
   - nvme-multipath: fix logic for non-optimized paths (bsc#1172108).
   - nvme-multipath: round-robin: eliminate "fallback" variable (bsc#1172108).
   - nvme: multipath: round-robin: fix single non-optimized path case
     (bsc#1172108).
   - ocfs2: add trimfs dlm lock resource (bsc#1175228).
   - ocfs2: add trimfs lock to avoid duplicated trims in cluster
     (bsc#1175228).
   - ocfs2: avoid inode removal while nfsd is accessing it (bsc#1172963).
   - ocfs2: avoid inode removal while nfsd is accessing it (bsc#1172963).
   - ocfs2: change slot number type s16 to u16 (bsc#1175786).
   - ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963).
   - ocfs2: fix panic on nfs server over ocfs2 (bsc#1172963).
   - ocfs2: fix remounting needed after setfacl command (bsc#1173954).
   - ocfs2: fix the application IO timeout when fstrim is running
     (bsc#1175228).
   - ocfs2: fix value of OCFS2_INVALID_SLOT (bsc#1175767).
   - ocfs2: load global_inode_alloc (bsc#1172963).
   - ocfs2: load global_inode_alloc (bsc#1172963).
   - omapfb: dss: Fix max fclk divider for omap36xx (bsc#1113956)
   - openvswitch: Prevent kernel-infoleak in ovs_ct_put_key() (git-fixes).
   - PCI/ASPM: Add missing newline in sysfs 'policy' (git-fixes).
   - PCI: dwc: Move interrupt acking into the proper callback (bsc#1175666).
   - PCI: Fix pci_cfg_wait queue locking problem (git-fixes).
   - PCI: Fix "try" semantics of bus and slot reset (git-fixes).
   - PCI: hotplug: ACPI: Fix context refcounting in acpiphp_grab_context()
     (git-fixes).
   - PCI: hv: Fix a timing issue which causes kdump to fail occasionally
     (bsc#1172871, bsc#1172872, git-fixes).
   - PCI: Release IVRS table in AMD ACS quirk (git-fixes).
   - PCI: switchtec: Add missing __iomem and __user tags to fix sparse
     warnings (git-fixes).
   - PCI: switchtec: Add missing __iomem tag to fix sparse warnings
     (git-fixes).
   - phy: sun4i-usb: fix dereference of pointer phy0 before it is null
     checked (git-fixes).
   - pinctrl: single: fix function name in documentation (git-fixes).
   - pinctrl-single: fix pcs_parse_pinconf() return value (git-fixes).
   - platform/x86: intel-hid: Fix return value check in check_acpi_dev()
     (git-fixes).
   - platform/x86: intel-vbtn: Fix return value check in check_acpi_dev()
     (git-fixes).
   - PM / CPU: replace raw_notifier with atomic_notifier (git fixes
     (kernel/pm)).
   - PM / devfreq: rk3399_dmc: Add missing of_node_put() (bsc#1175668).
   - PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails.
   - PM / devfreq: rk3399_dmc: Fix kernel oops when rockchip,pmu is absent
     (bsc#1175668).
   - powerpc/64s: Do not init FSCR_DSCR in __init_FSCR() (bsc#1065729).
   - powerpc/64s: Fix early_init_mmu section mismatch (bsc#1065729).
   - powerpc: Allow 4224 bytes of stack expansion for the signal frame
     (bsc#1065729).
   - powerpc/book3s64/pkeys: Use PVR check instead of cpu feature
     (bsc#1065729).
   - powerpc/boot: Fix CONFIG_PPC_MPC52XX references (bsc#1065729).
   - powerpc/eeh: Fix pseries_eeh_configure_bridge() (bsc#1174689).
   - powerpc/nvdimm: Use HCALL error as the return value (bsc#1175284).
   - powerpc/nvdimm: use H_SCM_QUERY hcall on H_OVERLAP error (bsc#1175284).
   - powerpc/perf: Fix missing is_sier_aviable() during build (bsc#1065729).
   - powerpc/pseries: Do not initiate shutdown when system is running on UPS
     (bsc#1175440 ltc#187574).
   - powerpc/pseries/hotplug-cpu: Remove double free in error path
     (bsc#1065729).
   - powerpc/pseries/hotplug-cpu: wait indefinitely for vCPU death
     (bsc#1085030 ltC#165630).
   - powerpc/pseries: PCIE PHB reset (bsc#1174689).
   - powerpc/pseries: remove cede offline state for CPUs (bsc#1065729).
   - powerpc/rtas: do not online CPUs for partition suspend (bsc#1065729).
   - powerpc/vdso: Fix vdso cpu truncation (bsc#1065729).
   - power: supply: check if calc_soc succeeded in pm860x_init_battery
     (git-fixes).
   - propagate_one(): mnt_set_mountpoint() needs mount_lock (bsc#1174841).
   - pseries: Fix 64 bit logical memory block panic (bsc#1065729).
   - pwm: bcm-iproc: handle clk_get_rate() return (git-fixes).
   - rds: Prevent kernel-infoleak in rds_notify_queue_get() (git-fixes).
   - regulator: gpio: Honor regulator-boot-on property (git-fixes).
   - rocker: fix incorrect error handling in dma_rings_init
     (networking-stable-20_06_28).
   - rtlwifi: rtl8192cu: Remove uninitialized_var() usage (git-fixes).
   - s390, dcssblk: kaddr and pfn can be NULL to ->direct_access()
     (bsc#1174873).
   - sched: consistently handle layer3 header accesses in the presence of
     VLANs (networking-stable-20_07_17).
   - scsi: dh: Add Fujitsu device to devinfo and dh lists (bsc#1174026).
   - scsi: Fix trivial spelling (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Add more BUILD_BUG_ON() statements (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Address a set of sparse warnings (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be
     set anytime (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Cast explicitly to uint16_t / uint32_t (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Change {RD,WRT}_REG_*() function names from upper case
     into lower case (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Change two hardcoded constants into offsetof() / sizeof()
     expressions (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Check if FW supports MQ before enabling (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Check the size of struct fcp_hdr at compile time
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump()
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix endianness annotations in header files (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix endianness annotations in source files (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix failure message in qlt_disable_vha() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix issue with adapter's stopping state (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix login timeout (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix MPI failure AEN (8200) handling (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix null pointer access during disconnect from subsystem
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix spelling of a variable name (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix the code that reads from mailbox registers
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Fix warning after FC target reset (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Flush all sessions on zone disable (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Flush I/O on zone disable (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Increase the size of struct qla_fcp_prio_cfg to
     FCP_PRIO_CFG_SIZE (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Indicate correct supported speeds for Mezz card
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Initialize 'n' before using it (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Introduce a function for computing the debug message
     prefix (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Keep initiator ports after RSCN (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: make 1-bit bit-fields unsigned int (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Make a gap in struct qla2xxx_offld_chain explicit
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of
     request_t.handle (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Make qlafx00_process_aen() return void (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Make qla_set_ini_mode() return void (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Reduce noisy debug message (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove an unused function (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove a superfluous cast (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Remove return value from qla_nvme_ls() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and
     fcp_hdr_le (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: SAN congestion management implementation (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Simplify the functions for dumping firmware (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Sort BUILD_BUG_ON() statements alphabetically
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Split qla2x00_configure_local_loop() (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use ARRAY_SIZE() instead of open-coding it (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use make_handle() instead of open-coding it (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Use register names instead of register offsets
     (bsc#1171688 bsc#1174003).
   - scsi: qla2xxx: Use true, false for ha->fw_dumped (bsc#1171688
     bsc#1174003).
   - scsi: qla2xxx: Use true, false for need_mpi_reset (bsc#1171688
     bsc#1174003).
   - scsi: smartpqi: add bay identifier (bsc#1172418).
   - scsi: smartpqi: add gigabyte controller (bsc#1172418).
   - scsi: smartpqi: add id support for SmartRAID 3152-8i (bsc#1172418).
   - scsi: smartpqi: add inquiry timeouts (bsc#1172418).
   - scsi: smartpqi: add module param for exposure order (bsc#1172418).
   - scsi: smartpqi: add module param to hide vsep (bsc#1172418).
   - scsi: smartpqi: add new pci ids (bsc#1172418).
   - scsi: smartpqi: add pci ids for fiberhome controller (bsc#1172418).
   - scsi: smartpqi: add RAID bypass counter (bsc#1172418).
   - scsi: smartpqi: add sysfs entries (bsc#1172418).
   - scsi: smartpqi: Align driver syntax with oob (bsc#1172418).
   - scsi: smartpqi: avoid crashing kernel for controller issues
     (bsc#1172418).
   - scsi: smartpqi: bump version (bsc#1172418).
   - scsi: smartpqi: bump version (bsc#1172418).
   - scsi: smartpqi: bump version to 1.2.16-010 (bsc#1172418).
   - scsi: smartpqi: change TMF timeout from 60 to 30 seconds (bsc#1172418).
   - scsi: smartpqi: correct hang when deleting 32 lds (bsc#1172418).
   - scsi: smartpqi: correct REGNEWD return status (bsc#1172418).
   - scsi: smartpqi: correct syntax issue (bsc#1172418).
   - scsi: smartpqi: fix call trace in device discovery (bsc#1172418).
   - scsi: smartpqi: fix controller lockup observed during force reboot
     (bsc#1172418).
   - scsi: smartpqi: fix LUN reset when fw bkgnd thread is hung (bsc#1172418).
   - scsi: smartpqi: fix problem with unique ID for physical device
     (bsc#1172418).
   - scsi: smartpqi: identify physical devices without issuing INQUIRY
     (bsc#1172418).
   - scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask
     (bsc#1172418).
   - scsi: smartpqi: remove unused manifest constants (bsc#1172418).
   - scsi: smartpqi: Reporting unhandled SCSI errors (bsc#1172418).
   - scsi: smartpqi: support device deletion via sysfs (bsc#1172418).
   - scsi: smartpqi: update copyright (bsc#1172418).
   - scsi: smartpqi: update logical volume size after expansion (bsc#1172418).
   - scsi: smartpqi: Use scnprintf() for avoiding potential buffer overflow
     (bsc#1172418).
   - scsi: storvsc: Correctly set number of hardware queues for IDE disk
     (git-fixes).
   - scsi: target/iblock: fix WRITE SAME zeroing (bsc#1169790).
   - sctp: Do not advertise IPv4 addresses if ipv6only is set on the socket
     (networking-stable-20_06_28).
   - selftests/livepatch: fix mem leaks in test-klp-shadow-vars (bsc#1071995).
   - selftests/livepatch: more verification in test-klp-shadow-vars
     (bsc#1071995).
   - selftests/livepatch: rework test-klp-shadow-vars (bsc#1071995).
   - selftests/livepatch: simplify test-klp-callbacks busy target tests
     (bsc#1071995).
   - serial: 8250: change lock order in serial8250_do_startup() (git-fixes).
   - serial: pl011: Do not leak amba_ports entry on driver register error
     (git-fixes).
   - serial: pl011: Fix oops on -EPROBE_DEFER (git-fixes).
   - soc: fsl: qbman: allow registering a device link for the portal user
     (bsc#1174550).
   - soc: fsl: qbman_portals: add APIs to retrieve the probing status
     (bsc#1174550).
   - spi: davinci: Remove uninitialized_var() usage (git-fixes).
   - spi: lantiq: fix: Rx overflow error in full duplex mode (git-fixes).
   - spi: nxp-fspi: Ensure width is respected in spi-mem operations
     (bsc#1175421).
   - spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode
     (bsc#1175422).
   - spi: spi-mem: export spi_mem_default_supports_op() (bsc#1175421).
   - spi: sun4i: update max transfer size reported (git-fixes).
   - staging: comedi: addi_apci_1032: check INSN_CONFIG_DIGITAL_TRIG shift
     (git-fixes).
   - staging: comedi: ni_6527: fix INSN_CONFIG_DIGITAL_TRIG support
     (git-fixes).
   - staging: fsl-dpaa2: ethsw: Add missing netdevice check (bsc#1175423).
   - staging: rtl8192u: fix a dubious looking mask before a shift (git-fixes).
   - Staging: rtl8723bs: prevent buffer overflow in update_sta_support_rate()
     (git-fixes).
   - staging/speakup: fix get_word non-space look-ahead (git-fixes).
   - tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT
     (networking-stable-20_06_28).
   - tcp: grow window for OOO packets only for SACK flows
     (networking-stable-20_06_28).
   - tcp: make sure listeners do not initialize congestion-control state
     (networking-stable-20_07_17).
   - tcp: md5: add missing memory barriers in
     tcp_md5_do_add()/tcp_md5_hash_key() (networking-stable-20_07_17).
   - tcp: md5: do not send silly options in SYNCOOKIES
     (networking-stable-20_07_17).
   - tcp: md5: refine tcp_md5_do_add()/tcp_md5_hash_key() barriers
     (networking-stable-20_07_17).
   - tracepoint: Mark __tracepoint_string's __used (git-fixes).
   - tracing: Use trace_sched_process_free() instead of exit() for pid
     tracing (git-fixes).
   - tty: serial: fsl_lpuart: add imx8qxp support (bsc#1175670).
   - tty: serial: fsl_lpuart: free IDs allocated by IDA (bsc#1175670).
   - USB: iowarrior: fix up report size handling for some devices (git-fixes).
   - usbip: tools: fix module name in man page (git-fixes).
   - USB: serial: cp210x: enable usb generic throttle/unthrottle (git-fixes).
   - USB: serial: cp210x: re-enable auto-RTS on open (git-fixes).
   - USB: serial: iuu_phoenix: fix led-activity helpers (git-fixes).
   - usb: xhci: Fix ASM2142/ASM3142 DMA addressing (git-fixes).
   - usb: xhci-mtk: fix the failure of bandwidth allocation (git-fixes).
   - VFS: Check rename_lock in lookup_fast() (bsc#1174734).
   - video: fbdev: sm712fb: fix an issue about iounmap for a wrong address
     (git-fixes).
   - video: pxafb: Fix the function used to balance a 'dma_alloc_coherent()'
     call (git-fixes).
   - vlan: consolidate VLAN parsing code and limit max parsing depth
     (networking-stable-20_07_17).
   - vmxnet3: use correct tcp hdr length when packet is encapsulated
     (bsc#1175199).
   - vt_compat_ioctl(): clean up, use compat_ptr() properly (git-fixes).
   - vt: vt_ioctl: remove unnecessary console allocation checks (git-fixes).
   - watchdog: f71808e_wdt: clear watchdog timeout occurred flag
     (bsc#1111666).
   - watchdog: f71808e_wdt: indicate WDIOF_CARDRESET support in
     watchdog_info.options (bsc#1111666).
   - watchdog: f71808e_wdt: remove use of wrong watchdog_info option
     (bsc#1111666).
   - wl1251: fix always return 0 error (git-fixes).
   - x86/hyper-v: Fix overflow bug in fill_gva_list() (git-fixes).
   - x86/hyperv: Make hv_vcpu_is_preempted() visible (git-fixes).
   - xfrm: check id proto in validate_tmpl() (git-fixes).
   - xfrm: clean up xfrm protocol checks (git-fixes).
   - xfrm_user: uncoditionally validate esn replay attribute struct
     (git-fixes).
   - xfs: fix inode allocation block res calculation precedence (git-fixes).
   - xfs: fix reflink quota reservation accounting error (git-fixes).
   - xhci: Fix enumeration issue when setting max packet size for FS devices
     (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Realtime 15-SP1:

      zypper in -t patch SUSE-SLE-Module-RT-15-SP1-2020-2631=1



Package List:

   - SUSE Linux Enterprise Module for Realtime 15-SP1 (x86_64):

      cluster-md-kmp-rt-4.12.14-14.31.1
      cluster-md-kmp-rt-debuginfo-4.12.14-14.31.1
      dlm-kmp-rt-4.12.14-14.31.1
      dlm-kmp-rt-debuginfo-4.12.14-14.31.1
      gfs2-kmp-rt-4.12.14-14.31.1
      gfs2-kmp-rt-debuginfo-4.12.14-14.31.1
      kernel-rt-4.12.14-14.31.1
      kernel-rt-base-4.12.14-14.31.1
      kernel-rt-base-debuginfo-4.12.14-14.31.1
      kernel-rt-debuginfo-4.12.14-14.31.1
      kernel-rt-debugsource-4.12.14-14.31.1
      kernel-rt-devel-4.12.14-14.31.1
      kernel-rt-devel-debuginfo-4.12.14-14.31.1
      kernel-rt_debug-debuginfo-4.12.14-14.31.1
      kernel-rt_debug-debugsource-4.12.14-14.31.1
      kernel-rt_debug-devel-4.12.14-14.31.1
      kernel-rt_debug-devel-debuginfo-4.12.14-14.31.1
      kernel-syms-rt-4.12.14-14.31.1
      ocfs2-kmp-rt-4.12.14-14.31.1
      ocfs2-kmp-rt-debuginfo-4.12.14-14.31.1

   - SUSE Linux Enterprise Module for Realtime 15-SP1 (noarch):

      kernel-devel-rt-4.12.14-14.31.1
      kernel-source-rt-4.12.14-14.31.1


References:

   https://www.suse.com/security/cve/CVE-2020-14314.html
   https://www.suse.com/security/cve/CVE-2020-14331.html
   https://www.suse.com/security/cve/CVE-2020-14356.html
   https://www.suse.com/security/cve/CVE-2020-16166.html
   https://www.suse.com/security/cve/CVE-2020-24394.html
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1071995
   https://bugzilla.suse.com/1074701
   https://bugzilla.suse.com/1083548
   https://bugzilla.suse.com/1085030
   https://bugzilla.suse.com/1085235
   https://bugzilla.suse.com/1085308
   https://bugzilla.suse.com/1087078
   https://bugzilla.suse.com/1100394
   https://bugzilla.suse.com/1102640
   https://bugzilla.suse.com/1105412
   https://bugzilla.suse.com/1111666
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1113956
   https://bugzilla.suse.com/1120163
   https://bugzilla.suse.com/1133021
   https://bugzilla.suse.com/1144333
   https://bugzilla.suse.com/1169790
   https://bugzilla.suse.com/1171688
   https://bugzilla.suse.com/1172108
   https://bugzilla.suse.com/1172247
   https://bugzilla.suse.com/1172418
   https://bugzilla.suse.com/1172428
   https://bugzilla.suse.com/1172781
   https://bugzilla.suse.com/1172782
   https://bugzilla.suse.com/1172783
   https://bugzilla.suse.com/1172871
   https://bugzilla.suse.com/1172872
   https://bugzilla.suse.com/1172963
   https://bugzilla.suse.com/1173485
   https://bugzilla.suse.com/1173798
   https://bugzilla.suse.com/1173954
   https://bugzilla.suse.com/1174003
   https://bugzilla.suse.com/1174026
   https://bugzilla.suse.com/1174070
   https://bugzilla.suse.com/1174161
   https://bugzilla.suse.com/1174205
   https://bugzilla.suse.com/1174247
   https://bugzilla.suse.com/1174298
   https://bugzilla.suse.com/1174299
   https://bugzilla.suse.com/1174387
   https://bugzilla.suse.com/1174484
   https://bugzilla.suse.com/1174547
   https://bugzilla.suse.com/1174549
   https://bugzilla.suse.com/1174550
   https://bugzilla.suse.com/1174625
   https://bugzilla.suse.com/1174658
   https://bugzilla.suse.com/1174685
   https://bugzilla.suse.com/1174689
   https://bugzilla.suse.com/1174699
   https://bugzilla.suse.com/1174734
   https://bugzilla.suse.com/1174757
   https://bugzilla.suse.com/1174771
   https://bugzilla.suse.com/1174840
   https://bugzilla.suse.com/1174841
   https://bugzilla.suse.com/1174843
   https://bugzilla.suse.com/1174844
   https://bugzilla.suse.com/1174845
   https://bugzilla.suse.com/1174852
   https://bugzilla.suse.com/1174873
   https://bugzilla.suse.com/1174887
   https://bugzilla.suse.com/1174904
   https://bugzilla.suse.com/1174926
   https://bugzilla.suse.com/1174968
   https://bugzilla.suse.com/1175062
   https://bugzilla.suse.com/1175063
   https://bugzilla.suse.com/1175064
   https://bugzilla.suse.com/1175065
   https://bugzilla.suse.com/1175066
   https://bugzilla.suse.com/1175067
   https://bugzilla.suse.com/1175112
   https://bugzilla.suse.com/1175127
   https://bugzilla.suse.com/1175128
   https://bugzilla.suse.com/1175149
   https://bugzilla.suse.com/1175199
   https://bugzilla.suse.com/1175213
   https://bugzilla.suse.com/1175228
   https://bugzilla.suse.com/1175232
   https://bugzilla.suse.com/1175284
   https://bugzilla.suse.com/1175393
   https://bugzilla.suse.com/1175394
   https://bugzilla.suse.com/1175396
   https://bugzilla.suse.com/1175397
   https://bugzilla.suse.com/1175398
   https://bugzilla.suse.com/1175399
   https://bugzilla.suse.com/1175400
   https://bugzilla.suse.com/1175401
   https://bugzilla.suse.com/1175402
   https://bugzilla.suse.com/1175403
   https://bugzilla.suse.com/1175404
   https://bugzilla.suse.com/1175405
   https://bugzilla.suse.com/1175406
   https://bugzilla.suse.com/1175407
   https://bugzilla.suse.com/1175408
   https://bugzilla.suse.com/1175409
   https://bugzilla.suse.com/1175410
   https://bugzilla.suse.com/1175411
   https://bugzilla.suse.com/1175412
   https://bugzilla.suse.com/1175413
   https://bugzilla.suse.com/1175414
   https://bugzilla.suse.com/1175415
   https://bugzilla.suse.com/1175416
   https://bugzilla.suse.com/1175417
   https://bugzilla.suse.com/1175418
   https://bugzilla.suse.com/1175419
   https://bugzilla.suse.com/1175420
   https://bugzilla.suse.com/1175421
   https://bugzilla.suse.com/1175422
   https://bugzilla.suse.com/1175423
   https://bugzilla.suse.com/1175440
   https://bugzilla.suse.com/1175493
   https://bugzilla.suse.com/1175515
   https://bugzilla.suse.com/1175518
   https://bugzilla.suse.com/1175526
   https://bugzilla.suse.com/1175550
   https://bugzilla.suse.com/1175654
   https://bugzilla.suse.com/1175666
   https://bugzilla.suse.com/1175668
   https://bugzilla.suse.com/1175669
   https://bugzilla.suse.com/1175670
   https://bugzilla.suse.com/1175767
   https://bugzilla.suse.com/1175768
   https://bugzilla.suse.com/1175769
   https://bugzilla.suse.com/1175770
   https://bugzilla.suse.com/1175771
   https://bugzilla.suse.com/1175772
   https://bugzilla.suse.com/1175786
   https://bugzilla.suse.com/1175873
   https://bugzilla.suse.com/1175992



More information about the sle-security-updates mailing list