SUSE-SU-2022:2177-1: important: Security update for the Linux Kernel
sle-updates at lists.suse.com
sle-updates at lists.suse.com
Fri Jun 24 16:20:06 UTC 2022
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:2177-1
Rating: important
References: #1055117 #1061840 #1065729 #1103269 #1118212
#1153274 #1154353 #1156395 #1158266 #1167773
#1176447 #1177282 #1178134 #1180100 #1183405
#1188885 #1195826 #1196426 #1196478 #1196570
#1196840 #1197446 #1197472 #1197601 #1197675
#1198438 #1198577 #1198971 #1198989 #1199035
#1199052 #1199063 #1199114 #1199314 #1199365
#1199505 #1199507 #1199564 #1199626 #1199631
#1199650 #1199670 #1199839 #1200015 #1200019
#1200045 #1200046 #1200143 #1200144 #1200192
#1200206 #1200207 #1200216 #1200249 #1200259
#1200263 #1200529 #1200549 #1200604 SLE-13521
SLE-16387 SLE-8371
Cross-References: CVE-2019-19377 CVE-2020-26541 CVE-2021-33061
CVE-2022-0168 CVE-2022-1184 CVE-2022-1652
CVE-2022-1729 CVE-2022-1966 CVE-2022-1972
CVE-2022-1974 CVE-2022-1975 CVE-2022-20008
CVE-2022-20141 CVE-2022-21123 CVE-2022-21125
CVE-2022-21127 CVE-2022-21166 CVE-2022-21180
CVE-2022-30594 CVE-2022-32250
CVSS scores:
CVE-2019-19377 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-19377 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-26541 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
CVE-2021-33061 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33061 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-0168 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1184 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-1652 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1652 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1729 (SUSE): 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
CVE-2022-1966 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1966 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1972 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1974 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-1975 (SUSE): 4.5 CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-20008 (NVD) : 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-20008 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-20141 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-20141 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-21123 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVE-2022-21125 (SUSE): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2022-21127 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21166 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21180 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-30594 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-30594 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32250 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-32250 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Realtime 15-SP3
SUSE Linux Enterprise Real Time 15-SP3
______________________________________________________________________________
An update that solves 20 vulnerabilities, contains three
features and has 39 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to
privilege escalation. (bsc#1200019)
- CVE-2019-19377: Fixed an user-after-free that could be triggered when an
attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
- CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self
(bsc#1199507).
- CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when
mounting and operating on a corrupted image. (bsc#1198577)
- CVE-2022-1652: Fixed a statically allocated error counter inside the
floppy kernel module (bsc#1199063).
- CVE-2022-20008: Fixed bug that allows to read kernel heap memory due to
uninitialized data in mmc_blk_read_single of block.c. (bnc#1199564)
- CVE-2022-30594: Fixed restriction bypass on setting the
PT_SUSPEND_SECCOMP flag (bnc#1199505).
- CVE-2022-0168: Fixed a NULL pointer dereference in
smb2_ioctl_query_info. (bsc#1197472)
- CVE-2021-33061: Fixed insufficient control flow management for the
Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed
an authenticated user to potentially enable denial of service via local
access (bnc#1196426).
- CVE-2022-20141: Fixwed an use after free due to improper locking. This
bug could lead to local escalation of privilege when opening and closing
inet sockets with no additional execution privileges needed.
(bnc#1200604)
- CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited
to speculatively/transiently disclose information via spectre like
attacks. (bsc#1199650)
- CVE-2022-1975: Fixed a sleep-in-atomic bug that allows attacker to crash
linux kernel by simulating nfc device from user-space. (bsc#1200143)
- CVE-2022-1974: Fixed an use-after-free that could causes kernel crash by
simulating an nfc device from user-space. (bsc#1200144)
- CVE-2020-26541: Enforce the secure boot forbidden signature database
(aka dbx) protection mechanism. (bnc#1177282)
- CVE-2022-32250: Fixed an use-after-free bug in the netfilter subsystem.
This flaw allowed a local attacker with user access to cause a privilege
escalation issue. (bnc#1200015)
The following non-security bugs were fixed:
- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default
(git-fixes).
- ACPI: property: Release subnode properties with data nodes (git-fixes).
- ACPI: sysfs: Fix BERT error region memory mapping (git-fixes).
- ACPI: sysfs: Make sparse happy about address space in use (git-fixes).
- ALSA: ctxfi: Add SB046x PCI ID (git-fixes).
- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes
(git-fixes).
- ALSA: hda - fix unused Realtek function when PM is not enabled
(git-fixes).
- ALSA: hda/conexant - Fix loopback issue with CX20632 (git-fixes).
- ALSA: hda/realtek - Add new type for ALC245 (git-fixes).
- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS
(git-fixes).
- ALSA: hda/realtek: Enable 4-speaker output for Dell XPS 15 9520 laptop
(git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo P360 (git-fixes).
- ALSA: pcm: Check for null pointer of pointer substream before
dereferencing it (git-fixes).
- ALSA: usb-audio: Add missing ep_idx in fixed EP quirks (git-fixes).
- ALSA: usb-audio: Clear MIDI port active flag after draining (git-fixes).
- ALSA: usb-audio: Configure sync endpoints before data (git-fixes).
- ALSA: usb-audio: Fix undefined behavior due to shift overflowing the
constant (git-fixes).
- ALSA: usb-audio: Optimize TEAC clock quirk (git-fixes).
- ALSA: usb-audio: Restore Rane SL-1 quirk (git-fixes).
- ALSA: usb-audio: Set up (implicit) sync for Saffire 6 (git-fixes).
- ALSA: usb-audio: Skip generic sync EP parse for secondary EP (git-fixes).
- ALSA: usb-audio: Workaround for clock setup on TEAC devices (git-fixes).
- ALSA: wavefront: Proper check of get_user() error (git-fixes).
- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling
(git-fixes)
- ARM: 9170/1: fix panic when kasan and kprobe are enabled (git-fixes)
- ARM: 9187/1: JIVE: fix return value of __setup handler (git-fixes)
- ARM: config: u8500: Re-enable AB8500 battery charging (git-fixes)
- ARM: davinci: da850-evm: Avoid NULL pointer dereference (git-fixes)
- ARM: dts: am3517-evm: Fix misc pinmuxing (git-fixes)
- ARM: dts: armada-38x: Add generic compatible to UART nodes (git-fixes)
- ARM: dts: at91: fix pinctrl phandles (git-fixes)
- ARM: dts: at91: Map MCLK for wm8731 on at91sam9g20ek (git-fixes)
- ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (git-fixes)
- ARM: dts: at91: sama5d4_xplained: fix pinctrl phandle name (git-fixes)
- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (git-fixes)
- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (git-fixes)
- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED
(git-fixes)
- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C
(git-fixes)
- ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (git-fixes)
- ARM: dts: Fix OpenBMC flash layout label addresses (git-fixes)
- ARM: dts: imx: Add missing LVDS decoder on M53Menlo (git-fixes)
- ARM: dts: imx23-evk: Remove MX23_PAD_SSP1_DETECT from hog group
(git-fixes)
- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (git-fixes)
- ARM: dts: imx6qdl-udoo: Properly describe the SD card detect (git-fixes)
- ARM: dts: imx6ull-colibri: fix vqmmc regulator (git-fixes)
- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name (git-fixes)
- ARM: dts: logicpd-som-lv: Fix wrong pinmuxing on OMAP35 (git-fixes)
- ARM: dts: meson: Fix the UART compatible strings (git-fixes)
- ARM: dts: meson8: Fix the UART device-tree schema validation (git-fixes)
- ARM: dts: meson8b: Fix the UART device-tree schema validation (git-fixes)
- ARM: dts: qcom: ipq4019: fix sleep clock (git-fixes)
- ARM: dts: qcom: msm8974: Drop flags for mdss irqs (git-fixes)
- ARM: dts: suniv: F1C100: fix watchdog compatible (git-fixes)
- ARM: ftrace: ensure that ADR takes the Thumb bit into account (git-fixes)
- ARM: mediatek: select arch timer for mt7629 (git-fixes)
- ARM: omap: remove debug-leds driver (git-fixes)
- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (git-fixes)
- ARM: socfpga: dts: fix qspi node compatible (git-fixes)
- ARM: socfpga: fix missing RESET_CONTROLLER (git-fixes)
- ARM: tegra: Move panels to AUX bus (git-fixes)
- arm64: avoid fixmap race condition when create pud mapping (git-fixes)
- arm64: dts: broadcom: Fix sata nodename (git-fixes)
- arm64: dts: ns2: Fix spi-cpol and spi-cpha property (git-fixes)
- arm64: dts: rockchip: Fix SDIO regulator supply properties on (git-fixes)
- arm64: paravirt: Use RCU read locks to guard stolen_time (git-fixes).
- arm64: pgtable: make __pte_to_phys/__phys_to_pte_val inline functions
(git-fixes)
- ASoC: atmel-classd: Remove endianness flag on class d component
(git-fixes).
- ASoC: atmel-pdmic: Remove endianness flag on pdmic component (git-fixes).
- ASoC: da7219: Fix change notifications for tone generator frequency
(git-fixes).
- ASoC: dapm: Do not fold register value changes into notifications
(git-fixes).
- ASoC: dmaengine: Restore NULL prepare_slave_config() callback
(git-fixes).
- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (git-fixes).
- ASoC: max98090: Generate notifications on changes for custom control
(git-fixes).
- ASoC: max98090: Move check for invalid values before casting in
max98090_put_enab_tlv() (git-fixes).
- ASoC: max98090: Reject invalid values in custom control put()
(git-fixes).
- ASoC: max98357a: remove dependency on GPIOLIB (git-fixes).
- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe
(git-fixes).
- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe
(git-fixes).
- ASoC: meson: Fix event generation for G12A tohdmi mux (git-fixes).
- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (git-fixes).
- ASoC: ops: Validate input values in snd_soc_put_volsw_range()
(git-fixes).
- ASoC: rk3328: fix disabling mclk on pclk probe failure (git-fixes).
- ASoC: rt5514: Fix event generation for "DSP Voice Wake Up" control
(git-fixes).
- ASoC: rt5645: Fix errorenous cleanup order (git-fixes).
- ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* (git-fixes).
- ASoC: tscs454: Add endianness flag in snd_soc_component_driver
(git-fixes).
- ASoC: wm2000: fix missing clk_disable_unprepare() on error in
wm2000_anc_transition() (git-fixes).
- ASoC: wm8958: Fix change notifications for DSP controls (git-fixes).
- assoc_array: Fix BUG_ON during garbage collect (git-fixes).
- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (git-fixes).
- ata: pata_hpt37x: fix PCI clock detection (git-fixes).
- ata: pata_marvell: Check the 'bmdma_addr' beforing reading (git-fixes).
- ath9k_htc: fix potential out of bounds access with invalid
rxstatus->rs_keyix (git-fixes).
- ath9k: fix ar9003_get_eepmisc (git-fixes).
- ath9k: fix QCA9561 PA bias level (git-fixes).
- b43: Fix assigning negative value to unsigned variable (git-fixes).
- b43legacy: Fix assigning negative value to unsigned variable (git-fixes).
- batman-adv: Do not skb_split skbuffs with frag_list (git-fixes).
- blk-cgroup: move blkcg_{get,set}_fc_appid out of line (bsc#1200045).
- blk-mq: fix tag_get wait task can't be awakened (bsc#1200263).
- blk-mq: Fix wrong wakeup batch configuration which will cause hang
(bsc#1200263).
- block: fix bio_clone_blkg_association() to associate with proper
blkcg_gq (bsc#1200259).
- Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
(git-fixes).
- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout
(git-fixes).
- Bluetooth: Fix the creation of hdev->name (git-fixes).
- Bluetooth: hci_qca: Use del_timer_sync() before freeing (git-fixes).
- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix unnecessary dropping of RX packets (jsc#SLE-15075).
- brcmfmac: sdio: Fix undefined behavior due to shift overflowing the
constant (git-fixes).
- btrfs: tree-checker: fix incorrect printk format (bsc#1200249).
- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create()
(git-fixes).
- bus: ti-sysc: Fix warnings for unbind for serial (git-fixes).
- can: grcan: grcan_close(): fix deadlock (git-fixes).
- can: grcan: use ofdev->dev when allocating DMA memory (git-fixes).
- carl9170: tx: fix an incorrect use of list iterator (git-fixes).
- ceph: fix setting of xattrs on async created inodes (bsc#1200192).
- cfg80211: set custom regdomain after wiphy registration (git-fixes).
- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in
cpuset_init_smp() (bsc#1199839).
- clk: at91: generated: consider range when calculating best rate
(git-fixes).
- clk: bcm2835: fix bcm2835_clock_choose_div (git-fixes).
- clk: imx8mp: fix usb_root_clk parent (git-fixes).
- clk: renesas: r9a06g032: Fix the RTC hclock description (git-fixes).
- clk: sunxi: sun9i-mmc: check return value after calling
platform_get_resource() (git-fixes).
- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value
(git-fixes).
- clocksource/drivers/sp804: Avoid error on multiple instances (git-fixes).
- copy_process(): Move fd_install() out of sighand->siglock critical
section (bsc#1199626).
- crypto: caam - fix i.MX6SX entropy delay value (git-fixes).
- crypto: ecrdsa - Fix incorrect use of vli_cmp (git-fixes).
- crypto: stm32 - fix reference leak in stm32_crc_remove (git-fixes).
- crypto: x86 - eliminate anonymous module_init and module_exit
(git-fixes).
- crypto: x86/chacha20 - Avoid spurious jumps to other functions
(git-fixes).
- dim: initialize all struct fields (git-fixes).
- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (git-fixes).
- dmaengine: idxd: Fix the error handling path in idxd_cdev_register()
(git-fixes).
- dmaengine: stm32-mdma: remove GISR1 register (git-fixes).
- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type
(git-fixes).
- docs: powerpc: Fix misspellings and grammar errors (bsc#1055117
ltc#159753).
- docs: submitting-patches: Fix crossref to 'The canonical patch format'
(git-fixes).
- drbd: fix an invalid memory access caused by incorrect use of list
iterator (git-fixes).
- drbd: fix duplicate array initializer (git-fixes).
- drbd: Fix five use after free bugs in get_initial_state (git-fixes).
- drbd: remove assign_p_sizes_qlim (git-fixes).
- drbd: use bdev based limit helpers in drbd_send_sizes (git-fixes).
- drbd: use bdev_alignment_offset instead of queue_alignment_offset
(git-fixes).
- driver core: fix deadlock in __device_attach (git-fixes).
- driver: base: fix UAF when driver_attach failed (git-fixes).
- drivers: base: cacheinfo: Get rid of DEFINE_SMP_CALL_CACHE_FUNCTION()
(git-fixes)
- drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI
controllers (git-fixes).
- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop()
(git-fixes).
- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()
(git-fixes).
- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (git-fixes).
- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (git-fixes).
- drivers/base/memory: fix an unlikely reference counting issue in
__add_memory_block() (git-fixes).
- drivers/base/node.c: fix compaction sysfs file leak (git-fixes).
- drm: imx: fix compiler warning with gcc-12 (git-fixes).
- drm: mali-dp: potential dereference of null pointer (git-fixes).
- drm: msm: fix error check return value of irq_of_parse_and_map()
(git-fixes).
- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (git-fixes).
- drm: sti: do not use kernel-doc markers (git-fixes).
- drm/amd/display/dc/gpio/gpio_service: Pass around correct dce_{version,
environment} types (git-fixes).
- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (git-fixes).
- drm/amdgpu/smu10: fix SoC/fclk units in auto mode (git-fixes).
- drm/amdgpu/ucode: Remove firmware load type check in
amdgpu_ucode_free_bo (git-fixes).
- drm/amdkfd: Fix GWS queue count (git-fixes).
- drm/atomic: Force bridge self-refresh-exit on CRTC switch (git-fixes).
- drm/blend: fix typo in the comment (git-fixes).
- drm/bridge: adv7511: clean up CEC adapter when probe fails (git-fixes).
- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX
(git-fixes).
- drm/bridge: analogix_dp: Support PSR-exit to disable transition
(git-fixes).
- drm/bridge: Fix error handling in analogix_dp_probe (git-fixes).
- drm/edid: fix invalid EDID extension block filtering (git-fixes).
- drm/i915: Fix -Wstringop-overflow warning in call to
intel_read_wm_latency() (git-fixes).
- drm/i915: Fix CFI violation with show_dynamic_id() (git-fixes).
- drm/i915: fix i915_globals_exit() section mismatch error (git-fixes).
- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (git-fixes).
- drm/komeda: Fix an undefined behavior bug in komeda_plane_add()
(git-fixes).
- drm/komeda: return early if drm_universal_plane_init() fails (git-fixes).
- drm/mediatek: Fix mtk_cec_mask() (git-fixes).
- drm/msm: return an error pointer in msm_gem_prime_get_sg_table()
(git-fixes).
- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (git-fixes).
- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory
free during pm runtime resume (git-fixes).
- drm/msm/dpu: adjust display_v_end for eDP and DP (git-fixes).
- drm/msm/dsi: fix address for second DSI PHY on SDM660 (git-fixes).
- drm/msm/dsi: fix error checks and return values for DSI xmit functions
(git-fixes).
- drm/msm/hdmi: check return value after calling
platform_get_resource_byname() (git-fixes).
- drm/msm/hdmi: fix error check return value of irq_of_parse_and_map()
(git-fixes).
- drm/msm/mdp5: check the return of kzalloc() (git-fixes).
- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is
detected (git-fixes).
- drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is
detected (git-fixes).
- drm/nouveau: Fix a potential theorical leak in
nouveau_get_backlight_name() (git-fixes).
- drm/nouveau/clk: Fix an incorrect NULL check on list iterator
(git-fixes).
- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list
iterator (git-fixes).
- drm/nouveau/tegra: Stop using iommu_present() (git-fixes).
- drm/panel: simple: Add missing bus flags for Innolux G070Y2-L01
(git-fixes).
- drm/plane: Move range check for format_count earlier (git-fixes).
- drm/radeon: fix a possible null pointer dereference (git-fixes).
- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (git-fixes).
- drm/vc4: hvs: Reset muxes at probe time (git-fixes).
- drm/vc4: txp: Do not set TXP_VSTART_AT_EOF (git-fixes).
- drm/vc4: txp: Force alpha to be 0xff if it's disabled (git-fixes).
- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes
(git-fixes).
- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (git-fixes).
- EDAC/synopsys: Read the error count from the correct register
(bsc#1178134).
- efi: Add missing prototype for efi_capsule_setup_info (git-fixes).
- efi: Do not import certificates from UEFI Secure Boot for T2 Macs
(git-fixes).
- fbcon: Consistently protect deferred_takeover with console_lock()
(git-fixes).
- firewire: core: extend card->lock in fw_core_handle_bus_reset
(git-fixes).
- firewire: fix potential uaf in outbound_phy_packet_callback()
(git-fixes).
- firewire: remove check of list iterator against head past the loop body
(git-fixes).
- firmware: arm_scmi: Fix list protocols enumeration in the base protocol
(git-fixes).
- firmware: arm_scmi: Validate BASE_DISCOVER_LIST_PROTOCOLS response
(git-fixes).
- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle
(git-fixes).
- firmware: stratix10-svc: fix a missing check on list iterator
(git-fixes).
- ftrace: Clean up hash direct_functions on register failures (git-fixes).
- genirq: Fix reference leaks on irq affinity notifiers (git-fixes)
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY (git-fixes)
- genirq/affinity: Consider that CPUs on nodes can be (git-fixes)
- genirq/affinity: Handle affinity setting on inactive (git-fixes)
- genirq/msi: Ensure deactivation on teardown (git-fixes)
- genirq/proc: Reject invalid affinity masks (again) (git-fixes)
- genirq/timings: Fix error return code in (git-fixes)
- genirq/timings: Prevent potential array overflow in (git-fixes)
- gma500: fix an incorrect NULL check on list iterator (git-fixes).
- gpio: adp5588: Remove support for platform setup and teardown callbacks
(git-fixes).
- gpio: gpio-vf610: do not touch other bits when set the target bit
(git-fixes).
- gpio: mvebu/pwm: Refuse requests with inverted polarity (git-fixes).
- gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask
not set) (git-fixes).
- gpio: pca953x: use the correct register address to do regcache sync
(git-fixes).
- gpiolib: of: fix bounds check for 'gpio-reserved-ranges' (git-fixes).
- hex2bin: fix access beyond string end (git-fixes).
- HID: bigben: fix slab-out-of-bounds Write in bigben_probe (git-fixes).
- HID: elan: Fix potential double free in elan_input_configured
(git-fixes).
- HID: hid-led: fix maximum brightness for Dream Cheeky (git-fixes).
- HID: multitouch: Add support for Google Whiskers Touchpad (git-fixes).
- hinic: fix bug of wq out of bound access (bsc#1176447).
- hwmon: (f71882fg) Fix negative temperature (git-fixes).
- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (git-fixes).
- hwmon: (tmp401) Add OF device ID table (git-fixes).
- hwmon: Make chip parameter for with_info API mandatory (git-fixes).
- i2c: at91: Initialize dma_buf in at91_twi_xfer() (git-fixes).
- i2c: at91: use dma safe buffers (git-fixes).
- i2c: cadence: Increase timeout per message if necessary (git-fixes).
- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (git-fixes).
- i2c: mt7621: fix missing clk_disable_unprepare() on error in
mtk_i2c_probe() (git-fixes).
- i40e: stop disabling VFs due to PF error responses (git-fixes).
- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap (jsc#SLE-12878).
- ice: Clear default forwarding VSI during VSI release (jsc#SLE-12878).
- ice: Do not skip not enabled queues in ice_vc_dis_qs_msg (jsc#SLE-7926).
- ice: Fix race conditions between virtchnl handling and VF ndo ops
(git-fixes).
- ice: synchronize_rcu() when terminating rings (jsc#SLE-7926).
- iio: adc: ad7124: Remove shift from scan_type (git-fixes).
- iio: adc: sc27xx: Fine tune the scale calibration values (git-fixes).
- iio: adc: sc27xx: fix read big scale voltage not right (git-fixes).
- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check
(git-fixes).
- iio: dac: ad5446: Fix read_raw not returning set value (git-fixes).
- iio: dac: ad5592r: Fix the missing return value (git-fixes).
- iio: dummy: iio_simple_dummy: check the return value of kstrdup()
(git-fixes).
- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on()
(git-fixes).
- Input: add bounds checking to input_set_capability() (git-fixes).
- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag
(git-fixes).
- Input: goodix - fix spurious key release events (git-fixes).
- Input: ili210x - fix reset timing (git-fixes).
- Input: sparcspkr - fix refcount leak in bbc_beep_probe (git-fixes).
- Input: stmfts - do not leave device disabled in stmfts_input_open
(git-fixes).
- Input: stmfts - fix reference leak in stmfts_input_open (git-fixes).
- iommu/amd: Increase timeout waiting for GA log enablement (bsc#1199052).
- ionic: avoid races in ionic_heartbeat_check (bsc#1167773).
- ionic: Cleanups in the Tx hotpath code (bsc#1167773).
- ionic: disable napi when ionic_lif_init() fails (bsc#1167773).
- ionic: Do not send reset commands if FW isn't running (bsc#1167773).
- ionic: fix missing pci_release_regions() on error in ionic_probe()
(bsc#1167773).
- ionic: fix type complaint in ionic_dev_cmd_clean() (jsc#SLE-16649).
- ionic: monitor fw status generation (bsc#1167773).
- ionic: remove the dbid_inuse bitmap (bsc#1167773).
- ionic: start watchdog after all is setup (bsc#1167773).
- ipw2x00: Fix potential NULL dereference in libipw_xmit() (git-fixes).
- irqchip: irq-xtensa-mx: fix initial IRQ affinity (git-fixes).
- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on
A375, A38x, A39x (git-fixes).
- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value
(git-fixes).
- irqchip/exiu: Fix acknowledgment of edge triggered interrupts
(git-fixes).
- ivtv: fix incorrect device_caps for ivtvfb (git-fixes).
- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (git-fixes).
- iwlwifi: mvm: fix assert 1F04 upon reconfig (git-fixes).
- iwlwifi: mvm: fix the return type for DSM functions 1 and 2 (git-fixes).
- jbd2: Fake symbols defined under CONFIG_JBD2_DEBUG (bsc#1198971).
- kABI: ivtv: restore caps member (git-fixes).
- Kconfig.debug: drop selecting non-existing HARDLOCKUP_DETECTOR_ARCH
(git-fixes).
- KVM: fix wrong exception emulation in check_rdtsc (git-fixes).
- KVM: nVMX: Invalidate all roots when emulating INVVPID without EPT
(git-fixes).
- KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use
(git-fixes).
- KVM: nVMX: Set LDTR to its architecturally defined value on nested
VM-Exit (git-fixes).
- KVM: nVMX: Unconditionally clear nested.pi_pending on nested VM-Enter
(git-fixes).
- KVM: PPC: Fix TCE handling for VFIO (bsc#1061840 git-fixes).
- KVM: s390: pv: add macros for UVC CC values (git-fixes).
- KVM: s390: pv: avoid double free of sida page (git-fixes).
- KVM: s390: pv: avoid stalls for kvm_s390_pv_init_vm (git-fixes).
- KVM: s390: vsie/gmap: reduce gmap_rmap overhead (git-fixes).
- KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state
(git-fixes).
- KVM: VMX: Flush all EPTP/VPID contexts on remote TLB flush (git-fixes).
- KVM: VMX: Use current VMCS to query WAITPKG support for MSR emulation
(git-fixes).
- KVM: x86: clflushopt should be treated as a no-op by emulation
(git-fixes).
- KVM: x86: Do not force set BSP bit when local APIC is managed by
userspace (git-fixes).
- KVM: x86: Fix emulation in writing cr8 (git-fixes).
- KVM: x86: Fix off-by-one error in kvm_vcpu_ioctl_x86_setup_mce
(git-fixes).
- KVM: x86: Immediately reset the MMU context when the SMM flag is cleared
(git-fixes).
- KVM: x86: Inject #GP if guest attempts to toggle CR4.LA57 in 64-bit mode
(git-fixes).
- KVM: x86: Mark CR4.TSD as being possibly owned by the guest (git-fixes).
- KVM: x86: Migrate the PIT only if vcpu0 is migrated, not any BSP
(git-fixes).
- KVM: x86: Toggling CR4.PKE does not load PDPTEs in PAE mode (git-fixes).
- KVM: x86: Toggling CR4.SMAP does not load PDPTEs in PAE mode (git-fixes).
- KVM: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural
PMU (git-fixes).
- KVM: x86/emulator: Defer not-present segment check in
__load_segment_descriptor() (git-fixes).
- KVM: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in
intel_arch_events[] (git-fixes).
- lan743x: fix rx_napi_poll/interrupt ping-pong (git-fixes).
- lan743x: remove redundant assignment to variable rx_process_result
(git-fixes).
- lib/raid6/test: fix multiple definition linking error (git-fixes).
- lpfc: Readd update to version 14.2.0.1 (bsc#1197675 bsc#1196478
bsc#1198989) The update was reverted due to some regression on older
hardware. These have been fixed in the meantime, thus update the driver.
- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection
(git-fixes).
- mac80211: fix rx reordering with non explicit / psmp ack policy
(git-fixes).
- mac80211: Reset MBSSID parameters upon connection (git-fixes).
- mac80211: upgrade passive scan to active scan on DFS channels after
beacon rx (git-fixes).
- md: fix an incorrect NULL check in does_sb_need_changing (git-fixes).
- md: fix an incorrect NULL check in md_reload_sb (git-fixes).
- media: cx25821: Fix the warning when removing the module (git-fixes).
- media: davinci: Make use of the helper function
devm_platform_ioremap_resource() (git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM enable (git-fixes).
- media: davinci: vpif: fix use-after-free on driver unbind (git-fixes).
- media: media-entity.h: Fix documentation for media_create_intf_link
(git-fixes).
- media: netup_unidvb: Do not leak SPI master in probe error path
(git-fixes).
- media: ov7670: remove ov7670_power_off from ov7670_remove (git-fixes).
- media: pci: cx23885: Fix the error handling in cx23885_initdev()
(git-fixes).
- media: platform: add missing put_device() call in mtk_jpeg_probe() and
mtk_jpeg_remove() (git-fixes).
- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init
(git-fixes).
- media: saa7134: fix incorrect use to determine if list is empty
(git-fixes).
- media: uvcvideo: Fix missing check to determine if element is found in
list (git-fixes).
- media: venus: hfi: avoid null dereference in deinit (git-fixes).
- media: videobuf2: Fix the size printk format (git-fixes).
- media: vim2m: Register video device after setting up internals
(git-fixes).
- mfd: ipaq-micro: Fix error check return value of platform_get_irq()
(git-fixes).
- misc: ocxl: fix possible double free in ocxl_file_register_afu
(git-fixes).
- misc: rtsx: set NULL intfdata when probe fails (git-fixes).
- mm, page_alloc: fix build_zonerefs_node() (git-fixes).
- mm/mmu_notifier.c: fix race in mmu_interval_notifier_remove()
(jsc#SLE-15176, jsc#SLE-16387).
- mmc: block: Fix CQE recovery reset success (git-fixes).
- mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD
(git-fixes).
- mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC
(git-fixes).
- mmc: jz4740: Apply DMA engine limits to maximum segment size (git-fixes).
- modpost: fix removing numeric suffixes (git-fixes).
- modpost: fix undefined behavior of is_arm_mapping_symbol() (git-fixes).
- mt76: check return value of mt76_txq_send_burst in
mt76_txq_schedule_list (git-fixes).
- mt76: Fix undefined behavior due to shift overflowing the constant
(git-fixes).
- mt76: mt7663s: fix rx buffer refcounting (git-fixes).
- mtd: rawnand: fix ecc parameters for mt7622 (git-fixes).
- mtd: rawnand: Fix return value check of wait_for_completion_timeout
(git-fixes).
- mtd: spi-nor: core: Check written SR value in
spi_nor_write_16bit_sr_and_check() (git-fixes).
- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue
(git-fixes).
- net: bcmgenet: Fix a resource leak in an error handling path in the
probe functin (git-fixes).
- net: dsa: lantiq_gswip: Enable GSWIP_MII_CFG_EN also for internal PHYs
(git-fixes).
- net: dsa: lantiq_gswip: Fix GSWIP_MII_CFG(p) register access (git-fixes).
- net: ethernet: Fix memleak in ethoc_probe (git-fixes).
- net: ethernet: ti: cpts: fix ethtool output when no ptp_clock registered
(git-fixes).
- net: hdlc_ppp: Fix issues when mod_timer is called while timer is
running (git-fixes).
- net: hns3: add a check for index in hclge_get_rss_key() (git-fixes).
- net: hns3: clear inited state and stop client after failed to register
netdev (bsc#1154353).
- net: hns3: fix bug when PF set the duplicate MAC address for VFs
(jsc#SLE-14777).
- net: hns3: fix kernel crash when unload VF while it is being reset
(git-fixes).
- net: korina: fix return value (git-fixes).
- net: rtlwifi: properly check for alloc_workqueue() failure (git-fixes).
- net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog
(bsc#1183405).
- net: stmmac: dwmac-sun8i: Balance internal PHY power (git-fixes).
- net: stmmac: dwmac-sun8i: Balance internal PHY resource references
(git-fixes).
- net: stmmac: dwmac-sun8i: Balance syscon (de)initialization (git-fixes).
- net: stmmac: dwmac-sun8i: Fix probe error handling (git-fixes).
- net/mlx5: Fix a race on command flush flow (jsc#SLE-15172).
- net/mlx5e: Fix the calling of update_buffer_lossy() API (jsc#SLE-15172).
- netdevice: demote the type of some dev_addr_set() helpers (bsc#1200216).
- netfilter: conntrack: connection timeout after re-register (bsc#1199035).
- netfilter: conntrack: move synack init code to helper (bsc#1199035).
- netfilter: conntrack: re-init state for retransmitted syn-ack
(bsc#1199035).
- netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
(bsc#1199035).
- netfilter: nf_conntrack_tcp: re-init for syn packets only (bsc#1199035).
- netfilter: nft_set_rbtree: overlap detection with element re-addition
after deletion (bsc#1176447).
- NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx
(git-fixes).
- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc
(git-fixes).
- NFC: netlink: fix sleep in atomic bug when firmware download timeout
(git-fixes).
- NFC: nfcmrvl: main: reorder destructive operations in
nfcmrvl_nci_unregister_dev to avoid bugs (git-fixes).
- NFC: NULL out the dev->rfkill to prevent UAF (git-fixes).
- NFC: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
(git-fixes).
- NFC: st21nfca: fix incorrect validating logic in EVT_TRANSACTION
(git-fixes).
- NFC: st21nfca: fix memory leaks in EVT_TRANSACTION handling (git-fixes).
- NFS: Do not report ENOSPC write errors twice (git-fixes).
- NFS: limit use of ACCESS cache for negative responses (bsc#1196570).
- nfsd: Fix null-ptr-deref in nfsd_fill_super() (git-fixes).
- NFSv4: Do not invalidate inode attributes on delegation return
(git-fixes).
- nl80211: show SSID for P2P_GO interfaces (git-fixes).
- nvdimm/region: always show the 'align' attribute (bsc#1199114).
- nvme-tcp: allow selecting the network interface for connections
(bsc#1199670).
- nvme-tcp: use __dev_get_by_name instead dev_get_by_name for
OPT_HOST_IFACE (bsc#1199670).
- objtool: Fix type of reloc::addend (git-fixes).
- PCI: aardvark: Clear all MSIs at setup (git-fixes).
- PCI: cadence: Fix find_first_zero_bit() limit (git-fixes).
- PCI: Do not enable AtomicOps on VFs (git-fixes).
- PCI: dwc: Fix setting error return on MSI DMA mapping failure
(git-fixes).
- PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time
(bsc#1199314).
- PCI: hv: Fix NUMA node assignment when kernel boots with custom NUMA
topology (bsc#1199365).
- PCI: imx6: Fix PERST# start-up sequence (git-fixes).
- PCI: iproc: Set affinity mask on MSI interrupts (git-fixes).
- PCI: qcom: Fix runtime PM imbalance on probe errors (git-fixes).
- PCI: qcom: Fix unbalanced PHY init on probe errors (git-fixes).
- PCI: rockchip: Fix find_first_zero_bit() limit (git-fixes).
- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (git-fixes).
- PCI/PM: Power up all devices during runtime resume (git-fixes).
- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (git-fixes).
- phy: mapphone-mdm6600: Fix PM error handling in phy_mdm6600_probe
(git-fixes).
- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (git-fixes).
- phy: qcom-qmp: fix reset-controller leak on probe errors (git-fixes).
- phy: qcom-qmp: fix struct clk leak on probe errors (git-fixes).
- phy: samsung: exynos5250-sata: fix missing device put in probe error
paths (git-fixes).
- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe
(git-fixes).
- phy: ti: Add missing pm_runtime_disable() in serdes_am654_probe
(git-fixes).
- phy: ti: omap-usb2: Fix error handling in omap_usb2_enable_clocks
(git-fixes).
- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (git-fixes).
- pinctrl: pistachio: fix use of irq_of_parse_and_map() (git-fixes).
- pinctrl: rockchip: fix RK3308 pinmux bits (git-fixes).
- pinctrl: sunxi: fix f1c100s uart2 function (git-fixes).
- pinctrl/rockchip: support deferring other gpio params (git-fixes).
- ping: fix the sk_bound_dev_if match in ping_lookup (bsc#1195826).
- ping: remove pr_err from ping_lookup (bsc#1195826).
- platform/chrome: cros_ec_debugfs: detach log reader wq from devm
(git-fixes).
- platform/chrome: cros_ec_proto: Send command again when timeout occurs
(git-fixes).
- platform/x86: samsung-laptop: Fix an unsigned comparison which can never
be negative (git-fixes).
- platform/x86: wmi: Fix driver->notify() vs ->probe() race (git-fixes).
- platform/x86: wmi: Replace read_takes_no_args with a flags field
(git-fixes).
- PM / devfreq: rk3399_dmc: Disable edev on remove() (git-fixes).
- powerpc: Enable the DAWR on POWER9 DD2.3 and above (bsc#1055117
ltc#159753).
- powerpc/64s: Add CPU_FTRS_POWER10 to ALWAYS mask (jsc#SLE-13521
git-fixes).
- powerpc/64s: Add CPU_FTRS_POWER9_DD2_2 to CPU_FTRS_ALWAYS mask
(bsc#1061840 git-fixes).
- powerpc/64s/radix: Fix huge vmap false positive (bsc#1156395).
- powerpc/fadump: fix PT_LOAD segment for boot memory area (bsc#1103269
ltc#169948 git-fixes).
- powerpc/powernv: Add __init attribute to eligible functions (bsc#1188885
ltc#193722 git-fixes).
- powerpc/powernv: Get L1D flush requirements from device-tree
(bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Get STF barrier requirements from device-tree
(bsc#1188885 ltc#193722 git-fixes).
- powerpc/powernv: Remove POWER9 PVR version check for entry and uaccess
flushes (bsc#1188885 ltc#193722 git-fixes).
- powerpc/xive: Add some error handling code to 'xive_spapr_init()'
(git-fixes).
- powerpc/xive: Fix refcount leak in xive_spapr_init (git-fixes).
- pwm: lp3943: Fix duty calculation in case period was clamped (git-fixes).
- pwm: raspberrypi-poe: Fix endianness in firmware struct (git-fixes).
- qlcnic: Fix error code in probe (git-fixes).
- raid5: introduce MD_BROKEN (git-fixes).
- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET
(git-fixes).
- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt
(git-fixes).
- rtc: fix use-after-free on device removal (git-fixes).
- rtc: mc146818-lib: Fix the AltCentury for AMD platforms (git-fixes).
- rtc: mt6397: check return value after calling platform_get_resource()
(git-fixes).
- rtl818x: Prevent using not initialized queues (git-fixes).
- rtlwifi: Use pr_warn instead of WARN_ONCE (git-fixes).
- s390: fix detection of vector enhancements facility 1 vs. vector packed
decimal facility (git-fixes).
- s390: fix strrchr() implementation (git-fixes).
- s390/cio: dont call css_wait_for_slow_path() inside a lock (git-fixes).
- s390/cio: Fix the "type" field in s390_cio_tpi tracepoint (git-fixes).
- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (git-fixes).
- s390/ctcm: fix potential memory leak (git-fixes).
- s390/ctcm: fix variable dereferenced before check (git-fixes).
- s390/dasd: fix data corruption for ESE devices (bsc#1200207 LTC#198454).
- s390/dasd: Fix read for ESE with blksize 4k (bsc#1200206 LTC#198455).
- s390/dasd: Fix read inconsistency for ESE DASD devices (bsc#1200206
LTC#198455).
- s390/dasd: prevent double format of tracks for ESE devices (bsc#1200207
LTC#198454).
- s390/ftrace: fix ftrace_update_ftrace_func implementation (git-fixes).
- s390/lcs: fix variable dereferenced before check (git-fixes).
- s390/mcck: fix invalid KVM guest condition check (git-fixes).
- s390/mcck: isolate SIE instruction when setting CIF_MCCK_GUEST flag
(git-fixes).
- s390/nmi: handle guarded storage validity failures for KVM guests
(git-fixes).
- s390/nmi: handle vector validity failures for KVM guests (git-fixes).
- s390/pv: fix the forcing of the swiotlb (git-fixes).
- s390/qdio: cancel the ESTABLISH ccw after timeout (git-fixes).
- s390/qdio: fix roll-back after timeout on ESTABLISH ccw (git-fixes).
- s390/vfio-ap: fix circular lockdep when setting/clearing crypto masks
(git-fixes).
- sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (git-fixes).
- sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl
(git-fixes).
- sched/pelt: Fix attach_entity_load_avg() corner case (git-fixes)
- sched/topology: Skip updating masks for non-online nodes (bsc#1197446
ltc#183000).
- scsi: dc395x: Fix a missing check on list iterator (git-fixes).
- scsi: fnic: Fix a tracing statement (git-fixes).
- scsi: fnic: Replace DMA mask of 64 bits with 47 bits (bsc#1199631).
- scsi: hisi_sas: Change permission of parameter prot_mask (git-fixes).
- scsi: lpfc: Alter FPIN stat accounting logic (bsc#1200045).
- scsi: lpfc: Change FA-PWWN detection methodology (bsc#1200045).
- scsi: lpfc: Change VMID registration to be based on fabric parameters
(bsc#1200045).
- scsi: lpfc: Clear fabric topology flag before initiating a new FLOGI
(bsc#1200045).
- scsi: lpfc: Copyright updates for 14.2.0.2 patches (bsc#1200045).
- scsi: lpfc: Correct BDE DMA address assignment for GEN_REQ_WQE
(bsc#1200045 bsc#1198989 bsc#1197675).
- scsi: lpfc: Correct CRC32 calculation for congestion stats (bsc#1200045).
- scsi: lpfc: Decrement outstanding gidft_inp counter if
lpfc_err_lost_link() (bsc#1200045).
- scsi: lpfc: Expand setting ELS_ID field in ELS_REQUEST64_WQE
(bsc#1200045).
- scsi: lpfc: Fill in missing ndlp kref puts in error paths (bsc#1200045).
- scsi: lpfc: Fix additional reference counting in lpfc_bsg_rport_els()
(bsc#1200045).
- scsi: lpfc: Fix call trace observed during I/O with CMF enabled
(bsc#1200045).
- scsi: lpfc: Fix diagnostic fw logging after a function reset
(bsc#1200045).
- scsi: lpfc: Fix dmabuf ptr assignment in lpfc_ct_reject_event()
(bsc#1200045).
- scsi: lpfc: Fix element offset in __lpfc_sli_release_iocbq_s4()
(bsc#1200045).
- scsi: lpfc: Fix field overload in lpfc_iocbq data structure
(bsc#1200045).
- scsi: lpfc: Fix ndlp put following a LOGO completion (bsc#1200045).
- scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI
and PLOGI (bsc#1200045).
- scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()
(bsc#1200045).
- scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock
(bsc#1200045).
- scsi: lpfc: Fix split code for FLOGI on FCoE (bsc#1200045 bsc#1198989
bsc#1197675).
- scsi: lpfc: Inhibit aborts if external loopback plug is inserted
(bsc#1200045).
- scsi: lpfc: Introduce FC_RSCN_MEMENTO flag for tracking post RSCN
completion (bsc#1200045).
- scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()
(bsc#1200045).
- scsi: lpfc: Move MI module parameter check to handle dynamic disable
(bsc#1200045).
- scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT
(bsc#1200045).
- scsi: lpfc: Refactor cleanup of mailbox commands (bsc#1200045).
- scsi: lpfc: Register for Application Services FC-4 type in Fabric
topology (bsc#1200045).
- scsi: lpfc: Remove false FDMI NVMe FC-4 support for NPIV ports
(bsc#1200045).
- scsi: lpfc: Remove redundant lpfc_sli_prep_wqe() call (bsc#1200045).
- scsi: lpfc: Remove unnecessary null ndlp check in lpfc_sli_prep_wqe()
(bsc#1200045).
- scsi: lpfc: Remove unnecessary NULL pointer assignment for ELS_RDF path
(bsc#1200045).
- scsi: lpfc: Remove unneeded variable (bsc#1200045).
- scsi: lpfc: Requeue SCSI I/O to upper layer when fw reports link down
(bsc#1200045).
- scsi: lpfc: Revise FDMI reporting of supported port speed for trunk
groups (bsc#1200045).
- scsi: lpfc: Rework FDMI initialization after link up (bsc#1200045).
- scsi: lpfc: Transition to NPR state upon LOGO cmpl if link down or
aborted (bsc#1200045).
- scsi: lpfc: Tweak message log categories for ELS/FDMI/NVMe rescan
(bsc#1200045).
- scsi: lpfc: Update fc_prli_sent outstanding only after guaranteed IOCB
submit (bsc#1200045).
- scsi: lpfc: Update lpfc version to 14.2.0.2 (bsc#1200045).
- scsi: lpfc: Update lpfc version to 14.2.0.3 (bsc#1200045).
- scsi: lpfc: Update stat accounting for READ_STATUS mbox command
(bsc#1200045).
- scsi: lpfc: Use list_for_each_entry_safe() in rscn_recovery_check()
(bsc#1200045).
- scsi: lpfc: Use sg_dma_address() and sg_dma_len() macros for NVMe I/O
(bsc#1200045).
- scsi: lpfc: Zero SLI4 fcp_cmnd buffer's fcpCntl0 field (bsc#1200045).
- scsi: pm8001: Fix abort all task initialization (git-fixes).
- scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
(git-fixes).
- scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
(git-fixes).
- scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req()
(git-fixes).
- scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req()
(git-fixes).
- scsi: pm8001: Fix le32 values handling in
pm80xx_set_sas_protocol_timer_config() (git-fixes).
- scsi: pm8001: Fix NCQ NON DATA command completion handling (git-fixes).
- scsi: pm8001: Fix NCQ NON DATA command task initialization (git-fixes).
- scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update()
(git-fixes).
- scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
(git-fixes).
- scsi: pm80xx: Enable upper inbound, outbound queues (git-fixes).
- scsi: pm80xx: Mask and unmask upper interrupt vectors 32-63 (git-fixes).
- scsi: qla2xxx: edif: Remove unneeded variable (bsc#1200046).
- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (bsc#1200046).
- scsi: qla2xxx: Remove free_sg command flag (bsc#1200046).
- scsi: qla2xxx: Remove unneeded flush_workqueue() (bsc#1200046).
- scsi: sr: Do not leak information in ioctl (git-fixes).
- scsi: ufs: core: Exclude UECxx from SFR dump list (git-fixes).
- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled
(git-fixes).
- scsi: ufs: qcom: Fix ufs_qcom_resume() (git-fixes).
- scsi: virtio-scsi: Eliminate anonymous module_init and module_exit
(git-fixes).
- scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() (git-fixes).
- selftests: firmware: Use smaller dictionary for XZ compression
(git-fixes).
- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (git-fixes).
- serial: 8250_mtk: Fix register address for XON/XOFF character
(git-fixes).
- serial: 8250_mtk: Fix UART_EFR register address (git-fixes).
- serial: 8250: Also set sticky MCR bits in console restoration
(git-fixes).
- serial: 8250: core: Remove unneeded linux/pm_runtime.h (git-fixes).
- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device
(git-fixes).
- serial: 8250: pxa: Remove unneeded linux/pm_runtime.h (git-fixes).
- serial: digicolor-usart: Do not allow CS5-6 (git-fixes).
- serial: imx: fix overrun interrupts in DMA mode (git-fixes).
- serial: meson: acquire port->lock in startup() (git-fixes).
- serial: msm_serial: disable interrupts in __msm_console_write()
(git-fixes).
- serial: pch: do not overwrite xmit->buf[0] by x_char (git-fixes).
- serial: rda-uart: Do not allow CS5-6 (git-fixes).
- serial: sh-sci: Do not allow CS5-6 (git-fixes).
- serial: sifive: Sanitize CSIZE and c_iflag (git-fixes).
- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (git-fixes).
- serial: stm32-usart: Correct CSIZE, bits, and parity (git-fixes).
- serial: txx9: Do not allow CS5-6 (git-fixes).
- slimbus: qcom: Fix IRQ check in qcom_slim_probe (git-fixes).
- smp: Fix offline cpu check in flush_smp_call_function_queue()
(git-fixes).
- smsc911x: allow using IRQ0 (git-fixes).
- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc
(git-fixes).
- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (git-fixes).
- soc: rockchip: Fix refcount leak in rockchip_grf_init (git-fixes).
- spi: img-spfi: Fix pm_runtime_get_sync() error checking (git-fixes).
- spi: Introduce device-managed SPI controller allocation (git-fixes).
- spi: spi-cadence: Fix kernel-doc format for resume/suspend (git-fixes).
- spi: spi-fsl-qspi: check return value after calling
platform_get_resource_byname() (git-fixes).
- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA
direction (git-fixes).
- spi: spi-ti-qspi: Fix return value handling of
wait_for_completion_timeout (git-fixes).
- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (git-fixes).
- staging: fieldbus: Fix the error handling path in
anybuss_host_common_probe() (git-fixes).
- staging: rtl8712: fix uninit-value in r871xu_drv_init() (git-fixes).
- staging: rtl8712: fix uninit-value in usb_read8() and friends
(git-fixes).
- SUNRPC: Ensure gss-proxy connects on setup (git-fixes).
- SUNRPC: Ensure that the gssproxy client can start in a connected state
(git-fixes).
- thermal: int340x: Fix attr.show callback prototype (git-fixes).
- thermal/drivers/bcm2711: Do not clamp temperature at zero (git-fixes).
- thermal/drivers/broadcom: Fix potential NULL dereference in
sr_thermal_probe (git-fixes).
- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator
(git-fixes).
- timekeeping: Really make sure wall_to_monotonic isn't (git-fixes)
- timers: Fix warning condition in __run_timers() (git-fixes)
- tpm: Fix buffer access in tpm2_get_tpm_pt() (git-fixes).
- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe()
(bsc#1065729).
- tracing: Fix potential double free in create_var_ref() (git-fixes).
- tracing: Fix return value of trace_pid_write() (git-fixes).
- tty: Fix a possible resource leak in icom_probe (git-fixes).
- tty: fix deadlock caused by calling printk() under tty_port->lock
(git-fixes).
- tty: goldfish: Use tty_port_destroy() to destroy port (git-fixes).
- tty: serial: digicolor: fix possible null-ptr-deref in
digicolor_uart_probe() (git-fixes).
- tty: serial: fsl_lpuart: fix potential bug when using both
of_alias_get_id and ida_simple_get (git-fixes).
- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe
(git-fixes).
- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()
(git-fixes).
- usb: cdc-wdm: fix reading stuck on device close (git-fixes).
- usb: core: hcd: Add support for deferring roothub registration
(git-fixes).
- usb: dwc2: gadget: do not reset gadget's driver->bus (git-fixes).
- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (git-fixes).
- usb: ehci-omap: drop unused ehci_read() function (git-fixes).
- usb: gadget: configfs: clear deactivation flag in
configfs_composite_unbind() (git-fixes).
- usb: hcd-pci: Fully suspend across freeze/thaw cycle (git-fixes).
- usb: host: isp116x: check return value after calling
platform_get_resource() (git-fixes).
- usb: misc: fix improper handling of refcount in uss720_probe()
(git-fixes).
- usb: mtu3: fix USB 3.0 dual-role-switch from device to host (git-fixes).
- usb: musb: Fix missing of_node_put() in omap2430_probe (git-fixes).
- usb: new quirk for Dell Gen 2 devices (git-fixes).
- usb: quirks: add a Realtek card reader (git-fixes).
- usb: quirks: add STRING quirk for VCOM device (git-fixes).
- usb: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (git-fixes).
- usb: serial: option: add Fibocom L610 modem (git-fixes).
- usb: serial: option: add Fibocom MA510 modem (git-fixes).
- usb: serial: option: add Quectel BG95 modem (git-fixes).
- usb: serial: option: add support for Cinterion MV32-WA/MV32-WB
(git-fixes).
- usb: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions
(git-fixes).
- usb: serial: pl2303: add device id for HP LM930 Display (git-fixes).
- usb: serial: qcserial: add support for Sierra Wireless EM7590
(git-fixes).
- usb: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS
(git-fixes).
- usb: storage: karma: fix rio_karma_init return (git-fixes).
- usb: typec: mux: Check dev_set_name() return value (git-fixes).
- usb: typec: tcpci: Do not skip cleanup in .remove() on error (git-fixes).
- usb: typec: ucsi: Fix reuse of completion structure (git-fixes).
- usb: typec: ucsi: Fix role swapping (git-fixes).
- usb: usbip: add missing device lock on tweak configuration cmd
(git-fixes).
- usb: usbip: fix a refcount leak in stub_probe() (git-fixes).
- vfio-ccw: Check initialized flag in cp_init() (git-fixes).
- vfio/ccw: Remove unneeded GFP_DMA (git-fixes).
- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
(git-fixes).
- video: fbdev: pxa3xx-gcu: release the resources correctly in
pxa3xx_gcu_probe/remove() (git-fixes).
- virtio/s390: implement virtio-ccw revision 2 correctly (git-fixes).
- vringh: Fix loop descriptors check in the indirect cases (git-fixes).
- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (git-fixes).
- watchdog: wdat_wdt: Stop watchdog when rebooting the system (git-fixes).
- wifi: mac80211: fix use-after-free in chanctx code (git-fixes).
- wireguard: device: check for metadata_dst with skb_valid_dst()
(git-fixes).
- xhci: increase usb U3 -> U0 link resume timeout from 100ms to 500ms
(git-fixes).
- xhci: stop polling roothubs after shutdown (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Module for Realtime 15-SP3:
zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-2177=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2177=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2177=1
Package List:
- SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):
kernel-devel-rt-5.3.18-150300.93.1
kernel-source-rt-5.3.18-150300.93.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):
cluster-md-kmp-rt-5.3.18-150300.93.1
cluster-md-kmp-rt-debuginfo-5.3.18-150300.93.1
dlm-kmp-rt-5.3.18-150300.93.1
dlm-kmp-rt-debuginfo-5.3.18-150300.93.1
gfs2-kmp-rt-5.3.18-150300.93.1
gfs2-kmp-rt-debuginfo-5.3.18-150300.93.1
kernel-rt-5.3.18-150300.93.1
kernel-rt-debuginfo-5.3.18-150300.93.1
kernel-rt-debugsource-5.3.18-150300.93.1
kernel-rt-devel-5.3.18-150300.93.1
kernel-rt-devel-debuginfo-5.3.18-150300.93.1
kernel-rt_debug-debuginfo-5.3.18-150300.93.1
kernel-rt_debug-debugsource-5.3.18-150300.93.1
kernel-rt_debug-devel-5.3.18-150300.93.1
kernel-rt_debug-devel-debuginfo-5.3.18-150300.93.1
kernel-syms-rt-5.3.18-150300.93.1
ocfs2-kmp-rt-5.3.18-150300.93.1
ocfs2-kmp-rt-debuginfo-5.3.18-150300.93.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.93.1
kernel-rt-debuginfo-5.3.18-150300.93.1
kernel-rt-debugsource-5.3.18-150300.93.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
kernel-rt-5.3.18-150300.93.1
kernel-rt-debuginfo-5.3.18-150300.93.1
kernel-rt-debugsource-5.3.18-150300.93.1
References:
https://www.suse.com/security/cve/CVE-2019-19377.html
https://www.suse.com/security/cve/CVE-2020-26541.html
https://www.suse.com/security/cve/CVE-2021-33061.html
https://www.suse.com/security/cve/CVE-2022-0168.html
https://www.suse.com/security/cve/CVE-2022-1184.html
https://www.suse.com/security/cve/CVE-2022-1652.html
https://www.suse.com/security/cve/CVE-2022-1729.html
https://www.suse.com/security/cve/CVE-2022-1966.html
https://www.suse.com/security/cve/CVE-2022-1972.html
https://www.suse.com/security/cve/CVE-2022-1974.html
https://www.suse.com/security/cve/CVE-2022-1975.html
https://www.suse.com/security/cve/CVE-2022-20008.html
https://www.suse.com/security/cve/CVE-2022-20141.html
https://www.suse.com/security/cve/CVE-2022-21123.html
https://www.suse.com/security/cve/CVE-2022-21125.html
https://www.suse.com/security/cve/CVE-2022-21127.html
https://www.suse.com/security/cve/CVE-2022-21166.html
https://www.suse.com/security/cve/CVE-2022-21180.html
https://www.suse.com/security/cve/CVE-2022-30594.html
https://www.suse.com/security/cve/CVE-2022-32250.html
https://bugzilla.suse.com/1055117
https://bugzilla.suse.com/1061840
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1103269
https://bugzilla.suse.com/1118212
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1158266
https://bugzilla.suse.com/1167773
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1177282
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1180100
https://bugzilla.suse.com/1183405
https://bugzilla.suse.com/1188885
https://bugzilla.suse.com/1195826
https://bugzilla.suse.com/1196426
https://bugzilla.suse.com/1196478
https://bugzilla.suse.com/1196570
https://bugzilla.suse.com/1196840
https://bugzilla.suse.com/1197446
https://bugzilla.suse.com/1197472
https://bugzilla.suse.com/1197601
https://bugzilla.suse.com/1197675
https://bugzilla.suse.com/1198438
https://bugzilla.suse.com/1198577
https://bugzilla.suse.com/1198971
https://bugzilla.suse.com/1198989
https://bugzilla.suse.com/1199035
https://bugzilla.suse.com/1199052
https://bugzilla.suse.com/1199063
https://bugzilla.suse.com/1199114
https://bugzilla.suse.com/1199314
https://bugzilla.suse.com/1199365
https://bugzilla.suse.com/1199505
https://bugzilla.suse.com/1199507
https://bugzilla.suse.com/1199564
https://bugzilla.suse.com/1199626
https://bugzilla.suse.com/1199631
https://bugzilla.suse.com/1199650
https://bugzilla.suse.com/1199670
https://bugzilla.suse.com/1199839
https://bugzilla.suse.com/1200015
https://bugzilla.suse.com/1200019
https://bugzilla.suse.com/1200045
https://bugzilla.suse.com/1200046
https://bugzilla.suse.com/1200143
https://bugzilla.suse.com/1200144
https://bugzilla.suse.com/1200192
https://bugzilla.suse.com/1200206
https://bugzilla.suse.com/1200207
https://bugzilla.suse.com/1200216
https://bugzilla.suse.com/1200249
https://bugzilla.suse.com/1200259
https://bugzilla.suse.com/1200263
https://bugzilla.suse.com/1200529
https://bugzilla.suse.com/1200549
https://bugzilla.suse.com/1200604
More information about the sle-updates
mailing list