SUSE-SU-2021:0433-1: important: Security update for the Linux Kernel

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Thu Feb 11 14:25:17 UTC 2021


   SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID:    SUSE-SU-2021:0433-1
Rating:             important
References:         #1046305 #1046306 #1046540 #1046542 #1046648 
                    #1050242 #1050244 #1050536 #1050538 #1050545 
                    #1056653 #1056657 #1056787 #1064802 #1066129 
                    #1073513 #1074220 #1075020 #1086282 #1086301 
                    #1086313 #1086314 #1098633 #1103990 #1103991 
                    #1103992 #1104270 #1104277 #1104279 #1104353 
                    #1104427 #1104742 #1104745 #1109837 #1111981 
                    #1112178 #1112374 #1113956 #1119113 #1126206 
                    #1126390 #1127354 #1127371 #1129770 #1136348 
                    #1144912 #1149032 #1163727 #1172145 #1174206 
                    #1176831 #1176846 #1178036 #1178049 #1178372 
                    #1178631 #1178684 #1178900 #1179093 #1179508 
                    #1179509 #1179563 #1179573 #1179575 #1179878 
                    #1180008 #1180130 #1180559 #1180562 #1180676 
                    #1180765 #1180812 #1180859 #1180891 #1180912 
                    #1181001 #1181018 #1181170 #1181230 #1181231 
                    #1181349 #1181425 #1181504 #1181553 #1181645 
                    
Cross-References:   CVE-2020-25639 CVE-2020-27835 CVE-2020-28374
                    CVE-2020-29568 CVE-2020-29569 CVE-2020-36158
                    CVE-2021-0342 CVE-2021-20177 CVE-2021-3347
                    CVE-2021-3348
CVSS scores:
                    CVE-2020-25639 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-27835 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-28374 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
                    CVE-2020-28374 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
                    CVE-2020-29568 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2020-29568 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
                    CVE-2020-29569 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
                    CVE-2020-29569 (SUSE): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
                    CVE-2020-36158 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2020-36158 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-0342 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-0342 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-20177 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
                    CVE-2021-3347 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3347 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2021-3348 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
                    CVE-2021-3348 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise Real Time Extension 12-SP5
______________________________________________________________________________

   An update that solves 10 vulnerabilities and has 75 fixes
   is now available.

Description:

   The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
   security and bugfixes.


   The following security bugs were fixed:

   - CVE-2021-3347: A use-after-free was discovered in the PI futexes during
     fault handling, allowing local users to execute code in the kernel
     (bnc#1181349).
   - CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be
     triggered by local attackers (with access to the nbd device) via an I/O
     request at a certain point during device setup (bnc#1181504).
   - CVE-2021-20177: Fixed a kernel panic related to iptables string matching
     rules. A privileged user could insert a rule which could lead to denial
     of service (bnc#1180765).
   - CVE-2021-0342: In tun_get_user of tun.c, there is possible memory
     corruption due to a use after free. This could lead to local escalation
     of privilege with System execution privileges required. (bnc#1180812)
   - CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was
     found, specifically in the way user calls Ioctl after open dev file and
     fork. A local user could use this flaw to crash the system (bnc#1179878).
   - CVE-2020-25639: Fixed a NULL pointer dereference via nouveau ioctl
     (bnc#1176846).
   - CVE-2020-29569: Fixed a potential privilege escalation and information
     leaks related to the PV block backend, as used by Xen (bnc#1179509).
   - CVE-2020-29568: Fixed a denial of service issue, related to processing
     watch events (bnc#1179508).
   - CVE-2020-28374: Fixed a Linux SCSI target issue (bsc#1178372).
   - CVE-2020-36158: Fixed a potential remote code execution in the Marvell
     mwifiex driver (bsc#1180559).

   The following non-security bugs were fixed:

   - ACPI: PNP: compare the string length in the matching_id() (git-fixes).
   - ACPI: scan: Harden acpi_device_add() against device ID overflows
     (git-fixes).
   - ACPI: scan: Make acpi_bus_get_device() clear return pointer on error
     (git-fixes).
   - ACPI: scan: add stub acpi_create_platform_device() for !CONFIG_ACPI
     (git-fixes).
   - ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
     (git-fixes).
   - ACPICA: Do not increment operation_region reference counts for field
     units (git-fixes).
   - ALSA: ca0106: fix error code handling (git-fixes).
   - ALSA: ctl: allow TLV read operation for callback type of element in
     locked case (git-fixes).
   - ALSA: doc: Fix reference to mixart.rst (git-fixes).
   - ALSA: fireface: Fix integer overflow in transmit_midi_msg() (git-fixes).
   - ALSA: firewire-tascam: Fix integer overflow in midi_port_work()
     (git-fixes).
   - ALSA: hda - Fix silent audio output and corrupted input on MSI X570-A
     PRO (git-fixes).
   - ALSA: hda/generic: Add option to enforce preferred_dacs pairs
     (git-fixes).
   - ALSA: hda/hdmi: always check pin power status in i915 pin fixup
     (git-fixes).
   - ALSA: hda/realtek - Couldn't detect Mic if booting with headset plugged
     (git-fixes).
   - ALSA: hda/realtek - Enable headset mic of ASUS Q524UQK with ALC255
     (git-fixes).
   - ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation
     P520 (git-fixes).
   - ALSA: hda/via: Add minimum mute flag (git-fixes).
   - ALSA: hda/via: Fix runtime PM for Clevo W35xSS (git-fixes).
   - ALSA: hda: Add NVIDIA codec IDs 9a & 9d through a0 to patch table
     (git-fixes).
   - ALSA: hda: Fix potential race in unsol event handler (git-fixes).
   - ALSA: info: Drop WARN_ON() from buffer NULL sanity check (git-fixes).
   - ALSA: isa/wavefront: prevent out of bounds write in ioctl (git-fixes).
   - ALSA: line6: Perform sanity check for each URB creation (git-fixes).
   - ALSA: pcm: Clear the full allocated memory at hw_params (git-fixes).
   - ALSA: pcm: oss: Fix a few more UBSAN fixes (git-fixes).
   - ALSA: pcm: oss: Fix potential out-of-bounds shift (git-fixes).
   - ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
     (git-fixes).
   - ALSA: seq: oss: Fix missing error check in snd_seq_oss_synth_make_info()
     (git-fixes).
   - ALSA: timer: Limit max amount of slave instances (git-fixes).
   - ALSA: usb-audio: Add delay quirk for H570e USB headsets (git-fixes).
   - ALSA: usb-audio: Add delay quirk for all Logitech USB devices
     (git-fixes).
   - ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
   - ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
   - ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
   - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Alpha
     S (git-fixes).
   - ALSA: usb-audio: Add registration quirk for Kingston HyperX Cloud Flight
     S (git-fixes).
   - ALSA: usb-audio: Disable sample read check if firmware does not give
     back (git-fixes).
   - ALSA: usb-audio: Fix OOB access of mixer element list (git-fixes).
   - ALSA: usb-audio: Fix control 'access overflow' errors from chmap
     (git-fixes).
   - ALSA: usb-audio: Fix potential out-of-bounds shift (git-fixes).
   - ALSA: usb-audio: Fix race against the error recovery URB submission
     (git-fixes).
   - ALSA: usb-audio: add quirk for Denon DCD-1500RE (git-fixes).
   - ALSA: usb-audio: add quirk for Samsung USBC Headset (AKG) (git-fixes).
   - ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices
     (git-fixes).
   - ASoC: Intel: haswell: Add missing pm_ops (git-fixes).
   - ASoC: dapm: remove widget from dirty list on free (git-fixes).
   - ASoC: fsl_asrc_dma: Fix dma_chan leak when config DMA channel failed
     (git-fixes).
   - ASoC: pcm3168a: The codec does not support S32_LE (git-fixes).
   - ASoC: rt5677: Mark reg RT5677_PWR_ANLG2 as volatile (git-fixes).
   - ASoC: sti: fix possible sleep-in-atomic (git-fixes).
   - ASoC: wm8904: fix regcache handling (git-fixes).
   - ASoC: wm_adsp: Do not generate kcontrols without READ flags (git-fixes).
   - Bluetooth: Fix advertising duplicated flags (git-fixes).
   - Bluetooth: add a mutex lock to avoid UAF in do_enale_set (git-fixes).
   - EDAC/amd64: Fix PCI component registration (bsc#1112178).
   - HID: Improve Windows Precision Touchpad detection (git-fixes).
   - HID: apple: Disable Fn-key key-re-mapping on clone keyboards (git-fixes).
   - HID: core: Correctly handle ReportSize being zero (git-fixes).
   - HID: core: check whether Usage Page item is after Usage ID items
     (git-fixes).
   - HID: cypress: Support Varmilo Keyboards' media hotkeys (git-fixes).
   - HID: hid-sensor-hub: Fix issue with devices with no report ID
     (git-fixes).
   - HID: intel-ish-hid: fix wrong error handling in ishtp_cl_alloc_tx_ring()
     (git-fixes).
   - HID: logitech-hidpp: Silence intermittent get_battery_capacity errors
     (git-fixes).
   - IB/mlx5: Fix DEVX support for MLX5_CMD_OP_INIT2INIT_QP command
     (bsc#1103991).
   - Input: atmel_mxt_ts - disable IRQ across suspend (git-fixes).
   - Input: cm109 - do not stomp on control URB (git-fixes).
   - Input: cros_ec_keyb - send 'scancodes' in addition to key events
     (git-fixes).
   - Input: goodix - add upside-down quirk for Teclast X98 Pro tablet
     (git-fixes).
   - Input: i8042 - add Acer laptops to the i8042 reset list (git-fixes).
   - Input: i8042 - allow insmod to succeed on devices without an i8042
     controller (git-fixes).
   - Input: synaptics - enable InterTouch for ThinkPad X1E 1st gen
     (git-fixes).
   - KVM: SVM: Initialize prev_ga_tag before use (bsc#1180912).
   - NFC: st95hf: Fix memleak in st95hf_in_send_cmd (git-fixes).
   - NFS4: Fix use-after-free in trace_event_raw_event_nfs4_set_lock
     (git-fixes).
   - NFS: nfs_igrab_and_active must first reference the superblock
     (git-fixes).
   - NFS: switch nfsiod to be an UNBOUND workqueue (git-fixes).
   - NFSv4.2: condition READDIR's mask for security label based on LSM state
     (git-fixes).
   - PCI/ASPM: Allow ASPM on links to PCIe-to-PCI/PCI-X Bridges (git-fixes).
   - PCI/ASPM: Disable ASPM on ASMedia ASM1083/1085 PCIe-to-PCI bridge
     (git-fixes).
   - PCI: Do not disable decoding when mmio_always_on is set (git-fixes).
   - PM / hibernate: memory_bm_find_bit(): Tighten node optimisation
     (git-fixes).
   - PM: ACPI: Output correct message on target power state (git-fixes).
   - PM: hibernate: Freeze kernel threads in software_resume() (git-fixes).
   - PM: hibernate: remove the bogus call to get_gendisk() in
     software_resume() (git-fixes).
   - RDMA/addr: Fix race with netevent_callback()/rdma_addr_cancel()
     (bsc#1103992).
   - RDMA/bnxt_re: Do not add user qps to flushlist (bsc#1050244 ).
   - RDMA/bnxt_re: Do not report transparent vlan from QP1 (bsc#1104742).
   - RDMA/cma: Do not overwrite sgid_attr after device is released
     (bsc#1103992).
   - RDMA/core: Ensure security pkey modify is not lost (bsc#1046306 ).
   - RDMA/core: Fix pkey and port assignment in get_new_pps (bsc#1046306).
   - RDMA/core: Fix protection fault in get_pkey_idx_qp_list (bsc#1046306).
   - RDMA/core: Fix reported speed and width (bsc#1046306 ).
   - RDMA/core: Fix return error value in _ib_modify_qp() to negative
     (bsc#1103992).
   - RDMA/core: Fix use of logical OR in get_new_pps (bsc#1046306 ).
   - RDMA/hns: Bugfix for memory window mtpt configuration (bsc#1104427).
   - RDMA/hns: Bugfix for slab-out-of-bounds when unloading hip08 driver
     (bsc#1104427).
   - RDMA/hns: Fix cmdq parameter of querying pf timer resource (bsc#1104427
     bsc#1126206).
   - RDMA/hns: Fix missing sq_sig_type when querying QP (bsc#1104427 ).
   - RDMA/hns: bugfix for slab-out-of-bounds when loading hip08 driver
     (bsc#1104427).
   - RDMA/iw_cxgb4: Fix incorrect function parameters (bsc#1136348
     jsc#SLE-4684).
   - RDMA/iw_cxgb4: initiate CLOSE when entering TERM (bsc#1136348
     jsc#SLE-4684).
   - RDMA/mlx5: Add init2init as a modify command (bsc#1103991 ).
   - RDMA/mlx5: Fix typo in enum name (bsc#1103991).
   - RDMA/mlx5: Fix wrong free of blue flame register on error (bsc#1103991).
   - RDMA/qedr: Fix inline size returned for iWARP (bsc#1050545 ).
   - SUNRPC: cache: ignore timestamp written to 'flush' file (bsc#1178036).
   - USB: Fix: Do not skip endpoint descriptors with maxpacket=0 (git-fixes).
   - USB: Skip endpoints with 0 maxpacket length (git-fixes).
   - USB: UAS: introduce a quirk to set no_write_same (git-fixes).
   - USB: add RESET_RESUME quirk for Snapscan 1212 (git-fixes).
   - USB: dummy-hcd: Fix uninitialized array use in init() (git-fixes).
   - USB: ehci: fix an interrupt calltrace error (git-fixes).
   - USB: gadget: f_acm: add support for SuperSpeed Plus (git-fixes).
   - USB: gadget: f_midi: setup SuperSpeed Plus descriptors (git-fixes).
   - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above (git-fixes).
   - USB: gadget: legacy: fix return error code in acm_ms_bind() (git-fixes).
   - USB: ldusb: use unsigned size format specifiers (git-fixes).
   - USB: serial: iuu_phoenix: fix DMA from stack (git-fixes).
   - USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk
     set (git-fixes).
   - USB: yurex: fix control-URB timeout handling (git-fixes).
   - __netif_receive_skb_core: pass skb by reference (bsc#1109837).
   - arm64: pgtable: Ensure dirty bit is preserved across pte_wrprotect()
     (bsc#1180130).
   - arm64: pgtable: Fix pte_accessible() (bsc#1180130).
   - ata/libata: Fix usage of page address by page_address in
     ata_scsi_mode_select_xlat function (git-fixes).
   - ath10k: fix backtrace on coredump (git-fixes).
   - ath10k: fix get invalid tx rate for Mesh metric (git-fixes).
   - ath10k: fix offchannel tx failure when no ath10k_mac_tx_frm_has_freq
     (git-fixes).
   - ath9k_htc: Discard undersized packets (git-fixes).
   - ath9k_htc: Modify byte order for an error message (git-fixes).
   - ath9k_htc: Silence undersized packet warnings (git-fixes).
   - ath9k_htc: Use appropriate rs_datalen type (git-fixes).
   - backlight: lp855x: Ensure regulators are disabled on probe failure
     (git-fixes).
   - bnxt_en: Do not query FW when netif_running() is false (bsc#1086282).
   - bnxt_en: Fix accumulation of bp->net_stats_prev (bsc#1104745 ).
   - bnxt_en: Improve stats context resource accounting with RDMA driver
     loaded (bsc#1104745).
   - bnxt_en: Release PCI regions when DMA mask setup fails during probe
     (git-fixes).
   - bnxt_en: Reset rings if ring reservation fails during open()
     (bsc#1086282).
   - bnxt_en: fix HWRM error when querying VF temperature (bsc#1104745).
   - bnxt_en: fix error return code in bnxt_init_board() (git-fixes).
   - bnxt_en: fix error return code in bnxt_init_one() (bsc#1050242 ).
   - bnxt_en: read EEPROM A2h address using page 0 (git-fixes).
   - bnxt_en: return proper error codes in bnxt_show_temp (bsc#1104745).
   - bonding: set dev->needed_headroom in bond_setup_by_slave() (git-fixes).
   - btrfs: add a flag to iterate_inodes_from_logical to find all
   - btrfs: add a flag to iterate_inodes_from_logical to find all extent refs
     for uncompressed extents (bsc#1174206).
   - btrfs: add a flag to iterate_inodes_from_logical to find all extent refs
     for uncompressed extents (bsc#1174206).
   - btrfs: add a flags argument to LOGICAL_INO and call it LOGICAL_INO_V2
     (bsc#1174206).
   - btrfs: increase output size for LOGICAL_INO_V2 ioctl (bsc#1174206).
   - btrfs: qgroup: do not try to wait flushing if we're already holding a
     transaction (bsc#1179575).
   - caif: no need to check return value of debugfs_create functions
     (git-fixes).
   - can: c_can: c_can_power_up(): fix error handling (git-fixes).
   - can: dev: prevent potential information leak in can_fill_info()
     (git-fixes).
   - can: vxcan: vxcan_xmit: fix use after free bug (git-fixes).
   - cfg80211: initialize rekey_data (git-fixes).
   - cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
   - chelsio/chtls: correct function return and return type (bsc#1104270).
   - chelsio/chtls: correct netdevice for vlan interface (bsc#1104270 ).
   - chelsio/chtls: fix a double free in chtls_setkey() (bsc#1104270 ).
   - chelsio/chtls: fix always leaking ctrl_skb (bsc#1104270 ).
   - chelsio/chtls: fix deadlock issue (bsc#1104270).
   - chelsio/chtls: fix memory leaks caused by a race (bsc#1104270 ).
   - chelsio/chtls: fix memory leaks in CPL handlers (bsc#1104270 ).
   - chelsio/chtls: fix panic during unload reload chtls (bsc#1104270 ).
   - chelsio/chtls: fix socket lock (bsc#1104270).
   - chelsio/chtls: fix tls record info to user (bsc#1104270 ).
   - chtls: Added a check to avoid NULL pointer dereference (bsc#1104270).
   - chtls: Fix chtls resources release sequence (bsc#1104270 ).
   - chtls: Fix hardware tid leak (bsc#1104270).
   - chtls: Remove invalid set_tcb call (bsc#1104270).
   - chtls: Replace skb_dequeue with skb_peek (bsc#1104270 ).
   - clk: at91: usb: continue if clk_hw_round_rate() return zero (git-fixes).
   - clk: mvebu: a3700: fix the XTAL MODE pin to MPP1_9 (git-fixes).
   - clk: qcom: Allow constant ratio freq tables for rcg (git-fixes).
   - clk: qcom: msm8916: Fix the address location of pll->config_reg
     (git-fixes).
   - clk: s2mps11: Fix a resource leak in error handling paths in the probe
     function (git-fixes).
   - clk: samsung: exynos5433: Add IGNORE_UNUSED flag to sclk_i2s1
     (git-fixes).
   - clk: sunxi-ng: Make sure divider tables have sentinel (git-fixes).
   - clk: tegra: Fix Tegra PMC clock out parents (git-fixes).
   - clk: tegra: Fix duplicated SE clock entry (git-fixes).
   - clk: ti: Fix memleak in ti_fapll_synth_setup (git-fixes).
   - clk: ti: composite: fix memory leak (git-fixes).
   - clk: ti: dra7-atl-clock: Remove ti_clk_add_alias call (git-fixes).
   - clocksource/drivers/asm9260: Add a check for of_clk_get (git-fixes).
   - cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled
     (bsc#1109837).
   - cxgb3: fix error return code in t3_sge_alloc_qset() (git-fixes).
   - cxgb4/cxgb4vf: fix flow control display for auto negotiation
     (bsc#1046540 bsc#1046542).
   - cxgb4: fix SGE queue dump destination buffer context (bsc#1073513).
   - cxgb4: fix adapter crash due to wrong MC size (bsc#1073513).
   - cxgb4: fix all-mask IP address comparison (bsc#1064802 bsc#1066129).
   - cxgb4: fix large delays in PTP synchronization (bsc#1046540 bsc#1046648).
   - cxgb4: fix the panic caused by non smac rewrite (bsc#1064802
     bsc#1066129).
   - cxgb4: fix thermal zone device registration (bsc#1104279 bsc#1104277).
   - cxgb4: fix throughput drop during Tx backpressure (bsc#1127354
     bsc#1127371).
   - cxgb4: move DCB version extern to header file (bsc#1104279 ).
   - cxgb4: remove cast when saving IPv4 partial checksum (bsc#1074220).
   - cxgb4: set up filter action after rewrites (bsc#1064802 bsc#1066129).
   - cxgb4: use correct type for all-mask IP address comparison (bsc#1064802
     bsc#1066129).
   - cxgb4: use unaligned conversion for fetching timestamp (bsc#1046540
     bsc#1046648).
   - dmaengine: xilinx_dma: check dma_async_device_register return value
     (git-fixes).
   - dmaengine: xilinx_dma: fix mixed_enum_type coverity warning (git-fixes).
   - docs: Fix reST markup when linking to sections (git-fixes).
   - drivers: base: Fix NULL pointer exception in __platform_driver_probe()
     if a driver developer is foolish (git-fixes).
   - drivers: net: xgene: Fix the order of the arguments of
     'alloc_etherdev_mqs()' (git-fixes).
   - drm/amd/powerplay: fix a crash when overclocking Vega M (bsc#1113956)
   - drm/amdkfd: Put ACPI table after using it (bsc#1129770) Backporting
     changes: 	* context changes
   - drm/atomic: put state on error path (git-fixes).
   - drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
     (bsc#1129770)
   - drm/i915: Check for all subplatform bits (git-fixes).
   - drm/i915: Clear the repeater bit on HDCP disable (bsc#1112178)
     Backporting changes: 	* context changes
   - drm/i915: Fix sha_text population code (bsc#1112178) Backporting
     changes: 	* context changes
   - drm/msm: Avoid div-by-zero in dpu_crtc_atomic_check() (bsc#1129770)
     Backporting changes: 	* context changes 	* moved num_mixers from struct
     dpu_crtc_state to struct dpu_crtc
   - drm/msm: Fix WARN_ON() splat in _free_object() (bsc#1129770) Backporting
     changes: 	 * context changes
   - drm/msm: Fix use-after-free in msm_gem with carveout (bsc#1129770)
     Backporting changes: 	* context changes 	* removed reference to
     msm_gem_is_locked()
   - drm/nouveau/bios: fix issue shadowing expansion ROMs (git-fixes).
   - drm/nouveau/i2c/gm200: increase width of aux semaphore owner fields
     (git-fixes).
   - drm/nouveau/privring: ack interrupts the same way as RM (git-fixes).
   - drm/tve200: Fix handling of platform_get_irq() error (bsc#1129770)
   - drm/vgem: Replace opencoded version of drm_gem_dumb_map_offset()
     (bsc#1112178) Backporting changes: 	* context changes
   - drm: sun4i: hdmi: Fix inverted HPD result (bsc#1112178) Backporting
     changes: 	* context changes
   - drm: sun4i: hdmi: Remove extra HPD polling (bsc#1112178)
   - ehci: fix EHCI host controller initialization sequence (git-fixes).
   - ethernet: ucc_geth: fix use-after-free in ucc_geth_remove() (git-fixes).
   - fbcon: Fix user font detection test at fbcon_resize(). (bsc#1112178)
     Backporting changes: 	* updated path drivers/video/fbcon/core to
     drivers/video/console
   - fbcon: Remove the superfluous break (bsc#1129770) Backporting changes:
     * updated path drivers/video/fbcon/core to drivers/video/console 	*
     context changes
   - firmware: qcom: scm: Ensure 'a0' status code is treated as signed
     (git-fixes).
   - floppy: reintroduce O_NDELAY fix (boo#1181018).
   - futex: Do not enable IRQs unconditionally in put_pi_state()
     (bsc#1149032).
   - futex: Ensure the correct return value from futex_lock_pi() (bsc#1181349
     bsc#1149032).
   - futex: Fix incorrect should_fail_futex() handling (bsc#1181349).
   - futex: Handle faults correctly for PI futexes (bsc#1181349 bsc#1149032).
   - futex: Provide and use pi_state_update_owner() (bsc#1181349 bsc#1149032).
   - futex: Replace pointless printk in fixup_owner() (bsc#1181349
     bsc#1149032).
   - futex: Simplify fixup_pi_state_owner() (bsc#1181349 bsc#1149032).
   - futex: Use pi_state_update_owner() in put_pi_state() (bsc#1181349
     bsc#1149032).
   - geneve: change from tx_error to tx_dropped on missing metadata
     (git-fixes).
   - gpio: arizona: handle pm_runtime_get_sync failure case (git-fixes).
   - gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in
     grgpio_irq_map/unmap() (git-fixes).
   - gpio: max77620: Add missing dependency on GPIOLIB_IRQCHIP (git-fixes).
   - gpio: max77620: Fixup debounce delays (git-fixes).
   - gpio: max77620: Use correct unit for debounce times (git-fixes).
   - gpio: mpc8xxx: Add platform device to gpiochip->parent (git-fixes).
   - gpio: mvebu: fix potential user-after-free on probe (git-fixes).
   - gpiolib: acpi: Add honor_wakeup module-option + quirk mechanism
     (git-fixes).
   - gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288
     model (git-fixes).
   - gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288
     model (git-fixes).
   - gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
     (git-fixes).
   - gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option
     (git-fixes).
   - gpiolib: acpi: Turn dmi_system_id table into a generic quirk table
     (git-fixes).
   - gpiolib: fix up emulated open drain outputs (git-fixes).
   - hwmon: (aspeed-pwm-tacho) Avoid possible buffer overflow (git-fixes).
   - hwmon: (jc42) Fix name to have no illegal characters (git-fixes).
   - i2c: algo: pca: Reapply i2c bus settings after reset (git-fixes).
   - i2c: i801: Fix resume bug (git-fixes).
   - i2c: octeon: check correct size of maximum RECV_LEN packet (git-fixes).
   - i2c: piix4: Detect secondary SMBus controller on AMD AM4 chipsets
     (git-fixes).
   - i2c: pxa: clear all master action bits in i2c_pxa_stop_message()
     (git-fixes).
   - i2c: pxa: fix i2c_pxa_scream_blue_murder() debug output (git-fixes).
   - i40e: Fix removing driver while bare-metal VFs pass traffic (git-fixes).
   - i40e: avoid premature Rx buffer reuse (bsc#1111981).
   - igb: Report speed and duplex as unknown when device is runtime suspended
     (git-fixes).
   - igc: fix link speed advertising (jsc#SLE-4799).
   - iio: ad5504: Fix setting power-down state (git-fixes).
   - iio: adc: max1027: Reset the device at probe time (git-fixes).
   - iio: bmp280: fix compensation of humidity (git-fixes).
   - iio: dac: ad5592r: fix unbalanced mutex unlocks in ad5592r_read_raw()
     (git-fixes).
   - iio: fix center temperature of bmc150-accel-core (git-fixes).
   - iio: humidity: hdc100x: fix IIO_HUMIDITYRELATIVE channel reporting
     (git-fixes).
   - iio: light: bh1750: Resolve compiler warning and make code more readable
     (git-fixes).
   - iio: srf04: fix wrong limitation in distance measuring (git-fixes).
   - iio:imu:bmi160: Fix too large a buffer (git-fixes).
   - iommu/vt-d: Do not dereference iommu_device if IOMMU_API is not built
     (bsc#1181001, jsc#ECO-3191).
   - iommu/vt-d: Gracefully handle DMAR units with no supported address
     widths (bsc#1181001, jsc#ECO-3191).
   - ipw2x00: Fix -Wcast-function-type (git-fixes).
   - irqchip/alpine-msi: Fix freeing of interrupts on allocation error path
     (git-fixes).
   - iwlwifi: mvm: fix kernel panic in case of assert during CSA (git-fixes).
   - iwlwifi: mvm: fix unaligned read of rx_pkt_status (git-fixes).
   - iwlwifi: pcie: limit memory read spin time (git-fixes).
   - ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K (bsc#1109837).
   - ixgbe: avoid premature Rx buffer reuse (bsc#1109837 ).
   - kABI workaround for HD-audio generic parser (git-fixes).
   - kABI: Fix kABI for extended APIC-ID support (bsc#1181001, jsc#ECO-3191).
   - lockd: do not use interval-based rebinding over TCP (git-fixes).
   - locking/futex: Allow low-level atomic operations to return -EAGAIN
     (bsc#1149032).
   - mac80211: Check port authorization in the ieee80211_tx_dequeue() case
     (git-fixes).
   - mac80211: allow rx of mesh eapol frames with default rx key (git-fixes).
   - mac80211: fix authentication with iwlwifi/mvm (git-fixes).
   - mac80211: fix use of skb payload instead of header (git-fixes).
   - md-cluster: fix rmmod issue when md_cluster convert bitmap to none
     (bsc#1163727).
   - md-cluster: fix safemode_delay value when converting to clustered bitmap
     (bsc#1163727).
   - md-cluster: fix wild pointer of unlock_all_bitmaps() (bsc#1163727).
   - md/bitmap: fix memory leak of temporary bitmap (bsc#1163727).
   - md/bitmap: md_bitmap_get_counter returns wrong blocks (bsc#1163727).
   - md/bitmap: md_bitmap_read_sb uses wrong bitmap blocks (bsc#1163727).
   - md/cluster: block reshape with remote resync job (bsc#1163727).
   - md/cluster: fix deadlock when node is doing resync job (bsc#1163727).
   - md/raid10: initialize r10_bio->read_slot before use (git-fixes).
   - md: fix a warning caused by a race between concurrent md_ioctl()s
     (git-fixes).
   - media: am437x-vpfe: Setting STD to current value is not an error
     (git-fixes).
   - media: cec-funcs.h: add status_req checks (git-fixes).
   - media: cx88: Fix some error handling path in 'cx8800_initdev()'
     (git-fixes).
   - media: gp8psk: initialize stats at power control logic (git-fixes).
   - media: gspca: Fix memory leak in probe (git-fixes).
   - media: i2c: mt9v032: fix enum mbus codes and frame sizes (git-fixes).
   - media: i2c: ov2659: Fix missing 720p register config (git-fixes).
   - media: i2c: ov2659: fix s_stream return value (git-fixes).
   - media: msi2500: assign SPI bus number dynamically (git-fixes).
   - media: platform: add missing put_device() call in mtk_jpeg_probe() and
     mtk_jpeg_remove() (git-patches).
   - media: pvrusb2: Fix oops on tear-down when radio support is not present
     (git-fixes).
   - media: si470x-i2c: add missed operations in remove (git-fixes).
   - media: sti: bdisp: fix a possible sleep-in-atomic-context bug in
     bdisp_device_run() (git-fixes).
   - media: sunxi-cir: ensure IR is handled when it is continuous (git-fixes).
   - media: ti-vpe: vpe: Make sure YUYV is set as default format (git-fixes).
   - media: ti-vpe: vpe: ensure buffers are cleaned up properly in abort
     cases (git-fixes).
   - media: ti-vpe: vpe: fix a v4l2-compliance failure about frame sequence
     number (git-fixes).
   - media: ti-vpe: vpe: fix a v4l2-compliance failure about invalid
     sizeimage (git-fixes).
   - media: ti-vpe: vpe: fix a v4l2-compliance failure causing a kernel panic
     (git-fixes).
   - media: ti-vpe: vpe: fix a v4l2-compliance warning about invalid pixel
     format (git-fixes).
   - media: v4l2-core: fix touch support in v4l_g_fmt (git-fixes).
   - media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in
     v4l2_device macros (git-fixes).
   - mei: bus: do not clean driver pointer (git-fixes).
   - mei: protect mei_cl_mtu from null dereference (git-fixes).
   - mfd: wm8994: Fix driver operation if loaded as modules (git-fixes).
   - misc: vmw_vmci: fix kernel info-leak by initializing dbells in
     vmci_ctx_get_chkpt_doorbells() (git-fixes).
   - misdn: dsp: select CONFIG_BITREVERSE (git-fixes).
   - mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() (git-fixes).
   - mlxsw: destroy workqueue when trap_register in mlxsw_emad_init
     (bsc#1112374).
   - mlxsw: spectrum: Do not modify cloned SKBs during xmit (git-fixes).
   - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case
     reload fails (bsc#1112374).
   - mlxsw: switchx2: Do not modify cloned SKBs during xmit (git-fixes).
   - mm, page_alloc: fix core hung in free_pcppages_bulk() (git fixes
     (mm/hotplug)).
   - mm/page_alloc: fix watchdog soft lockups during set_zone_contiguous()
     (git fixes (mm/pgalloc)).
   - mm/rmap: map_pte() was not handling private ZONE_DEVICE page properly
     (git fixes (mm/hmm)).
   - mm/slab: use memzero_explicit() in kzfree() (git fixes (mm/slab)).
   - mm: do not wake kswapd prematurely when watermark boosting is disabled
     (git fixes (mm/vmscan)).
   - mm: hwpoison: disable memory error handling on 1GB hugepage (git fixes
     (mm/hwpoison)).
   - mmc: sdhci-xenon: fix 1.8v regulator stabilization (git-fixes).
   - module: delay kobject uevent until after module init call (bsc#1178631).
   - nbd: Fix memory leak in nbd_add_socket (bsc#1181504).
   - net/af_iucv: always register net_device notifier (git-fixes).
   - net/af_iucv: fix null pointer dereference on shutdown (bsc#1179563
     LTC#190108).
   - net/af_iucv: set correct sk_protocol for child sockets (git-fixes).
   - net/filter: Permit reading NET in load_bytes_relative when MAC not set
     (bsc#1109837).
   - net/liquidio: Delete driver version assignment (git-fixes).
   - net/liquidio: Delete non-working LIQUIDIO_PACKAGE check (git-fixes).
   - net/mlx4_en: Avoid scheduling restart task if it is already running
     (git-fixes).
   - net/mlx5: Add handling of port type in rule deletion (bsc#1103991).
   - net/mlx5: Fix memory leak on flow table creation error flow
     (bsc#1046305).
   - net/mlx5e: Fix VLAN cleanup flow (git-fixes).
   - net/mlx5e: Fix VLAN create flow (git-fixes).
   - net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups (git-fixes).
   - net/mlx5e: Fix two double free cases (bsc#1046305).
   - net/mlx5e: IPoIB, Drop multicast packets that this interface sent
     (bsc#1075020).
   - net/mlx5e: TX, Fix consumer index of error cqe dump (bsc#1103990 ).
   - net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq
     (bsc#1103990).
   - net/sched: act_tunnel_key: fix OOB write in case of IPv6 ERSPAN tunnels
     (bsc#1109837).
   - net/smc: cancel event worker during device removal (git-fixes).
   - net/smc: check for valid ib_client_data (git-fixes).
   - net/smc: fix sleep bug in smc_pnet_find_roce_resource() (git-fixes).
   - net/smc: receive pending data after RCV_SHUTDOWN (git-fixes).
   - net/smc: receive returns without data (git-fixes).
   - net/sonic: Add mutual exclusion for accessing shared state (git-fixes).
   - net: atlantic: fix potential error handling (git-fixes).
   - net: atlantic: fix use after free kasan warn (git-fixes).
   - net: bcmgenet: keep MAC in reset until PHY is up (git-fixes).
   - net: bcmgenet: reapply manual settings to the PHY (git-fixes).
   - net: broadcom/bcmsysport: Fix signedness in bcm_sysport_probe()
     (git-fixes).
   - net: cbs: Fix software cbs to consider packet sending time (bsc#1109837).
   - net: dsa: LAN9303: select REGMAP when LAN9303 enable (git-fixes).
   - net: dsa: b53: b53_arl_rw_op() needs to select IVL or SVL (git-fixes).
   - net: ena: set initial DMA width to avoid intel iommu issue (git-fixes).
   - net: ethernet: mlx4: Avoid assigning a value to ring_cons but not used
     it anymore in mlx4_en_xmit() (git-fixes).
   - net: ethernet: stmmac: Fix signedness bug in ipq806x_gmac_of_parse()
     (git-fixes).
   - net: freescale: fec: Fix ethtool -d runtime PM (git-fixes).
   - net: hns3: add a missing uninit debugfs when unload driver (bsc#1104353).
   - net: hns3: add compatible handling for command HCLGE_OPC_PF_RST_DONE
     (git-fixes).
   - net: hns3: add management table after IMP reset (bsc#1104353 ).
   - net: hns3: check reset interrupt status when reset fails (git-fixes).
   - net: hns3: clear reset interrupt status in hclge_irq_handle()
     (git-fixes).
   - net: hns3: fix a TX timeout issue (bsc#1104353).
   - net: hns3: fix a wrong reset interrupt status mask (git-fixes).
   - net: hns3: fix error VF index when setting VLAN offload (bsc#1104353).
   - net: hns3: fix error handling for desc filling (bsc#1104353 ).
   - net: hns3: fix for not calculating TX BD send size correctly
     (bsc#1126390).
   - net: hns3: fix interrupt clearing error for VF (bsc#1104353 ).
   - net: hns3: fix mis-counting IRQ vector numbers issue (bsc#1104353).
   - net: hns3: fix shaper parameter algorithm (bsc#1104353 ).
   - net: hns3: fix the number of queues actually used by ARQ (bsc#1104353).
   - net: hns3: fix use-after-free when doing self test (bsc#1104353 ).
   - net: hns3: reallocate SSU' buffer size when pfc_en changes (bsc#1104353).
   - net: mvpp2: Fix GoP port 3 Networking Complex Control configurations
     (bsc#1098633).
   - net: mvpp2: Fix error return code in mvpp2_open() (bsc#1119113 ).
   - net: mvpp2: fix pkt coalescing int-threshold configuration (bsc#1098633).
   - net: phy: Allow BCM54616S PHY to setup internal TX/RX clock delay
     (git-fixes).
   - net: phy: Avoid multiple suspends (git-fixes).
   - net: phy: broadcom: Fix RGMII delays configuration for BCM54210E
     (git-fixes).
   - net: phy: micrel: Discern KSZ8051 and KSZ8795 PHYs (git-fixes).
   - net: phy: micrel: make sure the factory test bit is cleared (git-fixes).
   - net: qca_spi: Move reset_count to struct qcaspi (git-fixes).
   - net: smc911x: Adjust indentation in smc911x_phy_configure (git-fixes).
   - net: stmmac: 16KB buffer must be 16 byte aligned (git-fixes).
   - net: stmmac: Do not accept invalid MTU values (git-fixes).
   - net: stmmac: Enable 16KB buffer size (git-fixes).
   - net: stmmac: RX buffer size must be 16 byte aligned (git-fixes).
   - net: stmmac: dwmac-meson8b: Fix signedness bug in probe (git-fixes).
   - net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes (git-fixes).
   - net: stmmac: fix length of PTP clock's name string (git-fixes).
   - net: stmmac: gmac4+: Not all Unicast addresses may be available
     (git-fixes).
   - net: sunrpc: interpret the return value of kstrtou32 correctly
     (git-fixes).
   - net: team: fix memory leak in __team_options_register (git-fixes).
   - net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
     (git-fixes).
   - net: usb: lan78xx: Fix error message format specifier (git-fixes).
   - net: usb: sr9800: fix uninitialized local variable (git-fixes).
   - net: vlan: avoid leaks on register_vlan_dev() failures (git-fixes).
   - net_failover: fixed rollback in net_failover_open() (bsc#1109837).
   - net_sched: let qdisc_put() accept NULL pointer (bsc#1056657 bsc#1056653
     bsc#1056787).
   - nfc: s3fwrn5: add missing release on skb in s3fwrn5_recv_frame
     (git-fixes).
   - nfp: validate the return code from dev_queue_xmit() (git-fixes).
   - nfs_common: need lock during iterate through the list (git-fixes).
   - nfsd4: readdirplus shouldn't return parent of export (git-fixes).
   - nfsd: Fix message level for normal termination (git-fixes).
   - pNFS: Mark layout for return if return-on-close was not sent (git-fixes).
   - page_frag: Recover from memory pressure (git fixes (mm/pgalloc)).
   - parport: load lowlevel driver if ports not found (git-fixes).
   - pinctrl: amd: fix __iomem annotation in amd_gpio_irq_handler()
     (git-fixes).
   - pinctrl: amd: fix npins for uart0 in kerncz_groups (git-fixes).
   - pinctrl: amd: remove debounce filter setting in IRQ type setting
     (git-fixes).
   - pinctrl: aspeed: Fix GPIO requests on pass-through banks (git-fixes).
   - pinctrl: baytrail: Avoid clearing debounce value when turning it off
     (git-fixes).
   - pinctrl: merrifield: Set default bias in case no particular value given
     (git-fixes).
   - pinctrl: sh-pfc: sh7734: Fix duplicate TCLK1_B (git-fixes).
   - platform/x86: acer-wmi: add automatic keyboard background light toggle
     key as KEY_LIGHTS_TOGGLE (git-fixes).
   - power: supply: bq27xxx_battery: Silence deferred-probe error (git-fixes).
   - powerpc/pci: Fix broken INTx configuration via OF (bsc#1172145
     ltc#184630).
   - powerpc/pci: Remove LSI mappings on device teardown (bsc#1172145
     ltc#184630).
   - powerpc/pci: Remove legacy debug code (bsc#1172145 ltc#184630 git-fixes).
   - powerpc/pci: Use of_irq_parse_and_map_pci() helper (bsc#1172145
     ltc#184630).
   - powerpc/perf: Add generic compat mode pmu driver (bsc#1178900
     ltc#189284).
   - powerpc/perf: Fix crashes with generic_compat_pmu & BHRB (bsc#1178900
     ltc#189284 git-fixes).
   - powerpc/perf: init pmu from core-book3s (bsc#1178900 ltc#189284).
   - powerpc: Convert to using %pOF instead of full_name (bsc#1172145
     ltc#184630).
   - qed: Fix race condition between scheduling and destroying the slowpath
     workqueue (bsc#1086314 bsc#1086313 bsc#1086301).
   - qed: Fix use after free in qed_chain_free (bsc#1050536 bsc#1050538).
   - r8152: Add Lenovo Powered USB-C Travel Hub (git-fixes).
   - radeon: insert 10ms sleep in dce5_crtc_load_lut (git-fixes).
   - regmap: debugfs: check count when read regmap file (git-fixes).
   - regmap: dev_get_regmap_match(): fix string comparison (git-fixes).
   - regulator: max8907: Fix the usage of uninitialized variable in
     max8907_regulator_probe() (git-fixes).
   - regulator: pfuze100-regulator: Variable "val" in
     pfuze100_regulator_probe() could be uninitialized (git-fixes).
   - regulator: ti-abb: Fix timeout in
     ti_abb_wait_txdone/ti_abb_clear_all_txdone (git-fixes).
   - remoteproc: Fix wrong rvring index computation (git-fixes).
   - rfkill: Fix incorrect check to avoid NULL pointer dereference
     (git-fixes).
   - rtc: 88pm860x: fix possible race condition (git-fixes).
   - rtl8xxxu: fix RTL8723BU connection failure issue after warm reboot
     (git-fixes).
   - rtlwifi: fix memory leak in rtl92c_set_fw_rsvdpagepkt() (git-fixes).
   - rtmutex: Remove unused argument from rt_mutex_proxy_unlock()
     (bsc#1181349 bsc#1149032).
   - s390/cio: fix use-after-free in ccw_device_destroy_console (git-fixes).
   - s390/dasd: fix hanging device offline processing (bsc#1144912).
   - s390/dasd: fix list corruption of lcu list (bsc#1181170 LTC#190915).
   - s390/dasd: fix list corruption of pavgroup group list (bsc#1181170
     LTC#190915).
   - s390/dasd: prevent inconsistent LCU device data (bsc#1181170 LTC#190915).
   - s390/qeth: delay draining the TX buffers (git-fixes).
   - s390/qeth: fix L2 header access in qeth_l3_osa_features_check()
     (git-fixes).
   - s390/qeth: fix deadlock during recovery (git-fixes).
   - s390/qeth: fix locking for discipline setup / removal (git-fixes).
   - s390/smp: perform initial CPU reset also for SMT siblings (git-fixes).
   - sched/fair: Fix enqueue_task_fair warning (bsc#1179093).
   - sched/fair: Fix enqueue_task_fair() warning some more (bsc#1179093).
   - sched/fair: Fix reordering of enqueue/dequeue_task_fair() (bsc#1179093).
   - sched/fair: Fix unthrottle_cfs_rq() for leaf_cfs_rq list (bsc#1179093).
   - sched/fair: Reorder enqueue/dequeue_task_fair path (bsc#1179093).
   - scsi: core: Fix VPD LUN ID designator priorities (bsc#1178049,
     git-fixes).
   - scsi: ibmvfc: Set default timeout to avoid crash during migration
     (bsc#1181425 ltc#188252).
   - scsi: lpfc: Enhancements to LOG_TRACE_EVENT for better readability
     (bsc#1180891).
   - scsi: lpfc: Fix FW reset action if I/Os are outstanding (bsc#1180891).
   - scsi: lpfc: Fix NVMe recovery after mailbox timeout (bsc#1180891).
   - scsi: lpfc: Fix PLOGI S_ID of 0 on pt2pt config (bsc#1180891).
   - scsi: lpfc: Fix auto sli_mode and its effect on CONFIG_PORT for SLI3
     (bsc#1180891).
   - scsi: lpfc: Fix crash when a fabric node is released prematurely
     (bsc#1180891).
   - scsi: lpfc: Fix error log messages being logged following SCSI task mgnt
     (bsc#1180891).
   - scsi: lpfc: Fix target reset failing (bsc#1180891).
   - scsi: lpfc: Fix vport create logging (bsc#1180891).
   - scsi: lpfc: Implement health checking when aborting I/O (bsc#1180891).
   - scsi: lpfc: Prevent duplicate requests to unregister with cpuhp
     framework (bsc#1180891).
   - scsi: lpfc: Refresh ndlp when a new PRLI is received in the PRLI issue
     state (bsc#1180891).
   - scsi: lpfc: Simplify bool comparison (bsc#1180891).
   - scsi: lpfc: Update lpfc version to 12.8.0.7 (bsc#1180891).
   - scsi: lpfc: Use the nvme-fc transport supplied timeout for LS requests
     (bsc#1180891).
   - serial: 8250_pci: Add Realtek 816a and 816b (git-fixes).
   - serial: amba-pl011: Make sure we initialize the port.lock spinlock
     (git-fixes).
   - serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE (git-fixes).
   - serial: mvebu-uart: fix tx lost characters at power off (git-fixes).
   - serial: txx9: add missing platform_driver_unregister() on error in
     serial_txx9_init (git-fixes).
   - serial_core: Check for port state when tty is in error state (git-fixes).
   - soc: imx: gpc: fix power up sequencing (git-fixes).
   - spi: Add call to spi_slave_abort() function when spidev driver is
     released (git-fixes).
   - spi: Fix memory leak on splited transfers (git-fixes).
   - spi: cadence: cache reference clock rate during probe (git-fixes).
   - spi: dw: Enable interrupts in accordance with DMA xfer mode (git-fixes).
   - spi: dw: Fix Rx-only DMA transfers (git-fixes).
   - spi: dw: Return any value retrieved from the dma_transfer callback
     (git-fixes).
   - spi: img-spfi: fix potential double release (git-fixes).
   - spi: pxa2xx: Add missed security checks (git-fixes).
   - spi: spi-cavium-thunderx: Add missing pci_release_regions() (git-fixes).
   - spi: spi-loopback-test: Fix out-of-bounds read (git-fixes).
   - spi: spidev: fix a potential use-after-free in spidev_release()
     (git-fixes).
   - spi: st-ssc4: Fix unbalanced pm_runtime_disable() in probe error path
     (git-fixes).
   - spi: st-ssc4: add missed pm_runtime_disable (git-fixes).
   - spi: tegra20-slink: add missed clk_unprepare (git-fixes).
   - staging: comedi: check validity of wMaxPacketSize of usb endpoints found
     (git-fixes).
   - staging: comedi: gsc_hpdi: check dma_alloc_coherent() return value
     (git-fixes).
   - staging: rtl8188eu: Add device code for TP-Link TL-WN727N v5.21
     (git-fixes).
   - staging: rtl8188eu: Add device id for MERCUSYS MW150US v2 (git-fixes).
   - staging: rtl8188eu: fix possible null dereference (git-fixes).
   - staging: rtl8192u: fix multiple memory leaks on error path (git-fixes).
   - staging: vt6656: set usb_set_intfdata on driver fail (git-fixes).
   - staging: wlan-ng: fix out of bounds read in prism2sta_probe_usb()
     (git-fixes).
   - staging: wlan-ng: properly check endpoint types (git-fixes).
   - team: set dev->needed_headroom in team_setup_by_port() (git-fixes).
   - thunderbolt: Use 32-bit writes when writing ring producer/consumer
     (git-fixes).
   - tty: always relink the port (git-fixes).
   - tty: link tty and port before configuring it as console (git-fixes).
   - tty: synclink_gt: Adjust indentation in several functions (git-fixes).
   - tty: synclinkmp: Adjust indentation in several functions (git-fixes).
   - tty:serial:mvebu-uart:fix a wrong return (git-fixes).
   - tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS
     (bsc#1109837).
   - usb: chipidea: ci_hdrc_imx: add missing put_device() call in
     usbmisc_get_init_data() (git-fixes).
   - usb: dwc2: Fix IN FIFO allocation (git-fixes).
   - usb: dwc3: remove the call trace of USBx_GFLADJ (git-fixes).
   - usb: dwc3: ulpi: Use VStsDone to detect PHY regs access completion
     (git-fixes).
   - usb: fsl: Check memory resource before releasing it (git-fixes).
   - usb: gadget: composite: Fix possible double free memory bug (git-fixes).
   - usb: gadget: configfs: Fix missing spin_lock_init() (git-fixes).
   - usb: gadget: configfs: Preserve function ordering after bind failure
     (git-fixes).
   - usb: gadget: configfs: fix concurrent issue between composite APIs
     (git-fixes).
   - usb: gadget: f_uac2: reset wMaxPacketSize (git-fixes).
   - usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags (git-fixes).
   - usb: gadget: fix wrong endpoint desc (git-fixes).
   - usb: gadget: goku_udc: fix potential crashes in probe (git-fixes).
   - usb: gadget: net2280: fix memory leak on probe error handling paths
     (git-fixes).
   - usb: gadget: select CONFIG_CRC32 (git-fixes).
   - usb: gadget: serial: fix Tx stall after buffer overflow (git-fixes).
   - usb: gadget: udc: fix possible sleep-in-atomic-context bugs in
     gr_probe() (git-fixes).
   - usb: gadget: udc: gr_udc: fix memleak on error handling path in
     gr_ep_init() (git-fixes).
   - usb: hso: Fix debug compile warning on sparc32 (git-fixes).
   - usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
     (git-fixes).
   - usb: udc: core: Use lock when write to soft_connect (git-fixes).
   - usb: usbfs: Suppress problematic bind and unbind uevents (git-fixes).
   - usblp: poison URBs upon disconnect (git-fixes).
   - veth: Adjust hard_start offset on redirect XDP frames (bsc#1109837).
   - vfio iommu: Add dma available capability (bsc#1179573 LTC#190106).
   - vfio-pci: Use io_remap_pfn_range() for PCI IO memory (bsc#1181231).
   - vhost/vsock: fix vhost vsock cid hashing inconsistent (git-fixes).
   - video: fbdev: neofb: fix memory leak in neo_scan_monitor() (git-fixes).
   - virtio_net: Keep vnet header zeroed if XDP is loaded for small buffer
     (git-fixes).
   - vt: Reject zero-sized screen buffer size (git-fixes).
   - vt: do not hardcode the mem allocation upper bound (git-fixes).
   - wan: ds26522: select CONFIG_BITREVERSE (git-fixes).
   - watchdog: coh901327: add COMMON_CLK dependency (git-fixes).
   - watchdog: da9062: No need to ping manually before setting timeout
     (git-fixes).
   - watchdog: da9062: do not ping the hw during stop() (git-fixes).
   - watchdog: qcom: Avoid context switch in restart handler (git-fixes).
   - watchdog: sirfsoc: Add missing dependency on HAS_IOMEM (git-fixes).
   - wil6210: select CONFIG_CRC32 (git-fixes).
   - wireless: Use linux/stddef.h instead of stddef.h (git-fixes).
   - wireless: Use offsetof instead of custom macro (git-fixes).
   - x86/apic: Fix x2apic enablement without interrupt remapping
     (bsc#1181001, jsc#ECO-3191).
   - x86/apic: Support 15 bits of APIC ID in IOAPIC/MSI where available
     (bsc#1181001, jsc#ECO-3191).
   - x86/hyperv: Fix kexec panic/hang issues (bsc#1176831).
   - x86/i8259: Use printk_deferred() to prevent deadlock (bsc#1112178).
   - x86/ioapic: Handle Extended Destination ID field in RTE (bsc#1181001,
     jsc#ECO-3191).
   - x86/kvm: Add KVM_FEATURE_MSI_EXT_DEST_ID (bsc#1181001, jsc#ECO-3191).
   - x86/kvm: Reserve KVM_FEATURE_MSI_EXT_DEST_ID (bsc#1181001, jsc#ECO-3191).
   - x86/mm/numa: Remove uninitialized_var() usage (bsc#1112178).
   - x86/mm: Fix leak of pmd ptlock (bsc#1112178).
   - x86/msi: Only use high bits of MSI address for DMAR unit (bsc#1181001,
     jsc#ECO-3191).
   - x86/mtrr: Correct the range check before performing MTRR type lookups
     (bsc#1112178).
   - x86/resctrl: Do not move a task to the same resource group (bsc#1112178).
   - x86/resctrl: Use an IPI instead of task_work_add() to update PQR_ASSOC
     MSR (bsc#1112178).
   - xdp: Fix xsk_generic_xmit errno (bsc#1109837).
   - xhci: Give USB2 ports time to enter U3 in bus suspend (git-fixes).
   - xhci: make sure TRB is fully written before giving it to the controller
     (git-fixes).
   - xhci: tegra: Delay for disabling LFPS detector (git-fixes).


Special Instructions and Notes:

   Please reboot the system after installing this update.

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Real Time Extension 12-SP5:

      zypper in -t patch SUSE-SLE-RT-12-SP5-2021-433=1



Package List:

   - SUSE Linux Enterprise Real Time Extension 12-SP5 (noarch):

      kernel-devel-rt-4.12.14-10.31.1
      kernel-source-rt-4.12.14-10.31.1

   - SUSE Linux Enterprise Real Time Extension 12-SP5 (x86_64):

      cluster-md-kmp-rt-4.12.14-10.31.1
      cluster-md-kmp-rt-debuginfo-4.12.14-10.31.1
      dlm-kmp-rt-4.12.14-10.31.1
      dlm-kmp-rt-debuginfo-4.12.14-10.31.1
      gfs2-kmp-rt-4.12.14-10.31.1
      gfs2-kmp-rt-debuginfo-4.12.14-10.31.1
      kernel-rt-4.12.14-10.31.1
      kernel-rt-base-4.12.14-10.31.1
      kernel-rt-base-debuginfo-4.12.14-10.31.1
      kernel-rt-debuginfo-4.12.14-10.31.1
      kernel-rt-debugsource-4.12.14-10.31.1
      kernel-rt-devel-4.12.14-10.31.1
      kernel-rt-devel-debuginfo-4.12.14-10.31.1
      kernel-rt_debug-4.12.14-10.31.1
      kernel-rt_debug-debuginfo-4.12.14-10.31.1
      kernel-rt_debug-debugsource-4.12.14-10.31.1
      kernel-rt_debug-devel-4.12.14-10.31.1
      kernel-rt_debug-devel-debuginfo-4.12.14-10.31.1
      kernel-syms-rt-4.12.14-10.31.1
      ocfs2-kmp-rt-4.12.14-10.31.1
      ocfs2-kmp-rt-debuginfo-4.12.14-10.31.1


References:

   https://www.suse.com/security/cve/CVE-2020-25639.html
   https://www.suse.com/security/cve/CVE-2020-27835.html
   https://www.suse.com/security/cve/CVE-2020-28374.html
   https://www.suse.com/security/cve/CVE-2020-29568.html
   https://www.suse.com/security/cve/CVE-2020-29569.html
   https://www.suse.com/security/cve/CVE-2020-36158.html
   https://www.suse.com/security/cve/CVE-2021-0342.html
   https://www.suse.com/security/cve/CVE-2021-20177.html
   https://www.suse.com/security/cve/CVE-2021-3347.html
   https://www.suse.com/security/cve/CVE-2021-3348.html
   https://bugzilla.suse.com/1046305
   https://bugzilla.suse.com/1046306
   https://bugzilla.suse.com/1046540
   https://bugzilla.suse.com/1046542
   https://bugzilla.suse.com/1046648
   https://bugzilla.suse.com/1050242
   https://bugzilla.suse.com/1050244
   https://bugzilla.suse.com/1050536
   https://bugzilla.suse.com/1050538
   https://bugzilla.suse.com/1050545
   https://bugzilla.suse.com/1056653
   https://bugzilla.suse.com/1056657
   https://bugzilla.suse.com/1056787
   https://bugzilla.suse.com/1064802
   https://bugzilla.suse.com/1066129
   https://bugzilla.suse.com/1073513
   https://bugzilla.suse.com/1074220
   https://bugzilla.suse.com/1075020
   https://bugzilla.suse.com/1086282
   https://bugzilla.suse.com/1086301
   https://bugzilla.suse.com/1086313
   https://bugzilla.suse.com/1086314
   https://bugzilla.suse.com/1098633
   https://bugzilla.suse.com/1103990
   https://bugzilla.suse.com/1103991
   https://bugzilla.suse.com/1103992
   https://bugzilla.suse.com/1104270
   https://bugzilla.suse.com/1104277
   https://bugzilla.suse.com/1104279
   https://bugzilla.suse.com/1104353
   https://bugzilla.suse.com/1104427
   https://bugzilla.suse.com/1104742
   https://bugzilla.suse.com/1104745
   https://bugzilla.suse.com/1109837
   https://bugzilla.suse.com/1111981
   https://bugzilla.suse.com/1112178
   https://bugzilla.suse.com/1112374
   https://bugzilla.suse.com/1113956
   https://bugzilla.suse.com/1119113
   https://bugzilla.suse.com/1126206
   https://bugzilla.suse.com/1126390
   https://bugzilla.suse.com/1127354
   https://bugzilla.suse.com/1127371
   https://bugzilla.suse.com/1129770
   https://bugzilla.suse.com/1136348
   https://bugzilla.suse.com/1144912
   https://bugzilla.suse.com/1149032
   https://bugzilla.suse.com/1163727
   https://bugzilla.suse.com/1172145
   https://bugzilla.suse.com/1174206
   https://bugzilla.suse.com/1176831
   https://bugzilla.suse.com/1176846
   https://bugzilla.suse.com/1178036
   https://bugzilla.suse.com/1178049
   https://bugzilla.suse.com/1178372
   https://bugzilla.suse.com/1178631
   https://bugzilla.suse.com/1178684
   https://bugzilla.suse.com/1178900
   https://bugzilla.suse.com/1179093
   https://bugzilla.suse.com/1179508
   https://bugzilla.suse.com/1179509
   https://bugzilla.suse.com/1179563
   https://bugzilla.suse.com/1179573
   https://bugzilla.suse.com/1179575
   https://bugzilla.suse.com/1179878
   https://bugzilla.suse.com/1180008
   https://bugzilla.suse.com/1180130
   https://bugzilla.suse.com/1180559
   https://bugzilla.suse.com/1180562
   https://bugzilla.suse.com/1180676
   https://bugzilla.suse.com/1180765
   https://bugzilla.suse.com/1180812
   https://bugzilla.suse.com/1180859
   https://bugzilla.suse.com/1180891
   https://bugzilla.suse.com/1180912
   https://bugzilla.suse.com/1181001
   https://bugzilla.suse.com/1181018
   https://bugzilla.suse.com/1181170
   https://bugzilla.suse.com/1181230
   https://bugzilla.suse.com/1181231
   https://bugzilla.suse.com/1181349
   https://bugzilla.suse.com/1181425
   https://bugzilla.suse.com/1181504
   https://bugzilla.suse.com/1181553
   https://bugzilla.suse.com/1181645



More information about the sle-security-updates mailing list