SUSE-SU-2021:2646-1: important: Security update for the Linux Kernel

sle-security-updates at sle-security-updates at
Tue Aug 10 13:34:53 UTC 2021

   SUSE Security Update: Security update for the Linux Kernel

Announcement ID:    SUSE-SU-2021:2646-1
Rating:             important
References:         #1065729 #1085224 #1094840 #1113295 #1153274 
                    #1154353 #1155518 #1156395 #1176940 #1179243 
                    #1180092 #1183871 #1184114 #1184350 #1184631 
                    #1184804 #1185377 #1185902 #1186194 #1186206 
                    #1186482 #1186483 #1187476 #1188101 #1188405 
                    #1188445 #1188504 #1188620 #1188683 #1188746 
                    #1188747 #1188748 #1188770 #1188771 #1188772 
                    #1188773 #1188774 #1188777 #1188838 #1188876 
                    #1188885 #1188973 
Cross-References:   CVE-2021-21781 CVE-2021-22543 CVE-2021-3659
CVSS scores:
                    CVE-2021-21781 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2021-22543 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3659 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-37576 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:
                    SUSE Linux Enterprise Module for Public Cloud 15-SP2

   An update that solves four vulnerabilities and has 38 fixes
   is now available.


   The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive
   various security and bugfixes.

   The following security bugs were fixed:

   - CVE-2021-3659: Fixed a NULL pointer dereference in llsec_key_alloc() in
     net/mac802154/llsec.c (bsc#1188876).
   - CVE-2021-21781: Fixed a information disclosure vulnerability in the ARM
     SIGPAGE (bsc#1188445).
   - CVE-2021-22543: Fixed improper handling of VM_IO|VM_PFNMAP vmas in KVM,
     which could bypass RO checks and can lead to pages being freed while
     still accessible by the VMM and guest. This allowed users with the
     ability to start and control a VM to read/write random pages of memory
     and can result in local privilege escalation (bsc#1186482).
   - CVE-2021-37576: Fixed an issue on the powerpc platform, where a KVM
     guest OS user could cause host OS memory corruption via rtas_args.nargs

   The following non-security bugs were fixed:

   - ACPI: AMBA: Fix resource name in /proc/iomem (git-fixes).
   - ACPI: video: Add quirk for the Dell Vostro 3350 (git-fixes).
   - ALSA: ac97: fix PM reference leak in ac97_bus_remove() (git-fixes).
   - ALSA: bebob: add support for ToneWeal FW66 (git-fixes).
   - ALSA: hda: Add IRQ check for platform_get_irq() (git-fixes).
   - ALSA: hdmi: Expose all pins on MSI MS-7C94 board (git-fixes).
   - ALSA: ppc: fix error return code in snd_pmac_probe() (git-fixes).
   - ALSA: sb: Fix potential ABBA deadlock in CSP driver (git-fixes).
   - ALSA: sb: Fix potential double-free of CSP mixer elements (git-fixes).
   - ALSA: usb-audio: Add registration quirk for JBL Quantum headsets
   - ALSA: usb-audio: scarlett2: Fix 18i8 Gen 2 PCM Input count (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix 6i6 Gen 2 line out descriptions
   - ALSA: usb-audio: scarlett2: Fix data_mutex lock (git-fixes).
   - ALSA: usb-audio: scarlett2: Fix scarlett2_*_ctl_put() return values
   - ALSA: usx2y: Do not call free_pages_exact() with NULL address
   - ARM: ensure the signal page contains defined contents (bsc#1188445).
   - ASoC: Intel: kbl_da7219_max98357a: shrink platform_id below 20
     characters (git-fixes).
   - ASoC: img: Fix PM reference leak in img_i2s_in_probe() (git-fixes).
   - ASoC: rt5631: Fix regcache sync errors on resume (git-fixes).
   - ASoC: soc-core: Fix the error return code in
     snd_soc_of_parse_audio_routing() (git-fixes).
   - ASoC: tegra: Set driver_name=tegra for all machine drivers (git-fixes).
   - Bluetooth: Fix the HCI to MGMT status conversion table (git-fixes).
   - Bluetooth: Shutdown controller after workqueues are flushed or cancelled
   - Bluetooth: btusb: Fixed too many in-token issue for Mediatek Chip
   - Bluetooth: btusb: fix bt fiwmare downloading failure issue for qca btsoc
   - Input: hideep - fix the uninitialized use in hideep_nvm_unlock()
   - Input: ili210x - add missing negation for touch indication on ili210x
   - KVM: LAPIC: Prevent setting the tscdeadline timer if the lapic is hw
     disabled (bsc#1188771).
   - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
   - KVM: nVMX: Ensure 64-bit shift when checking VMFUNC bitmap (bsc#1188774).
   - KVM: nVMX: Preserve exception priority irrespective of exiting behavior
   - PCI/sysfs: Fix dsm_label_utf16s_to_utf8s() buffer overrun (git-fixes).
   - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
   - PCI: Leave Apple Thunderbolt controllers on for s2idle or standby
   - PCI: aardvark: Fix checking for PIO Non-posted Request (git-fixes).
   - PCI: aardvark: Implement workaround for the readback value of VEND_ID
   - PCI: aardvark: Implement workaround for the readback value of VEND_ID
   - PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
   - PCI: iproc: Fix multi-MSI base vector number allocation (git-fixes).
   - PCI: iproc: Support multi-MSI only on uniprocessor kernel (git-fixes).
   - PCI: quirks: fix false kABI positive (git-fixes).
   - PCI: tegra: Add missing MODULE_DEVICE_TABLE (git-fixes).
   - RDMA/cma: Fix incorrect Packet Lifetime calculation (jsc#SLE-8449).
   - RDMA/cma: Protect RMW with qp_mutex (git-fixes).
   - Revert "ACPI: resources: Add checks for ACPI IRQ override" (git-fixes).
   - Revert "USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem"
   - Revert "be2net: disable bh with spin_lock in be_process_mcc" (git-fixes).
   - USB: serial: cp210x: add ID for CEL EM3588 USB ZigBee stick (git-fixes).
   - USB: serial: cp210x: fix comments for GE CS1000 (git-fixes).
   - USB: serial: option: add support for u-blox LARA-R6 family (git-fixes).
   - USB: usb-storage: Add LaCie Rugged USB3-FW to IGNORE_UAS (git-fixes).
   - backlight: lm3630a: Fix return code of .update_status() callback
   - bcache: avoid oversized read request in cache missing code path
   - bcache: remove bcache device self-defined readahead (bsc#1184631).
   - blk-mq: Add blk_mq_delay_run_hw_queues() API call (bsc#1180092).
   - blk-mq: In blk_mq_dispatch_rq_list() "no budget" is a reason to kick
   - blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget
   - blk-mq: Rerun dispatching in the case of budget contention (bsc#1180092).
   - blk-mq: insert flush request to the front of dispatch queue
   - blk-mq: insert passthrough request into hctx->dispatch directly
   - bnxt_en: Add missing check for BNXT_STATE_ABORT_ERR in
     bnxt_fw_rset_task() (jsc#SLE-8371 bsc#1153274).
   - bnxt_en: Check abort error state in bnxt_half_open_nic() (jsc#SLE-8371
   - bnxt_en: Refresh RoCE capabilities in bnxt_ulp_probe() (jsc#SLE-8371
   - bnxt_en: do not disable an already disabled PCI device (git-fixes).
   - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
   - bpftool: Properly close va_list 'ap' by va_end() on error (bsc#1155518).
   - cadence: force nonlinear buffers to be cloned (git-fixes).
   - can: ems_usb: fix memory leak (git-fixes).
   - can: esd_usb2: fix memory leak (git-fixes).
   - can: hi311x: fix a signedness bug in hi3110_cmd() (git-fixes).
   - can: mcba_usb_start(): add missing urb->transfer_dma initialization
   - can: raw: raw_setsockopt(): fix raw_rcv panic for sock UAF (git-fixes).
   - can: usb_8dev: fix memory leak (git-fixes).
   - ceph: do not WARN if we're still opening a session to an MDS
   - cifs: Fix preauth hash corruption (git-fixes).
   - cifs: Remove unused inline function is_sysvol_or_netlogon()
   - cifs: Return correct error code from smb2_get_enc_key (git-fixes).
   - cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
   - cifs: constify get_normalized_path() properly (bsc#1185902).
   - cifs: do not cargo-cult strndup() (bsc#1185902).
   - cifs: do not fail __smb_send_rqst if non-fatal signals are pending
   - cifs: do not send tree disconnect to ipc shares (bsc#1185902).
   - cifs: do not share tcp servers with dfs mounts (bsc#1185902).
   - cifs: do not share tcp sessions of dfs connections (bsc#1185902).
   - cifs: fix check of dfs interlinks (bsc#1185902).
   - cifs: fix interrupted close commands (git-fixes).
   - cifs: fix memory leak in smb2_copychunk_range (git-fixes).
   - cifs: fix path comparison and hash calc (bsc#1185902).
   - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902).
   - cifs: handle different charsets in dfs cache (bsc#1185902).
   - cifs: keep referral server sessions alive (bsc#1185902).
   - cifs: missing null pointer check in cifs_mount (bsc#1185902).
   - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902).
   - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902).
   - clk: renesas: r8a77995: Add ZA2 clock (git-fixes).
   - clk: tegra: Ensure that PLLU configuration is applied properly
   - clocksource/arm_arch_timer: Improve Allwinner A64 timer workaround
   - cpu/hotplug: Cure the cpusets trainwreck (git fixes (sched/hotplug)).
   - crypto: sun4i-ss - IV register does not work on A10 and A13 (git-fixes).
   - crypto: sun4i-ss - checking sg length is not sufficient (git-fixes).
   - crypto: sun4i-ss - initialize need_fallback (git-fixes).
   - crypto: virtio: Fix dest length calculation in
     __virtio_crypto_skcipher_do_req() (git-fixes).
   - crypto: virtio: Fix src/dst scatterlist calculation in
     __virtio_crypto_skcipher_do_req() (git-fixes).
   - cw1200: add missing MODULE_DEVICE_TABLE (git-fixes).
   - cxgb4: fix IRQ free race during driver unload (git-fixes).
   - dma-buf/sync_file: Do not leak fences on merge failure (git-fixes).
   - dmaengine: fsl-qdma: check dma_set_mask return value (git-fixes).
   - drm/amd/amdgpu/sriov disable all ip hw status by default (git-fixes).
   - drm/amd/display: Set DISPCLK_MAX_ERRDET_CYCLES to 7 (git-fixes).
   - drm/amd/display: Update scaling settings on modeset (git-fixes).
   - drm/amd/display: Verify Gamma & Degamma LUT sizes in
     amdgpu_dm_atomic_check (git-fixes).
   - drm/amd/display: fix incorrrect valid irq check (git-fixes).
   - drm/amd/display: fix use_max_lb flag for 420 pixel formats (git-fixes).
   - drm/amdgpu: Update NV SIMD-per-CU to 2 (git-fixes).
   - drm/amdkfd: Walk through list with dqm lock hold (git-fixes).
   - drm/arm/malidp: Always list modifiers (git-fixes).
   - drm/bridge: cdns: Fix PM reference leak in cdns_dsi_transfer()
   - drm/mediatek: Fix PM reference leak in mtk_crtc_ddp_hw_init()
   - drm/msm/mdp4: Fix modifier support enabling (git-fixes).
   - drm/mxsfb: Do not select DRM_KMS_FB_HELPER (git-fixes).
   - drm/panel: raspberrypi-touchscreen: Prevent double-free (git-fixes).
   - drm/radeon: Add the missed drm_gem_object_put() in
     radeon_user_framebuffer_create() (git-fixes).
   - drm/sched: Avoid data corruptions (git-fixes).
   - drm/tegra: Do not set allow_fb_modifiers explicitly (git-fixes).
   - drm/vc4: fix argument ordering in vc4_crtc_get_margins() (git-fixes).
   - drm/virtio: Fix double free on probe failure (git-fixes).
   - drm/zte: Do not select DRM_KMS_FB_HELPER (git-fixes).
   - drm: Return -ENOTTY for non-drm ioctls (git-fixes).
   - e1000e: Check the PCIm state (git-fixes).
   - e1000e: Fix an error handling path in 'e1000_probe()' (git-fixes).
   - fbmem: Do not delete the mode that is still in use (git-fixes).
   - fbmem: add margin check to fb_check_caps() (git-fixes).
   - firmware/efi: Tell memblock about EFI iomem reservations (git-fixes).
   - firmware: arm_scmi: Fix possible scmi_linux_errmap buffer overflow
   - firmware: arm_scmi: Fix range check for the maximum number of pending
     messages (git-fixes).
   - gpio: pca953x: Add support for the On Semi pca9655 (git-fixes).
   - gpio: zynq: Check return value of pm_runtime_get_sync (git-fixes).
   - gtp: fix an use-before-init in gtp_newlink() (git-fixes).
   - gve: Add DQO fields for core data structures (bsc#1176940).
   - gve: Add Gvnic stats AQ command and ethtool show/set-priv-flags
   - gve: Add dqo descriptors (bsc#1176940).
   - gve: Add stats for gve (bsc#1176940).
   - gve: Add support for DQO RX PTYPE map (bsc#1176940).
   - gve: Add support for raw addressing device option (bsc#1176940).
   - gve: Add support for raw addressing in the tx path (bsc#1176940).
   - gve: Add support for raw addressing to the rx path (bsc#1176940).
   - gve: Batch AQ commands for creating and destroying queues (bsc#1176940).
   - gve: Check TX QPL was actually assigned (bsc#1176940).
   - gve: DQO: Add RX path (bsc#1176940).
   - gve: DQO: Add TX path (bsc#1176940).
   - gve: DQO: Add core netdev features (bsc#1176940).
   - gve: DQO: Add ring allocation and initialization (bsc#1176940).
   - gve: DQO: Configure interrupts on device up (bsc#1176940).
   - gve: DQO: Fix off by one in gve_rx_dqo() (bsc#1176940).
   - gve: DQO: Remove incorrect prefetch (bsc#1176940).
   - gve: Enable Link Speed Reporting in the driver (bsc#1176940).
   - gve: Fix warnings reported for DQO patchset (bsc#1176940).
   - gve: Get and set Rx copybreak via ethtool (bsc#1176940).
   - gve: Introduce a new model for device options (bsc#1176940).
   - gve: Introduce per netdev `enum gve_queue_format` (bsc#1176940).
   - gve: Make gve_rx_slot_page_info.page_offset an absolute offset
   - gve: Move some static functions to a common file (bsc#1176940).
   - gve: NIC stats for report-stats and for ethtool (bsc#1176940).
   - gve: Propagate error codes to caller (bsc#1176940).
   - gve: Replace zero-length array with flexible-array member (bsc#1176940).
   - gve: Rx Buffer Recycling (bsc#1176940).
   - gve: Simplify code and axe the use of a deprecated API (bsc#1176940).
   - gve: Update adminq commands to support DQO queues (bsc#1176940).
   - gve: Use dev_info/err instead of netif_info/err (bsc#1176940).
   - gve: Use link status register to report link status (bsc#1176940).
   - gve: adminq: DQO specific device descriptor logic (bsc#1176940).
   - gve: gve_rx_copy: Move padding to an argument (bsc#1176940).
   - i2c: core: Disable client irq on reboot/shutdown (git-fixes).
   - i40e: Fix autoneg disabling for non-10GBaseT links (git-fixes).
   - i40e: Fix error handling in i40e_vsi_open (git-fixes).
   - iavf: Fix an error handling path in 'iavf_probe()' (git-fixes).
   - ibmvnic: Remove the proper scrq flush (bsc#1188504 ltc#192075).
   - ibmvnic: retry reset if there are no other resets (bsc#1184350
   - ice: Re-organizes reqstd/avail {R, T}XQ check/code for efficiency
   - igb: Check if num of q_vectors is smaller than max before array access
   - igb: Fix an error handling path in 'igb_probe()' (git-fixes).
   - igb: Fix position of assignment to *ring (git-fixes).
   - igb: Fix use-after-free error during reset (git-fixes).
   - igc: Fix an error handling path in 'igc_probe()' (git-fixes).
   - igc: Fix use-after-free error during reset (git-fixes).
   - igc: change default return of igc_read_phy_reg() (git-fixes).
   - iio: accel: bma180: Use explicit member assignment (git-fixes).
   - iio: gyro: fxa21002c: Balance runtime pm + use
     pm_runtime_resume_and_get() (git-fixes).
   - iio: magn: bmc150: Balance runtime pm + use pm_runtime_resume_and_get()
   - iwlwifi: mvm: do not change band on bound PHY contexts (git-fixes).
   - iwlwifi: pcie: free IML DMA memory allocation (git-fixes).
   - ixgbe: Fix an error handling path in 'ixgbe_probe()' (git-fixes).
   - ixgbe: Fix packet corruption due to missing DMA sync (git-fixes).
   - kABI workaround for pci/quirks.c (git-fixes).
   - kprobes: Do not expose probe addresses to non-CAP_SYSLOG (git-fixes).
   - kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler
   - kprobes: Fix compiler warning for !CONFIG_KPROBES_ON_FTRACE (git-fixes).
   - kprobes: Fix to check probe enabled before disarm_kprobe_ftrace()
   - kprobes: fix kill kprobe which has been marked as gone (git-fixes).
   - kvm: LAPIC: Restore guard to prevent illegal APIC register access
   - kvm: i8254: remove redundant assignment to pointer s (bsc#1188770).
   - lib/decompress_unlz4.c: correctly handle zero-padding around initrds
   - libbpf: Fixes incorrect rx_ring_setup_done (bsc#1155518).
   - liquidio: Fix unintentional sign extension issue on left shift of u16
   - mISDN: fix possible use-after-free in HFC_cleanup() (git-fixes).
   - media, bpf: Do not copy more entries than user space requested
   - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf()
   - media: uvcvideo: Fix pixel format change for Elgato Cam Link 4K
   - mfd: cpcap: Fix cpcap dmamask not set warnings (git-fixes).
   - mfd: da9052/stmpe: Add and modify MODULE_DEVICE_TABLE (git-fixes).
   - misc/libmasm/module: Fix two use after free in ibmasm_init_one
   - misc: alcor_pci: fix inverted branch condition (git-fixes).
   - misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge
   - mmc: core: Allow UHS-I voltage switch for SDSC cards if supported
   - mt76: mt7603: set 0 as min coverage_class value (git-fixes).
   - mt76: mt7615: fix endianness in mt7615_mcu_set_eeprom (git-fixes).
   - mt76: mt7615: increase MCU command timeout (git-fixes).
   - mt76: set dma-done flag for flushed descriptors (git-fixes).
   - mvpp2: suppress warning (git-fixes).
   - net/mlx5: Do not fail driver on failure to create debugfs (git-fixes).
   - net/mlx5e: Block offload of outer header csum for GRE tunnel (git-fixes).
   - net: Make PTP-specific drivers depend on PTP_1588_CLOCK (git-fixes).
   - net: atlantic: fix ip dst and ipv6 address filters (git-fixes).
   - net: dp83867: Fix OF_MDIO config check (git-fixes).
   - net: ethernet: ti: Remove TI_CPTS_MOD workaround (git-fixes).
   - net: gve: convert strlcpy to strscpy (bsc#1176940).
   - net: gve: remove duplicated allowed (bsc#1176940).
   - net: hns3: Clear the CMDQ registers before unmapping BAR region
   - net: marvell: Fix OF_MDIO config check (git-fixes).
   - net: mvpp2: Put fwnode in error case during ->probe() (git-fixes).
   - net: phy: microchip_t1: add lan87xx_phy_init to initialize the lan87xx
     phy (git-fixes).
   - net: usb: fix possible use-after-free in smsc75xx_bind (git-fixes).
   - net: wilc1000: clean up resource in error path of init mon interface
   - nfc: nfcsim: fix use after free during module unload (git-fixes).
   - pinctrl/amd: Add device HID for new AMD GPIO controller (git-fixes).
   - pinctrl: mcp23s08: Fix missing unlock on error in mcp23s08_irq()
   - pinctrl: mcp23s08: fix race condition in irq handler (git-fixes).
   - platform/chrome: cros_ec_lightbar: Reduce ligthbar get version command
   - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (git-fixes).
   - platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when
     using s2idle (git-fixes).
   - platform/x86: intel_int0002_vgpio: Pass irqchip when adding gpiochip
   - platform/x86: intel_int0002_vgpio: Remove dev_err() usage after
     platform_get_irq() (git-fixes).
   - platform/x86: intel_int0002_vgpio: Use device_init_wakeup (git-fixes).
   - power: reset: gpio-poweroff: add missing MODULE_DEVICE_TABLE (git-fixes).
   - power: supply: ab8500: Avoid NULL pointers (git-fixes).
   - power: supply: ab8500: add missing MODULE_DEVICE_TABLE (git-fixes).
   - power: supply: charger-manager: add missing MODULE_DEVICE_TABLE
   - power: supply: max17042: Do not enforce (incorrect) interrupt trigger
     type (git-fixes).
   - power: supply: sc2731_charger: Add missing MODULE_DEVICE_TABLE
   - power: supply: sc27xx: Add missing MODULE_DEVICE_TABLE (git-fixes).
   - powerpc/64s: Move branch cache flushing bcctr variant to ppc-ops.h
     (bsc#1188885 ltc#193722).
   - powerpc/64s: rename pnv|pseries_setup_rfi_flush to
     _setup_security_mitigations (bsc#1188885 ltc#193722).
   - powerpc/mm: Fix lockup on kernel exec fault (bsc#1156395).
   - powerpc/papr_scm: Properly handle UUID types and API (bsc#1113295,
   - powerpc/pesries: Get STF barrier requirement from
     H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
   - powerpc/pseries: Get entry and uaccess flush required bits from
     H_GET_CPU_CHARACTERISTICS (bsc#1188885 ltc#193722).
   - powerpc/pseries: add new branch prediction security bits for link stack
     (bsc#1188885 ltc#193722).
   - powerpc/pseries: export LPAR security flavor in lparcfg (bsc#1188885
   - powerpc/security: Add a security feature for STF barrier (bsc#1188885
   - powerpc/security: Allow for processors that flush the link stack using
     the special bcctr (bsc#1188885 ltc#193722).
   - powerpc/security: Fix link stack flush instruction (bsc#1188885
   - powerpc/security: change link stack flush state to the flush type enum
     (bsc#1188885 ltc#193722).
   - powerpc/security: make display of branch cache flush more consistent
     (bsc#1188885 ltc#193722).
   - powerpc/security: re-name count cache flush to branch cache flush
     (bsc#1188885 ltc#193722).
   - powerpc/security: split branch cache flush toggle from code patching
     (bsc#1188885 ltc#193722).
   - powerpc/stacktrace: Fix spurious "stale" traces in raise_backtrace_ipi()
   - powerpc/stacktrace: Include linux/delay.h (bsc#1156395).
   - powerpc: Offline CPU in stop_this_cpu() (bsc#1156395).
   - pwm: img: Fix PM reference leak in img_pwm_enable() (git-fixes).
   - pwm: imx1: Do not disable clocks at device remove time (git-fixes).
   - pwm: spear: Do not modify HW state in .remove callback (git-fixes).
   - qemu_fw_cfg: Make fw_cfg_rev_attr a proper kobj_attribute (git-fixes).
   - r8152: Fix a deadlock by doubly PM resume (bsc#1186194).
   - r8152: Fix potential PM refcount imbalance (bsc#1186194).
   - r8169: avoid link-up interrupt issue on RTL8106e if user enables ASPM
   - ravb: Fix bit fields checking in ravb_hwtstamp_get() (git-fixes).
   - rbd: always kick acquire on "acquired" and "released" notifications
   - rbd: do not hold lock_rwsem while running_list is being drained
   - regulator: hi6421: Fix getting wrong drvdata (git-fixes).
   - regulator: hi6421: Use correct variable type for regmap api val argument
   - replaced with upstream security mitigation cleanup
   - reset: ti-syscon: fix to_ti_syscon_reset_data macro (git-fixes).
   - rpm/ Do not install usrmerged kernel on Leap
   - rtc: max77686: Do not enforce (incorrect) interrupt trigger type
   - rtc: mxc_v2: add missing MODULE_DEVICE_TABLE (git-fixes).
   - rtl8xxxu: Fix device info for RTL8192EU devices (git-fixes).
   - scsi: fc: Add 256GBit speed setting to SCSI FC transport (bsc#1188101).
   - sfp: Fix error handing in sfp_probe() (git-fixes).
   - soc/tegra: fuse: Fix Tegra234-only builds (git-fixes).
   - spi: cadence: Correct initialisation of runtime PM again (git-fixes).
   - spi: imx: add a check for speed_hz before calculating the clock
   - spi: mediatek: fix fifo rx mode (git-fixes).
   - staging: rtl8723bs: fix macro value for 2.4Ghz only device (git-fixes).
   - thermal/core: Correct function name thermal_zone_device_unregister()
   - tpm: efi: Use local variable for calculating final log size (git-fixes).
   - tracing: Do not reference char * as a string in histograms (git-fixes).
   - tty: serial: 8250: serial_cs: Fix a memory leak in error handling path
   - tty: serial: fsl_lpuart: fix the potential risk of division or modulo by
     zero (git-fixes).
   - usb: dwc2: gadget: Fix sending zero length packet in DDMA mode
   - usb: gadget: f_hid: fix endianness issue with descriptors (git-fixes).
   - usb: gadget: hid: fix error return code in hid_bind() (git-fixes).
   - usb: hub: Disable USB 3 device initiated lpm if exit latency is too high
   - usb: hub: Fix link power management max exit latency (MEL) calculations
   - usb: max-3421: Prevent corruption of freed memory (git-fixes).
   - usb: renesas_usbhs: Fix superfluous irqs happen after usb_pkt_pop()
   - uuid: Add inline helpers to import / export UUIDs (bsc#1113295,
   - virtio_console: Assure used length from device is limited (git-fixes).
   - virtio_net: move tx vq operation under tx queue lock (git-fixes).
   - vxlan: add missing rcu_read_lock() in neigh_reduce() (git-fixes).
   - w1: ds2438: fixing bug that would always get page0 (git-fixes).
   - watchdog: Fix possible use-after-free by calling del_timer_sync()
   - watchdog: Fix possible use-after-free in wdt_startup() (git-fixes).
   - watchdog: iTCO_wdt: Account for rebooting on second timeout (git-fixes).
   - watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()
   - wilc1000: write value to WILC_INTR2_ENABLE register (git-fixes).
   - wireless: wext-spy: Fix out-of-bounds warning (git-fixes).
   - wl1251: Fix possible buffer overflow in wl1251_cmd_scan (git-fixes).
   - wlcore/wl12xx: Fix wl12xx get_mac error if device is in ELP (git-fixes).
   - workqueue: fix UAF in pwq_unbound_release_workfn() (bsc#1188973).
   - xen/events: reset active flag for lateeoi events later (git-fixes).
   - xfrm: xfrm_state_mtu should return at least 1280 for ipv6 (bsc#1185377).
   - xhci: Fix lost USB 2 remote wake (git-fixes).

Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Public Cloud 15-SP2:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2021-2646=1

Package List:

   - SUSE Linux Enterprise Module for Public Cloud 15-SP2 (noarch):


   - SUSE Linux Enterprise Module for Public Cloud 15-SP2 (x86_64):



More information about the sle-security-updates mailing list