SUSE-SU-2021:1210-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Apr 15 16:31:47 UTC 2021


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2021:1210-1
Rating:             important
References:         #1065600 #1065729 #1103990 #1103991 #1103992 
                    #1104270 #1104353 #1109837 #1111981 #1112374 
                    #1113295 #1113994 #1118657 #1118661 #1119113 
                    #1126390 #1129770 #1132477 #1142635 #1152446 
                    #1154048 #1169709 #1172455 #1173485 #1175165 
                    #1176720 #1176855 #1178163 #1178181 #1179243 
                    #1179428 #1179454 #1179660 #1179755 #1180846 
                    #1181507 #1181515 #1181544 #1181655 #1181674 
                    #1181747 #1181753 #1181843 #1182011 #1182175 
                    #1182485 #1182574 #1182715 #1182716 #1182717 
                    #1183018 #1183022 #1183023 #1183378 #1183379 
                    #1183380 #1183381 #1183382 #1183405 #1183416 
                    #1183509 #1183593 #1183646 #1183662 #1183686 
                    #1183692 #1183696 #1183755 #1183775 #1183861 
                    #1183871 #1184114 #1184120 #1184167 #1184168 
                    #1184170 #1184192 #1184193 #1184196 #1184198 
                    #1184391 #1184393 #1184397 #1184494 #1184511 
                    #1184583 
Cross-References:   CVE-2020-0433 CVE-2020-25670 CVE-2020-25671
                    CVE-2020-25672 CVE-2020-25673 CVE-2020-27170
                    CVE-2020-27171 CVE-2020-27815 CVE-2020-29368
                    CVE-2020-29374 CVE-2020-35519 CVE-2020-36311
                    CVE-2021-20219 CVE-2021-26930 CVE-2021-26931
                    CVE-2021-26932 CVE-2021-27363 CVE-2021-27364
                    CVE-2021-27365 CVE-2021-28038 CVE-2021-28660
                    CVE-2021-28688 CVE-2021-28964 CVE-2021-28971
                    CVE-2021-28972 CVE-2021-29154 CVE-2021-29264
                    CVE-2021-29265 CVE-2021-29647 CVE-2021-30002
                    CVE-2021-3428 CVE-2021-3444 CVE-2021-3483
                   
CVSS scores:
                    CVE-2020-0433 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-0433 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
                    CVE-2020-27170 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2020-27171 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
                    CVE-2020-27815 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-29368 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-29368 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-29374 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-29374 (SUSE): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
                    CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-20219 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-26930 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-26930 (SUSE): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
                    CVE-2021-26931 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-26931 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-26932 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-26932 (SUSE): 5.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
                    CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
                    CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2021-28964 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28971 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3428 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2021-3444 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3444 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP5
                    SUSE Linux Enterprise Software Development Kit 12-SP5
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Live Patching 12-SP5
                    SUSE Linux Enterprise High Availability 12-SP5
______________________________________________________________________________

   An update that solves 33 vulnerabilities and has 53 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
   security and bugfixes.

   The following security bugs were fixed:

   - CVE-2021-3444: Fixed an issue with the bpf verifier which did not
     properly handle mod32 destination register truncation when the source
     register was known to be 0 leading to out of bounds read  (bsc#1184170).
   - CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent
     (bsc#1173485).
   - CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed
     attackers to obtain sensitive information from kernel memory because of
     a partially uninitialized data structure (bsc#1184192 ).
   - CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have
     allowed attackers to cause a denial of service due to race conditions
     during an update of the local and shared status (bsc#1184167).
   - CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver
     which could have allowed attackers to cause a system crash due to a
     calculation of negative fragment size (bsc#1184168).
   - CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a
     new device name to the driver from userspace, allowing userspace to
     write data to the kernel stack frame directly (bsc#1184198).
   - CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could
     have caused a system crash because the PEBS status in a PEBS record was
     mishandled (bsc#1184196 ).
   - CVE-2021-28964: Fixed a race condition in get_old_root which could have
     allowed attackers to cause a denial of service (bsc#1184193).
   - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).
   - CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
     (bsc#1183593 ).
   - CVE-2021-28038: Fixed an issue with the netback driver which was lacking
     necessary treatment of errors such as failed memory allocations
     (bsc#1183022).
   - CVE-2021-27365: Fixed an issue where an unprivileged user can send a
     Netlink message that is associated with iSCSI, and has a length up to
     the maximum length of a Netlink message (bsc#1182715).
   - CVE-2021-27364: Fixed an issue where an attacker could craft Netlink
     messages (bsc#1182717).
   - CVE-2021-27363: Fixed a kernel pointer leak which could have been used
     to determine the address of the iscsi_transport structure (bsc#1182716).
   - CVE-2021-26932: Fixed improper error handling issues in Linux grant
     mapping (XSA-361 bsc#1181747).
   - CVE-2021-26931: Fixed an issue where Linux  kernel was treating grant
     mapping errors as bugs (XSA-362 bsc#1181753).
   - CVE-2021-26930: Fixed an improper error handling in blkback's grant
     mapping (XSA-365 bsc#1181843).
   - CVE-2020-35519: Fixed an out-of-bounds memory access  was found in
     x25_bind (bsc#1183696).
   - CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write
     implementation which could have granted unintended write access
     (bsc#1179660, bsc#1179428).
   - CVE-2020-27815: Fixed an issue in JFS filesystem  where could have
     allowed an attacker to execute code (bsc#1179454).
   - CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds
     speculation on pointer arithmetic, leading to side-channel attacks that
     defeat Spectre mitigations and obtain sensitive information from kernel
     memory (bsc#1183775).
   - CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre
     mitigations and obtain sensitive information from kernel memory
     (bsc#1183686).
   - CVE-2020-0433: Fixed a use after free due to improper locking which
     could have led to local escalation of privilege (bsc#1176720).
   - CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
   - CVE-2021-30002: Fixed a memory leak for large arguments in
     video_usercopy (bsc#1184120).
   - CVE-2021-29154: Fixed incorrect computation of branch displacements,
     allowing arbitrary code execution (bsc#1184391).
   - CVE-2021-20219: Fixed a denial of service in n_tty_receive_char_special
     (bsc#1184397).
   - CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
     destruction of a large SEV VM (bsc#1184511).
   - CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
     multiple bugs in NFC subsytem (bsc#1178181).

   The following non-security bugs were fixed:

   - ACPI: scan: Rearrange memory allocation in acpi_device_add() (git-fixes).
   - ALSA: ctxfi: cthw20k2: fix mask on conf to allow 4 bits (git-fixes).
   - ALSA: hda: Drop the BATCH workaround for AMD controllers (git-fixes).
   - ALSA: hda/realtek: modify EAPD in the ALC886 (git-fixes).
   - amba: Fix resource leak for drivers without .remove (git-fixes).
   - bfq: Fix kABI for update internal depth state when queue depth changes
     (bsc#1172455).
   - bfq: update internal depth state when queue depth changes (bsc#1172455).
   - block: rsxx: fix error return code of rsxx_pci_probe() (git-fixes).
   - Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
     (git-fixes).
   - Bluetooth: hci_uart: Cancel init work before unregistering (git-fixes).
   - Bluetooth: hci_uart: Fix a race for write_work scheduling (git-fixes).
   - bpf: Add sanity check for upper ptr_limit (bsc#1183686 bsc#1183775).
   - bpf: Fix 32 bit src register truncation on div/mod (bsc#1184170).
   - bpf: fix subprog verifier bypass by div/mod by 0 exception (bsc#1184170).
   - bpf: fix x64 JIT code generation for jmp to 1st insn (bsc#1178163).
   - bpf_lru_list: Read double-checked variable once without lock (git-fixes).
   - bpf: Simplify alu_limit masking for pointer arithmetic (bsc#1183686
     bsc#1183775).
   - bpf,x64: Pad NOPs to make images converge more easily (bsc#1178163).
   - bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (git-fixes).
   - can: c_can: move runtime PM enable/disable to c_can_platform (git-fixes).
   - can: c_can_pci: c_can_pci_remove(): fix use-after-free (git-fixes).
   - can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
     (git-fixes).
   - can: peak_usb: add forgotten supported devices (git-fixes).
   - can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
     (git-fixes).
   - can: skb: can_skb_set_owner(): fix ref counting if socket was closed
     before setting skb ownership (git-fixes).
   - cifs: change noisy error message to FYI (bsc#1181507).
   - cifs: check all path components in resolved dfs target (bsc#1179755).
   - cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
   - cifs: do not send close in compound create+close requests (bsc#1181507).
   - cifs: fix nodfs mount option (bsc#1179755).
   - cifs: introduce helper for finding referral server (bsc#1179755).
   - cifs: New optype for session operations (bsc#1181507).
   - cifs: print MIDs in decimal notation (bsc#1181507).
   - cifs: return proper error code in statfs(2) (bsc#1181507).
   - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
   - cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
     cxgb4 and ulds (bsc#1104270).
   - dmaengine: hsu: disable spurious interrupt (git-fixes).
   - drm/amdgpu: Fix macro name _AMDGPU_TRACE_H_ in preprocessor if
     (bsc#1129770)
   - drm/atomic: Create __drm_atomic_helper_crtc_reset() for subclassing
     (bsc#1142635)
   - drm: bridge: dw-hdmi: Avoid resetting force in the detect function
     (bsc#1129770)
   - drm/compat: Clear bounce structures (bsc#1129770)
   - drm/etnaviv: replace MMU flush marker with flush sequence (bsc#1154048)
   - drm/gma500: Fix error return code in psb_driver_load() (bsc#1129770)
   - drm/mediatek: Add missing put_device() call in mtk_drm_kms_init()
     (bsc#1152446)
   - drm/mediatek: Fix aal size config (bsc#1129770)
   - drm: meson_drv add shutdown function (git-fixes).
   - drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
     (git-fixes).
   - drm/msm/dsi: Correct io_start for MSM8994 (20nm PHY) (bsc#1129770)
   - drm/msm: fix shutdown hook in case GPU components failed to bind
     (git-fixes).
   - drm: mxsfb: check framebuffer pitch (bsc#1129770)
   - drm/omap: fix max fclk divider for omap36xx (bsc#1152446)
   - drm: panel: Fix bpc for OrtusTech COM43H4M85ULC panel (bsc#1129770)
   - drm: panel: Fix bus format for OrtusTech COM43H4M85ULC panel
     (bsc#1129770)
   - drm/radeon: fix AGP dependency (git-fixes).
   - drm: rcar-du: Put reference to VSP device (bsc#1129770)
   - drm/vc4: crtc: Rework a bit the CRTC state code (bsc#1129770)
   - drm/vc4: hdmi: Avoid sleeping in atomic context (bsc#1129770)
   - ethernet: alx: fix order of calls on resume (git-fixes).
   - fbdev: aty: SPARC64 requires FB_ATY_CT (bsc#1129770)
   - firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
     (git-fixes).
   - fix setting irq affinity (bsc#1184583)
   - futex: Prevent robust futex exit race (git-fixes).
   - gma500: clean up error handling in init (bsc#1129770)
   - gpiolib: acpi: Add missing IRQF_ONESHOT (git-fixes).
   - HID: make arrays usage and value to be the same (git-fixes).
   - i2c: brcmstb: Fix brcmstd_send_i2c_cmd condition (git-fixes).
   - i40e: Add zero-initialization of AQ command structures (bsc#1109837
     bsc#1111981).
   - i40e: Fix add TC filter for IPv6 (bsc#1109837 bsc#1111981 ).
   - i40e: Fix endianness conversions (bsc#1109837 bsc#1111981 ).
   - IB/mlx5: Return appropriate error code instead of ENOMEM (bsc#1103991).
   - ibmvnic: add comments for spinlock_t definitions (bsc#1184114 ltc#192237
     bsc#1183871 ltc#192139).
   - ibmvnic: add memory barrier to protect long term buffer (bsc#1184114
     ltc#192237 bsc#1182485 ltc#191591).
   - ibmvnic: always store valid MAC address (bsc#1182011 ltc#191844).
   - ibmvnic: avoid multiple line dereference (bsc#1184114 ltc#192237
     bsc#1183871 ltc#192139).
   - ibmvnic: compare adapter->init_done_rc with more readable
     ibmvnic_rc_codes (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: Correctly re-enable interrupts in NAPI polling routine
     (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: create send_control_ip_offload (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: create send_query_ip_offload (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: Do not replenish RX buffers after every polling loop
     (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: Ensure that CRQ entry read are correctly ordered (bsc#1184114
     ltc#192237 bsc#1182485 ltc#191591).
   - ibmvnic: Ensure that device queue memory is cache-line aligned
     (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: Ensure that SCRQ entry reads are correctly ordered (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: fix block comments (bsc#1184114 ltc#192237 bsc#1183871
     ltc#192139).
   - ibmvnic: fix braces (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: fix miscellaneous checks (bsc#1184114 ltc#192237 bsc#1183871
     ltc#192139).
   - ibmvnic: fix NULL pointer dereference in ibmvic_reset_crq (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: Fix possibly uninitialized old_num_tx_queues variable warning
     (bsc#1184114 ltc#192237).
   - ibmvnic: Fix TX completion error handling (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: Fix use-after-free of VNIC login response buffer (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: handle inconsistent login with reset (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: Harden device Command Response Queue handshake (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: improve ibmvnic_init and ibmvnic_reset_init (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: merge do_change_param_reset into do_reset (bsc#1184114
     ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: merge ibmvnic_reset_init and ibmvnic_init (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: no reset timeout for 5 seconds after reset (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: prefer strscpy over strlcpy (bsc#1184114 ltc#192237 bsc#1183871
     ltc#192139).
   - ibmvnic: prefer 'unsigned long' over 'unsigned long int' (bsc#1184114
     ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: reduce wait for completion time (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: remove excessive irqsave (bsc#1065729).
   - ibmvnic: remove never executed if statement (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: remove unnecessary rmb() inside ibmvnic_poll (bsc#1184114
     ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: remove unused spinlock_t stats_lock definition (bsc#1184114
     ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: rename ibmvnic_send_req_caps to send_request_cap (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: rename send_cap_queries to send_query_cap (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: rename send_map_query to send_query_map (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: rework to ensure SCRQ entry reads are properly ordered
     (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
   - ibmvnic: send_login should check for crq errors (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: simplify reset_long_term_buff function (bsc#1184114 ltc#192237
     bsc#1183023 ltc#191791).
   - ibmvnic: skip send_request_unmap for timeout reset (bsc#1184114
     ltc#192237 bsc#1182485 ltc#191591).
   - ibmvnic: skip tx timeout reset while in resetting (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: stop free_all_rwi on failed reset (bsc#1184114 ltc#192237
     bsc#1179243 ltc#189290).
   - ibmvnic: store RX and TX subCRQ handle array in ibmvnic_adapter struct
     (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: substitute mb() with dma_wmb() for send_*crq* functions
     (bsc#1184114 ltc#192237 bsc#1183023 ltc#191791).
   - ibmvnic: track pending login (bsc#1184114 ltc#192237 bsc#1179243
     ltc#189290).
   - ibmvnic: Use netdev_alloc_skb instead of alloc_skb to replenish RX
     buffers (bsc#1184114 ltc#192237 bsc#1179243 ltc#189290).
   - ibmvnic: Use 'skb_frag_address()' instead of hand coding it (bsc#1184114
     ltc#192237).
   - ice: Account for port VLAN in VF max packet size calculation
     (bsc#1118661).
   - igc: check return value of ret_val in igc_config_fc_after_link_up
     (bsc#1118657).
   - igc: Report speed and duplex as unknown when device is runtime suspended
     (jsc#SLE-4799).
   - igc: set the default return value to -IGC_ERR_NVM in igc_write_nvm_srwr
     (bsc#1118657).
   - iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel
     (git-fixes).
   - iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler
     (git-fixes).
   - iio: hid-sensor-humidity: Fix alignment issue of timestamp channel
     (git-fixes).
   - iio: hid-sensor-prox: Fix scale not correct issue (git-fixes).
   - iio: hid-sensor-temperature: Fix issues of timestamp channel (git-fixes).
   - Input: i8042 - add ASUS Zenbook Flip to noselftest list (git-fixes).
   - Input: i8042 - unbreak Pegatron C15B (git-fixes).
   - Input: raydium_ts_i2c - do not send zero length (git-fixes).
   - Input: xpad - add support for PowerA Enhanced Wired Controller for Xbox
     Series X|S (git-fixes).
   - Input: xpad - sync supported devices with fork on GitHub (git-fixes).
   - iommu/amd: Fix sleeping in atomic in increase_address_space()
     (bsc#1183378).
   - iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183379).
   - iommu/vt-d: Avoid panic if iommu init fails in tboot system
     (bsc#1183380).
   - iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183381).
   - ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (bsc#1113994).
   - kABI: Fix kABI after modifying struct __call_single_data (bsc#1180846).
   - kabi/severities: Add rtas_online_cpus_mask, rtas_offline_cpus_mask
   - kernel/smp: add boot parameter for controlling CSD lock debugging
     (bsc#1180846).
   - kernel/smp: add more data to CSD lock debugging (bsc#1180846).
   - kernel/smp: prepare more CSD lock debugging (bsc#1180846).
   - kernel/smp: Provide CSD lock timeout diagnostics (bsc#1180846).
   - KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
     (bsc#1183382).
   - lib/crc32test: remove extra local_irq_disable/enable (git-fixes).
   - locking/mutex: Fix non debug version of mutex_lock_io_nested()
     (git-fixes).
   - mac80211: fix double free in ibss_leave (git-fixes).
   - mac80211: fix rate mask reset (git-fixes).
   - media: usbtv: Fix deadlock on suspend (git-fixes).
   - media: uvcvideo: Allow entities with no pads (git-fixes).
   - misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
     (git-fixes).
   - mmc: core: Fix partition switch time for eMMC (git-fixes).
   - mmc: core: Use DEFINE_DEBUGFS_ATTRIBUTE instead of
     DEFINE_SIMPLE_ATTRIBUTE.
   - mmc: cqhci: Fix random crash when remove mmc module/card (git-fixes).
   - mmc: sdhci-esdhc-imx: fix kernel panic when remove module (git-fixes).
   - mmc: sdhci-of-arasan: Add missed checks for devm_clk_register()
     (git-fixes).
   - mwifiex: pcie: skip cancel_work_sync() on reset failure path (git-fixes).
   - net: bridge: use switchdev for port flags set through sysfs too
     (bsc#1112374).
   - net: cdc-phonet: fix data-interface release on probe failure (git-fixes).
   - net: core: introduce __netdev_notify_peers (bsc#1184114 ltc#192237
     bsc#1183871 ltc#192139).
   - net: ethernet: ibm: ibmvnic: Fix some kernel-doc misdemeanours
     (bsc#1184114 ltc#192237 bsc#1183871 ltc#192139).
   - net: hns3: add a check for index in hclge_get_rss_key() (bsc#1126390).
   - net: hns3: add a check for queue_id in hclge_reset_vf_queue()
     (bsc#1104353).
   - net: hns3: fix bug when calculating the TCAM table info (bsc#1104353).
   - net: hns3: fix query vlan mask value error for flow director
     (bsc#1104353).
   - net/mlx5e: Update max_opened_tc also when channels are closed
     (bsc#1103990).
   - net: phy: micrel: set soft_reset callback to genphy_soft_reset for
     KSZ8081 (bsc#1119113).
   - net: re-solve some conflicts after net -> net-next merge (bsc#1184114
     ltc#192237 bsc#1176855 ltc#187293).
   - net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
   - net: usb: ax88179_178a: fix missing stop entry in driver_info
     (git-fixes).
   - net: usb: qmi_wwan: allow qmimux add/del with master up (git-fixes).
   - PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
     (git-fixes).
   - PCI: Align checking of syscall user config accessors (git-fixes).
   - phy: rockchip-emmc: emmc_phy_init() always return 0 (git-fixes).
   - platform/x86: i2c-multi-instantiate: Do not create platform device for
     INT3515 ACPI nodes (git-fixes).
   - powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
     (bsc#1065729).
   - powerpc/book3s64/radix: Remove WARN_ON in destroy_context() (bsc#1183692
     ltc#191963).
   - powerpc: Convert to using %pOFn instead of device_node.name (bsc#1181674
     ltc#189159).
   - powerpc: Fix some spelling mistakes (bsc#1181674 ltc#189159).
   - powerpc/hvcall: add token and codes for H_VASI_SIGNAL (bsc#1181674
     ltc#189159).
   - powerpc: kABI: add back suspend_disable_cpu in machdep_calls
     (bsc#1181674 ltc#189159).
   - powerpc/machdep: remove suspend_disable_cpu() (bsc#1181674 ltc#189159).
   - powerpc/mm/pkeys: Make pkey access check work on execute_only_key
     (bsc#1181544 ltc#191080 git-fixes).
   - powerpc/numa: Fix build when CONFIG_NUMA=n (bsc#1132477 ltc#175530).
   - powerpc/numa: make vphn_enabled, prrn_enabled flags const (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove ability to enable topology updates (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove arch_update_cpu_topology (bsc#1181674 ltc#189159).
   - powerpc/numa: Remove late request for home node associativity
     (bsc#1181674 ltc#189159).
   - powerpc/numa: remove prrn_is_enabled() (bsc#1181674 ltc#189159).
   - powerpc/numa: remove start/stop_topology_update() (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove timed_topology_update() (bsc#1181674 ltc#189159).
   - powerpc/numa: remove unreachable topology timer code (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove unreachable topology update code (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove unreachable topology workqueue code (bsc#1181674
     ltc#189159).
   - powerpc/numa: remove vphn_enabled and prrn_enabled internal flags
     (bsc#1181674 ltc#189159).
   - powerpc/numa: stub out numa_update_cpu_topology() (bsc#1181674
     ltc#189159).
   - powerpc/numa: Suppress "VPHN is not supported" messages (bsc#1181674
     ltc#189159).
   - powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
   - powerpc/pseries: Add empty update_numa_cpu_lookup_table() for NUMA=n
     (bsc#1181674 ltc#189159).
   - powerpc/pseries: Do not enforce MSI affinity with kdump (bsc#1181655
     ltc#190855).
   - powerpc/pseries: Generalize hcall_vphn() (bsc#1181674 ltc#189159).
   - powerpc/pseries/hibernation: drop pseries_suspend_begin() from suspend
     ops (bsc#1181674 ltc#189159).
   - powerpc/pseries/hibernation: pass stream id via function arguments
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/hibernation: perform post-suspend fixups later
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/hibernation: remove prepare_late() callback (bsc#1181674
     ltc#189159).
   - powerpc/pseries/hibernation: remove pseries_suspend_cpu() (bsc#1181674
     ltc#189159).
   - powerpc/pseries/hibernation: switch to rtas_ibm_suspend_me()
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: add missing break to default case (bsc#1181674
     ltc#189159).
   - powerpc/pseries/mobility: Add pr_debug() for device tree changes
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: do not error on absence of ibm, update-nodes
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: error message improvements (bsc#1181674
     ltc#189159).
   - powerpc/pseries/mobility: extract VASI session polling logic
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: handle premature return from H_JOIN
     (bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
   - powerpc/pseries/mobility: refactor node lookup during DT update
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: retry partition suspend after error
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: Set pr_fmt() (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: signal suspend cancellation to platform
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: use rtas_activate_firmware() on resume
     (bsc#1181674 ltc#189159).
   - powerpc/pseries/mobility: use stop_machine for join/suspend (bsc#1181674
     ltc#189159).
   - powerpc/pseries/mobility: use struct for shared state (bsc#1181674
     ltc#189159 git-fixes bsc#1183662 ltc#191922).
   - powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
   - powerpc/pseries: remove dlpar_cpu_readd() (bsc#1181674 ltc#189159).
   - powerpc/pseries: remove memory "re-add" implementation (bsc#1181674
     ltc#189159).
   - powerpc/pseries: remove obsolete memory hotplug DT notifier code
     (bsc#1181674 ltc#189159).
   - powerpc/pseries: remove prrn special case from DT update path
     (bsc#1181674 ltc#189159).
   - powerpc/rtas: add rtas_activate_firmware() (bsc#1181674 ltc#189159).
   - powerpc/rtas: add rtas_ibm_suspend_me() (bsc#1181674 ltc#189159).
   - powerpc/rtas: complete ibm,suspend-me status codes (bsc#1181674
     ltc#189159).
   - powerpc/rtas: dispatch partition migration requests to pseries
     (bsc#1181674 ltc#189159).
   - powerpc/rtasd: simplify handle_rtas_event(), emit message on events
     (bsc#1181674 ltc#189159).
   - powerpc/rtas: prevent suspend-related sys_rtas use on LE (bsc#1181674
     ltc#189159).
   - powerpc/rtas: remove rtas_ibm_suspend_me_unsafe() (bsc#1181674
     ltc#189159).
   - powerpc/rtas: remove rtas_suspend_cpu() (bsc#1181674 ltc#189159).
   - powerpc/rtas: remove unused rtas_suspend_last_cpu() (bsc#1181674
     ltc#189159).
   - powerpc/rtas: remove unused rtas_suspend_me_data (bsc#1181674
     ltc#189159).
   - powerpc/rtas: rtas_ibm_suspend_me -> rtas_ibm_suspend_me_unsafe
     (bsc#1181674 ltc#189159).
   - powerpc/rtas: Unexport rtas_online_cpus_mask, rtas_offline_cpus_mask
     (bsc#1181674 ltc#189159).
   - powerpc/vio: Use device_type to detect family (bsc#1181674 ltc#189159).
   - printk: fix deadlock when kernel panic (bsc#1183018).
   - pseries/drmem: do not cache node id in drmem_lmb struct (bsc#1132477
     ltc#175530).
   - pseries/hotplug-memory: hot-add: skip redundant LMB lookup (bsc#1132477
     ltc#175530).
   - pwm: rockchip: rockchip_pwm_probe(): Remove superfluous clk_unprepare()
     (git-fixes).
   - qxl: Fix uninitialised struct field head.surface_id (git-fixes).
   - random: fix the RNDRESEEDCRNG ioctl (git-fixes).
   - rcu: Allow only one expedited GP to run concurrently with (git-fixes)
   - rcu: Fix missed wakeup of exp_wq waiters (git-fixes)
   - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation (bsc#1103991).
   - RDMA/rxe: Remove useless code in rxe_recv.c (bsc#1103992 ).
   - RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
     (bsc#1169709)
   - RDMA/uverbs: Fix kernel-doc warning of _uverbs_alloc (bsc#1103992).
   - Revert "ibmvnic: remove never executed if statement" (bsc#1184114
     ltc#192237 bsc#1179243 ltc#189290).
   - rpadlpar: fix potential drc_name corruption in store functions
     (bsc#1183416 ltc#191079).
   - rsxx: Return -EFAULT if copy_to_user() fails (git-fixes).
   - s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
   - s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
   - s390/crypto: return -EFAULT if copy_to_user() fails (git-fixes).
   - s390/dasd: fix hanging offline processing due to canceled worker
     (bsc#1175165).
   - s390/dasd: fix hanging offline processing due to canceled worker
     (bsc#1175165).
   - s390/pci: Fix s390_mmio_read/write with MIO (LTC#192079 bsc#1183755).
   - s390/vtime: fix increased steal time accounting (bsc#1183861).
   - sched/fair: Fix wrong cpu selecting from isolated domain (git-fixes)
   - sched/vtime: Fix guest/system mis-accounting on task switch (git-fixes)
   - scsi: lpfc: Change wording of invalid pci reset log message
     (bsc#1182574).
   - scsi: lpfc: Correct function header comments related to ndlp reference
     counting (bsc#1182574).
   - scsi: lpfc: Fix ADISC handling that never frees nodes (bsc#1182574).
   - scsi: lpfc: Fix ancient double free (bsc#1182574).
   - scsi: lpfc: Fix crash caused by switch reboot (bsc#1182574).
   - scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery
     (bsc#1182574).
   - scsi: lpfc: Fix EEH encountering oops with NVMe traffic (bsc#1182574).
   - scsi: lpfc: Fix FLOGI failure due to accessing a freed node
     (bsc#1182574).
   - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
     (bsc#1182574).
   - scsi: lpfc: Fix kerneldoc inconsistency in lpfc_sli4_dump_page_a0()
     (bsc#1182574).
   - scsi: lpfc: Fix lpfc_els_retry() possible null pointer dereference
     (bsc#1182574).
   - scsi: lpfc: Fix nodeinfo debugfs output (bsc#1182574).
   - scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
     (bsc#1182574).
   - scsi: lpfc: Fix 'physical' typos (bsc#1182574).
   - scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN (bsc#1182574).
   - scsi: lpfc: Fix pt2pt connection does not recover after LOGO
     (bsc#1182574).
   - scsi: lpfc: Fix pt2pt state transition causing rmmod hang (bsc#1182574).
   - scsi: lpfc: Fix reftag generation sizing errors (bsc#1182574).
   - scsi: lpfc: Fix stale node accesses on stale RRQ request (bsc#1182574).
   - scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
     (bsc#1182574).
   - scsi: lpfc: Fix unnecessary null check in lpfc_release_scsi_buf
     (bsc#1182574).
   - scsi: lpfc: Fix use after free in lpfc_els_free_iocb (bsc#1182574).
   - scsi: lpfc: Fix vport indices in lpfc_find_vport_by_vpid() (bsc#1182574).
   - scsi: lpfc: Reduce LOG_TRACE_EVENT logging for vports (bsc#1182574).
   - scsi: lpfc: Update copyrights for 12.8.0.7 and 12.8.0.8 changes
     (bsc#1182574).
   - scsi: lpfc: Update lpfc version to 12.8.0.8 (bsc#1182574).
   - selinux: never allow relabeling on context mounts (git-fixes).
   - smb3: add dynamic trace point to trace when credits obtained
     (bsc#1181507).
   - smb3: fix crediting for compounding when only one request in flight
     (bsc#1181507).
   - smp: Add source and destination CPUs to __call_single_data (bsc#1180846).
   - Update config files: activate CONFIG_CSD_LOCK_WAIT_DEBUG for x86
     (bsc#1180846).
   - Update config files: disable CONFIG_CSD_LOCK_WAIT_DEBUG (bsc#1180846).
   - usb: gadget: f_uac2: always increase endpoint max_packet_size by one
     audio slot (git-fixes).
   - usbip: fix stub_dev to check for stream socket (git-fixes).
   - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
     (git-fixes).
   - usbip: Fix unsafe unaligned pointer usage (git-fixes).
   - usbip: fix vhci_hcd attach_store() races leading to gpf (git-fixes).
   - usbip: fix vhci_hcd to check for stream socket (git-fixes).
   - usbip: tools: fix build error for multiple definition (git-fixes).
   - usb: quirks: add quirk to start video capture on ELMO L-12F document
     camera reliable (git-fixes).
   - usb: replace hardcode maximum usb string length by definition
     (git-fixes).
   - usb: serial: io_edgeport: fix memory leak in edge_startup (git-fixes).
   - usb: serial: option: add Quectel EM160R-GL (git-fixes).
   - usb-storage: Add quirk to defeat Kindle's automatic unload (git-fixes).
   - use __netdev_notify_peers in ibmvnic (bsc#1184114 ltc#192237 bsc#1183871
     ltc#192139).
   - video: fbdev: acornfb: remove free_unused_pages() (bsc#1129770)
   - video: fbdev: atmel_lcdfb: fix return error code in (bsc#1129770)
     Backporting notes: 	* context changes 	* fallout from trailing
     whitespaces
   - vsprintf: Do not have bprintf dereference pointers (bsc#1184494).
   - vsprintf: Do not preprocess non-dereferenced pointers for bprintf (%px
     and %pK) (bsc#1184494).
   - vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced
     pointers (bsc#1184494).
   - wlcore: Fix command execute failure 19 for wl12xx (git-fixes).
   - x86/ioapic: Ignore IRQ2 again (12sp5).
   - x86/mem_encrypt: Correct physical address calculation in
     __set_clr_pte_enc() (12sp5).
   - xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022
     XSA-367).
   - xen/netback: avoid race in xenvif_rx_ring_slots_available()
     (bsc#1065600).
   - xen/netback: fix spurious event detection for common event case
     (bsc#1182175).
   - xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022
     XSA-367).
   - xfs: Fix assert failure in xfs_setattr_size() (git-fixes).
   - xsk: Remove dangling function declaration from header file (bsc#1109837).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP5:

      zypper in -t patch SUSE-SLE-WE-12-SP5-2021-1210=1

   - SUSE Linux Enterprise Software Development Kit 12-SP5:

      zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-1210=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-1210=1

   - SUSE Linux Enterprise Live Patching 12-SP5:

      zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2021-1210=1

   - SUSE Linux Enterprise High Availability 12-SP5:

      zypper in -t patch SUSE-SLE-HA-12-SP5-2021-1210=1



Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):

      kernel-default-debuginfo-4.12.14-122.66.2
      kernel-default-debugsource-4.12.14-122.66.2
      kernel-default-extra-4.12.14-122.66.2
      kernel-default-extra-debuginfo-4.12.14-122.66.2

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):

      kernel-obs-build-4.12.14-122.66.2
      kernel-obs-build-debugsource-4.12.14-122.66.2

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch):

      kernel-docs-4.12.14-122.66.2

   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

      kernel-default-4.12.14-122.66.2
      kernel-default-base-4.12.14-122.66.2
      kernel-default-base-debuginfo-4.12.14-122.66.2
      kernel-default-debuginfo-4.12.14-122.66.2
      kernel-default-debugsource-4.12.14-122.66.2
      kernel-default-devel-4.12.14-122.66.2
      kernel-syms-4.12.14-122.66.2

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      kernel-devel-4.12.14-122.66.2
      kernel-macros-4.12.14-122.66.2
      kernel-source-4.12.14-122.66.2

   - SUSE Linux Enterprise Server 12-SP5 (x86_64):

      kernel-default-devel-debuginfo-4.12.14-122.66.2

   - SUSE Linux Enterprise Server 12-SP5 (s390x):

      kernel-default-man-4.12.14-122.66.2

   - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64):

      kernel-default-debuginfo-4.12.14-122.66.2
      kernel-default-debugsource-4.12.14-122.66.2
      kernel-default-kgraft-4.12.14-122.66.2
      kernel-default-kgraft-devel-4.12.14-122.66.2
      kgraft-patch-4_12_14-122_66-default-1-8.3.2

   - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64):

      cluster-md-kmp-default-4.12.14-122.66.2
      cluster-md-kmp-default-debuginfo-4.12.14-122.66.2
      dlm-kmp-default-4.12.14-122.66.2
      dlm-kmp-default-debuginfo-4.12.14-122.66.2
      gfs2-kmp-default-4.12.14-122.66.2
      gfs2-kmp-default-debuginfo-4.12.14-122.66.2
      kernel-default-debuginfo-4.12.14-122.66.2
      kernel-default-debugsource-4.12.14-122.66.2
      ocfs2-kmp-default-4.12.14-122.66.2
      ocfs2-kmp-default-debuginfo-4.12.14-122.66.2


References:

   https://www.suse.com/security/cve/CVE-2020-0433.html
   https://www.suse.com/security/cve/CVE-2020-25670.html
   https://www.suse.com/security/cve/CVE-2020-25671.html
   https://www.suse.com/security/cve/CVE-2020-25672.html
   https://www.suse.com/security/cve/CVE-2020-25673.html
   https://www.suse.com/security/cve/CVE-2020-27170.html
   https://www.suse.com/security/cve/CVE-2020-27171.html
   https://www.suse.com/security/cve/CVE-2020-27815.html
   https://www.suse.com/security/cve/CVE-2020-29368.html
   https://www.suse.com/security/cve/CVE-2020-29374.html
   https://www.suse.com/security/cve/CVE-2020-35519.html
   https://www.suse.com/security/cve/CVE-2020-36311.html
   https://www.suse.com/security/cve/CVE-2021-20219.html
   https://www.suse.com/security/cve/CVE-2021-26930.html
   https://www.suse.com/security/cve/CVE-2021-26931.html
   https://www.suse.com/security/cve/CVE-2021-26932.html
   https://www.suse.com/security/cve/CVE-2021-27363.html
   https://www.suse.com/security/cve/CVE-2021-27364.html
   https://www.suse.com/security/cve/CVE-2021-27365.html
   https://www.suse.com/security/cve/CVE-2021-28038.html
   https://www.suse.com/security/cve/CVE-2021-28660.html
   https://www.suse.com/security/cve/CVE-2021-28688.html
   https://www.suse.com/security/cve/CVE-2021-28964.html
   https://www.suse.com/security/cve/CVE-2021-28971.html
   https://www.suse.com/security/cve/CVE-2021-28972.html
   https://www.suse.com/security/cve/CVE-2021-29154.html
   https://www.suse.com/security/cve/CVE-2021-29264.html
   https://www.suse.com/security/cve/CVE-2021-29265.html
   https://www.suse.com/security/cve/CVE-2021-29647.html
   https://www.suse.com/security/cve/CVE-2021-30002.html
   https://www.suse.com/security/cve/CVE-2021-3428.html
   https://www.suse.com/security/cve/CVE-2021-3444.html
   https://www.suse.com/security/cve/CVE-2021-3483.html
   https://bugzilla.suse.com/1065600
   https://bugzilla.suse.com/1065729
   https://bugzilla.suse.com/1103990
   https://bugzilla.suse.com/1103991
   https://bugzilla.suse.com/1103992
   https://bugzilla.suse.com/1104270
   https://bugzilla.suse.com/1104353
   https://bugzilla.suse.com/1109837
   https://bugzilla.suse.com/1111981
   https://bugzilla.suse.com/1112374
   https://bugzilla.suse.com/1113295
   https://bugzilla.suse.com/1113994
   https://bugzilla.suse.com/1118657
   https://bugzilla.suse.com/1118661
   https://bugzilla.suse.com/1119113
   https://bugzilla.suse.com/1126390
   https://bugzilla.suse.com/1129770
   https://bugzilla.suse.com/1132477
   https://bugzilla.suse.com/1142635
   https://bugzilla.suse.com/1152446
   https://bugzilla.suse.com/1154048
   https://bugzilla.suse.com/1169709
   https://bugzilla.suse.com/1172455
   https://bugzilla.suse.com/1173485
   https://bugzilla.suse.com/1175165
   https://bugzilla.suse.com/1176720
   https://bugzilla.suse.com/1176855
   https://bugzilla.suse.com/1178163
   https://bugzilla.suse.com/1178181
   https://bugzilla.suse.com/1179243
   https://bugzilla.suse.com/1179428
   https://bugzilla.suse.com/1179454
   https://bugzilla.suse.com/1179660
   https://bugzilla.suse.com/1179755
   https://bugzilla.suse.com/1180846
   https://bugzilla.suse.com/1181507
   https://bugzilla.suse.com/1181515
   https://bugzilla.suse.com/1181544
   https://bugzilla.suse.com/1181655
   https://bugzilla.suse.com/1181674
   https://bugzilla.suse.com/1181747
   https://bugzilla.suse.com/1181753
   https://bugzilla.suse.com/1181843
   https://bugzilla.suse.com/1182011
   https://bugzilla.suse.com/1182175
   https://bugzilla.suse.com/1182485
   https://bugzilla.suse.com/1182574
   https://bugzilla.suse.com/1182715
   https://bugzilla.suse.com/1182716
   https://bugzilla.suse.com/1182717
   https://bugzilla.suse.com/1183018
   https://bugzilla.suse.com/1183022
   https://bugzilla.suse.com/1183023
   https://bugzilla.suse.com/1183378
   https://bugzilla.suse.com/1183379
   https://bugzilla.suse.com/1183380
   https://bugzilla.suse.com/1183381
   https://bugzilla.suse.com/1183382
   https://bugzilla.suse.com/1183405
   https://bugzilla.suse.com/1183416
   https://bugzilla.suse.com/1183509
   https://bugzilla.suse.com/1183593
   https://bugzilla.suse.com/1183646
   https://bugzilla.suse.com/1183662
   https://bugzilla.suse.com/1183686
   https://bugzilla.suse.com/1183692
   https://bugzilla.suse.com/1183696
   https://bugzilla.suse.com/1183755
   https://bugzilla.suse.com/1183775
   https://bugzilla.suse.com/1183861
   https://bugzilla.suse.com/1183871
   https://bugzilla.suse.com/1184114
   https://bugzilla.suse.com/1184120
   https://bugzilla.suse.com/1184167
   https://bugzilla.suse.com/1184168
   https://bugzilla.suse.com/1184170
   https://bugzilla.suse.com/1184192
   https://bugzilla.suse.com/1184193
   https://bugzilla.suse.com/1184196
   https://bugzilla.suse.com/1184198
   https://bugzilla.suse.com/1184391
   https://bugzilla.suse.com/1184393
   https://bugzilla.suse.com/1184397
   https://bugzilla.suse.com/1184494
   https://bugzilla.suse.com/1184511
   https://bugzilla.suse.com/1184583



More information about the sle-security-updates mailing list