Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2019.2155
SUSE-SU-2019:1536-1 Security update for the Linux Kernel
18 June 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: linux kernel
Publisher: SUSE
Operating System: SUSE
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Root Compromise -- Existing Account
Access Privileged Data -- Existing Account
Denial of Service -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2019-12382 CVE-2019-11884 CVE-2019-11833
CVE-2019-11815 CVE-2019-11487 CVE-2019-11486
CVE-2019-11479 CVE-2019-11478 CVE-2019-11477
CVE-2019-11190 CVE-2019-11085 CVE-2019-10124
CVE-2019-5489 CVE-2019-3846 CVE-2018-17972
CVE-2018-7191
Reference: ESB-2019.2151
ESB-2019.2150
ESB-2019.2149.2
ESB-2019.2132.2
ESB-2019.2001.4
ESB-2019.1909
ESB-2019.1800
ESB-2019.1792
Original Bulletin:
https://www.suse.com/support/update/announcement/2019/suse-su-20191536-1.html
https://www.suse.com/support/update/announcement/2019/suse-su-20191532-1.html
https://www.suse.com/support/update/announcement/2019/suse-su-20191529-1.html
https://www.suse.com/support/update/announcement/2019/suse-su-20191530-1.html
Comment: This bulletin contains four (4) SUSE security advisories.
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:1536-1
Rating: important
References: #1012382 #1050242 #1051510 #1053043 #1056787 #1058115
#1063638 #1064802 #1065600 #1065729 #1066129 #1068546
#1071995 #1075020 #1082387 #1083647 #1085535 #1099658
#1103992 #1104353 #1104427 #1106011 #1106284 #1108838
#1110946 #1111696 #1112063 #1113722 #1114427 #1114893
#1115688 #1117158 #1117561 #1118139 #1119843 #1120091
#1120423 #1120566 #1120843 #1120902 #1122776 #1123454
#1123663 #1124503 #1124839 #1126356 #1127616 #1128052
#1128904 #1128905 #1128979 #1129138 #1129497 #1129693
#1129770 #1129848 #1129857 #1130409 #1130972 #1131451
#1131488 #1131565 #1131673 #1132044 #1132894 #1133176
#1133188 #1133190 #1133320 #1133612 #1133616 #1134160
#1134162 #1134199 #1134200 #1134201 #1134202 #1134203
#1134204 #1134205 #1134354 #1134393 #1134459 #1134460
#1134461 #1134537 #1134591 #1134597 #1134607 #1134651
#1134671 #1134760 #1134806 #1134810 #1134813 #1134848
#1134936 #1135006 #1135007 #1135008 #1135056 #1135100
#1135120 #1135278 #1135281 #1135309 #1135312 #1135314
#1135315 #1135316 #1135320 #1135323 #1135330 #1135492
#1135542 #1135556 #1135603 #1135642 #1135661 #1135758
#1136206 #1136424 #1136428 #1136430 #1136432 #1136434
#1136435 #1136438 #1136439 #1136477 #1136478 #1136573
#1136586 #1136881 #1136935 #1136990 #1137151 #1137152
#1137153 #1137162 #1137372 #1137444 #1137586 #1137739
#1137752
Cross-References: CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11477
CVE-2019-11479 CVE-2019-11486 CVE-2019-11487 CVE-2019-11815
CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-3846
CVE-2019-5489
Affected Products:
SUSE Linux Enterprise Server 12-SP4
______________________________________________________________________________
An update that solves 13 vulnerabilities and has 132 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP4 kernel was updated to 4.12.14 to receive
various security and bugfixes.
The following security bugs were fixed:
o CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic.
o CVE-2019-11479: An attacker could force the Linux kernel to segment its
responses into multiple TCP segments. This would drastically increased the
bandwidth required to deliver the same amount of data. Further, it would
consume additional resources such as CPU and NIC processing power.
o CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and
possibly escalate privileges was found in the mwifiex kernel module while
connecting to a malicious wireless network. (bnc#1136424)
o CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked
kstrdup of fwstr, which might have allowed an attacker to cause a denial of
service (NULL pointer dereference and system crash). (bnc#1136586)
o CVE-2019-11487: The Linux kernel allowed page reference count overflow,
with resultant use-after-free issues, if about 140 GiB of RAM existed. It
could have occured with FUSE requests. (bnc#1133190)
o CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of
other processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.)
Limited remote exploitation may have been possible, as demonstrated by
latency differences in accessing public files from an Apache HTTP Server.
(bnc#1120843)
o CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might have allowed
local users to obtain sensitive information by reading uninitialized data
in the filesystem. (bnc#1135281)
o CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name
was not called before register_netdevice. This allowed local users to cause
a denial of service (NULL pointer dereference and panic) via an ioctl
(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
o CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915
Graphics for Linux may have allowed an authenticated user to potentially
enable escalation of privilege via local access. (bnc#1135278)
o CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/
tcp.c in the Linux kernel There was a race condition leading to a
use-after-free, related to net namespace cleanup. (bnc#1134537)
o CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/
sock.c in the Linux kernel allowed a local user to obtain potentially
sensitive information from kernel stack memory via a hidPCONNADD command,
because a name field may not end with a '\0' character. (bnc#1134848)
o CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/
n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
o 9p locks: add mount option for lock retry interval (bsc#1051510).
o acpi: button: reinitialize button state upon resume (bsc#1051510).
o acpica: AML interpreter: add region addresses in global list during
initialization (bsc#1051510).
o acpica: Namespace: remove address node from global list after method
termination (bsc#1051510).
o acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).
o acpi / utils: Drop reference in test for device presence (bsc#1051510).
o alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
o alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
o alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#
1051510).
o alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#
1051510).
o alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
o alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: hda/realtek - EAPD turn on later (bsc#1051510).
o alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
(bsc#1051510).
o alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#
1051510).
o alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#
1051510).
o alsa: hda - Register irq handler after the chip initialization (bsc#
1051510).
o alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
o alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
o alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
o alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#
1051510).
o alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
o alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#
1051510).
o alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
o alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
o alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
o alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
o alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
o alsa: timer: Coding style fixes (bsc#1051510).
o alsa: timer: Make snd_timer_close() really kill pending actions (bsc#
1051510).
o alsa: timer: Make sure to clear pending ack list (bsc#1051510).
o alsa: timer: Revert active callback sync check at close (bsc#1051510).
o alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
o alsa: timer: Unify timer callback process code (bsc#1051510).
o alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
o alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
(bsc#1051510).
o alsa: usx2y: fix a double free bug (bsc#1051510).
o appletalk: Fix compile regression (bsc#1051510).
o appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
o arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
o arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).
o arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
o arm64: fix ACPI dependencies (bsc#1117158).
o arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
table (bsc#1117158).
o arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
o arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#
1051510).
o arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
o arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
o arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
o arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
(bsc#1051510).
o arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
o arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#
1051510).
o arm: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be
uninitialized (bsc#1051510).
o arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
o arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
o arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
o arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
(bsc#1051510).
o asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
o asoc: fix valid stream condition (bsc#1051510).
o asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
o asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
o asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
o asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
o asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
o asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
o asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
o asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#
1051510).
o asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
o asoc: stm32: fix sai driver name initialisation (bsc#1051510).
o asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
o asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
o at76c50x-usb: Do not register led_trigger if usb_register_driver failed
(bsc#1051510).
o audit: fix a memleak caused by auditing load module (bsc#1051510).
o b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
o backlight: lm3630a: Return 0 on success in update_status functions (bsc#
1051510).
o bcache: account size of buckets used in uuid write to ca->
meta_sectors_written (bsc#1130972).
o bcache: add a comment in super.c (bsc#1130972).
o bcache: add code comments for bset.c (bsc#1130972).
o bcache: add comment for cache_set->fill_iter (bsc#1130972).
o bcache: add identifier names to arguments of function definitions (bsc#
1130972).
o bcache: add missing SPDX header (bsc#1130972).
o bcache: add MODULE_DESCRIPTION information (bsc#1130972).
o bcache: add separate workqueue for journal_write to avoid deadlock (bsc#
1130972).
o bcache: add static const prefix to char * array declarations (bsc#1130972).
o bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#
1130972).
o bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
o bcache: cannot set writeback_running via sysfs if no writeback kthread
created (bsc#1130972).
o bcache: correct dirty data statistics (bsc#1130972).
o bcache: do not assign in if condition in bcache_init() (bsc#1130972).
o bcache: do not assign in if condition register_bcache() (bsc#1130972).
o bcache: do not check if debug dentry is ERR or NULL explicitly on remove
(bsc#1130972).
o bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#
1130972).
o bcache: do not clone bio in bch_data_verify (bsc#1130972).
o bcache: do not mark writeback_running too early (bsc#1130972).
o bcache: export backing_dev_name via sysfs (bsc#1130972).
o bcache: export backing_dev_uuid via sysfs (bsc#1130972).
o bcache: fix code comments style (bsc#1130972).
o bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
o bcache: fix indent by replacing blank by tabs (bsc#1130972).
o bcache: fix input integer overflow of congested threshold (bsc#1130972).
o bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
o bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#
1130972).
o bcache: fix input overflow to journal_delay_ms (bsc#1130972).
o bcache: fix input overflow to sequential_cutoff (bsc#1130972).
o bcache: fix input overflow to writeback_delay (bsc#1130972).
o bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
o bcache: fix ioctl in flash device (bsc#1130972).
o bcache: fix mistaken code comments in bcache.h (bsc#1130972).
o bcache: fix mistaken comments in request.c (bsc#1130972).
o bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#
1130972).
o bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#
1130972).
o bcache: fix typo in code comments of closure_return_with_destructor() (bsc#
1130972).
o bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
o bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
o bcache: introduce force_wake_up_gc() (bsc#1130972).
o bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#
1130972).
o bcache: Move couple of functions to sysfs.c (bsc#1130972).
o bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
o bcache: move open brace at end of function definitions to next line (bsc#
1130972).
o bcache: never writeback a discard operation (bsc#1130972).
o bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc
#1130972).
o bcache: option to automatically run gc thread after writeback (bsc#
1130972).
o bcache: panic fix for making cache device (bsc#1130972).
o bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
o bcache: prefer 'help' in Kconfig (bsc#1130972).
o bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
o bcache: recal cached_dev_sectors on detach (bsc#1130972).
o bcache: remove unnecessary space before ioctl function pointer arguments
(bsc#1130972).
o bcache: remove unused bch_passthrough_cache (bsc#1130972).
o bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
o bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#
1130972).
o bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
o bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
o bcache: replace printk() by pr_*() routines (bsc#1130972).
o bcache: replace Symbolic permissions by octal permission numbers (bsc#
1130972).
o bcache: set writeback_percent in a flexible range (bsc#1130972).
o bcache: split combined if-condition code into separate ones (bsc#1130972).
o bcache: stop bcache device when backing device is offline (bsc#1130972).
o bcache: stop using the deprecated get_seconds() (bsc#1130972).
o bcache: style fixes for lines over 80 characters (bsc#1130972).
o bcache: style fix to add a blank line after declarations (bsc#1130972).
o bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
o bcache: treat stale dirty keys as bad keys (bsc#1130972).
o bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#
1130972).
o bcache: update comment for bch_data_insert (bsc#1130972).
o bcache: update comment in sysfs.c (bsc#1130972).
o bcache: use MAX_CACHES_PER_SET instead of magic number 8 in
__bch_bucket_alloc_set (bsc#1130972).
o bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
o bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
o bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
o bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
o block: check_events: do not bother with events if unsupported (bsc#1110946,
bsc#1119843).
o block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
o block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
o block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
o block: fix the return errno for direct IO (bsc#1135320).
o block: fix use-after-free on gendisk (bsc#1135312).
o bluetooth: Align minimum encryption key size for LE and BR/EDR connections
(bsc#1051510).
o bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#
1135556).
o bluetooth: hidp: fix buffer overflow (bsc#1051510).
o bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
(bsc#1050242).
o bnxt_en: Improve multicast address setup logic
(networking-stable-19_05_04).
o bnxt_en: Improve RX consumer index validity check
(networking-stable-19_04_10).
o bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
o bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
o bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#
1083647).
o bpf: Add missed newline in verifier verbose log (bsc#1056787).
o bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#
1083647).
o brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
o btrfs: add a helper to return a head ref (bsc#1134813).
o btrfs: breakout empty head cleanup to a helper (bsc#1134813).
o btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: do not allow trimming when a fs is mounted with the nologreplay
option (bsc#1135758).
o btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
o btrfs: Do not panic when we can't find a root key (bsc#1112063).
o btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: Factor out common delayed refs init code (bsc#1134813).
o btrfs: fix fsync not persisting changed attributes of a directory (bsc#
1137151).
o btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#
1136477).
o btrfs: fix race updating log root item during fsync (bsc#1137153).
o btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#
1137152).
o btrfs: improve performance on fsync of files with multiple hardlinks (bsc#
1123454).
o btrfs: Introduce init_delayed_ref_head (bsc#1134813).
o btrfs: move all ref head cleanup to the helper function (bsc#1134813).
o btrfs: move extent_op cleanup to a helper (bsc#1134813).
o btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
o btrfs: Open-code add_delayed_data_ref (bsc#1134813).
o btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
o btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer
dereference (bsc#1134806).
o btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to
btrfs_qgroup_extent_record (bsc#1134162).
o btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release
(bsc#1134160).
o btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON()
(bsc#1133612).
o btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
o btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
o btrfs: split delayed ref head initialization and addition (bsc#1134813).
o btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
o btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#
1136478).
o btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
o ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
o ceph: fix ci->i_head_snapc leak (bsc#1122776).
o ceph: fix use-after-free on symlink traversal (bsc#1134459).
o ceph: only use d_name directly when parent is locked (bsc#1134460).
o cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#
1131565).
o clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
o clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
o configfs: fix possible use-after-free in configfs_register_group (bsc#
1051510).
o configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
o crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
o crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#
1051510).
o crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bsc#
1051510).
o crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#
1051510).
o crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
o crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#
1051510).
o crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
o crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bsc#
1051510).
o crypto: skcipher - do not WARN on unprocessed data after slow walk step
(bsc#1051510).
o crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
o crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
o crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
o crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#
1137162).
o crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#
1137162).
o crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#
1051510).
o dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o dccp: Fix memleak in __feat_register_sp (bsc#1051510).
o debugfs: fix use-after-free on symlink traversal (bsc#1051510).
o devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
o dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#
1051510).
o dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
o documentation: Add MDS vulnerability documentation (bsc#1135642).
o drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
o drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
o drm/etnaviv: lock MMU while dumping core (bsc#1113722)
o drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
o drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
o drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
o drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
o drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
o drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
o drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware
(bsc#1051510).
o drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
o drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#
1113722)
o drm/i915/gvt: refine ggtt range validation (bsc#1113722)
o drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#
1113722)
o drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
o drm/mediatek: fix possible object reference leak (bsc#1051510).
o drm/meson: add size and alignment requirements for dumb buffers (bnc#
1113722)
o drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
o drm/rockchip: fix for mailbox read validation (bsc#1051510).
o drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
o drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
o drm/ttm: Remove warning about inconsistent mapping information (bnc#
1131488)
o drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc
#1051510).
o drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an
invalid read (bsc#1051510).
o drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#
1113722)
o dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
o dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
o dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#
1085535).
o dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings
(bsc#1129770).
o dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
o dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#
1051510).
o efi: add API to reserve memory persistently across kexec reboot (bsc#
1117158).
o efi/arm: Defer persistent reservations until after paging_init() (bsc#
1117158).
o efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc
#1115688 bsc#1120566).
o efi/arm: libstub: add a root memreserve config table (bsc#1117158).
o efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#
1117158).
o efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#
1117158).
o efi/arm: Revert "Defer persistent reservations until after paging_init()"
(bsc#1117158).
o efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
o efi: honour memory reservations passed via a linux specific config table
(bsc#1117158).
o efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#
1117158).
o efi: Permit multiple entries in persistent memreserve data structure (bsc#
1117158).
o efi: Prevent GICv3 WARN() by mapping the memreserve table before first use
(bsc#1117158).
o efi: Reduce the amount of memblock reservations for persistent allocations
(bsc#1117158).
o ext4: actually request zeroing of inode table after grow (bsc#1135315).
o ext4: avoid panic during forced reboot due to aborted journal (bsc#
1126356).
o ext4: Do not warn when enabling DAX (bsc#1132894).
o ext4: fix data corruption caused by overlapping unaligned and aligned IO
(bsc#1136428).
o ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
o ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
o ext4: make sanity check in mballoc more strict (bsc#1136439).
o ext4: wait for outstanding dio during truncate in nojournal mode (bsc#
1136438).
o fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
o fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
o firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
o fix rtnh_ok() (git-fixes).
o fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
o fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount (bsc#1136435).
o ftrace/x86_64: Emulate call function while updating in breakpoint handler
(bsc#1099658).
o genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
o ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
o git_sort: add crypto maintainer tree.
o git-sort: Always explicitely handle a pygit2 import error As pointed out by
Michal Suchanek, the limitation in commit 6d67b1042a73 ("series_sort: Catch
pygit2 import failure.") is wrong; given that there is no explicit
installation step of the git-sort scripts and that they are "just there" in
the kernel-source repository, every user-callable script needs to check
that the user followed installation requirements.
o git-sort: Handle new pygit2.discover_repository behavior A consequence of
pygit2 commit c32ee0c25384 ("Now discover_repository returns None if repo
not found").
o git-sort: Move mainline remote check to series_sort git_sort can be used on
any git repository. series_sort() OTOH expects the reference repository to
be a clone of the mainline Linux kernel repository. Move the warning
accordingly and make it an error since further operations would fail.
Fixes: 027d52475873 ("scripts: git_sort: Warn about missing upstream repo")
o git-sort: README: Add information about how to report problems
o gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
o gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
o hid: debug: fix race condition with between rdesc_show() and device removal
(bsc#1051510).
o hid: input: add mapping for Assistant key (bsc#1051510).
o hid: input: add mapping for Expose/Overview key (bsc#1051510).
o hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#
1051510).
o hid: input: add mapping for "Toggle Display" key (bsc#1051510).
o hid: logitech: check the return value of create_singlethread_workqueue (bsc
#1051510).
o hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o ibmvnic: Add device identification to requested IRQs (bsc#1137739).
o ibmvnic: Do not close unopened driver during reset (bsc#1137752).
o ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
o ibmvnic: Refresh device multicast list after reset (bsc#1137752).
o ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
o igmp: fix incorrect unsolicit report count when join group (git-fixes).
o iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
o indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#
1124503).
o inetpeer: fix uninit-value in inet_getpeer (git-fixes).
o input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#
1051510).
o input: introduce KEY_ASSISTANT (bsc#1051510).
o input: synaptics-rmi4 - fix possible double free (bsc#1051510).
o intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
o intel_th: pci: Add Comet Lake support (bsc#1051510).
o iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump
kernel (bsc#1117158).
o iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#
1134671).
o iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#
1135006).
o iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
o iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
o ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address
(git-fixes).
o ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
(networking-stable-19_04_10).
o ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
o ip_gre: fix parsing gre header in ipgre_err (git-fixes).
o ipmi:ssif: compare block number correctly for multi-part return messages
(bsc#1051510).
o ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
o ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
o ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
(git-fixes).
o ipv4: ensure rcu_read_lock() in ipv4_link_failure()
(networking-stable-19_04_19).
o ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
(networking-stable-19_05_04).
o ipv4: recompile ip options in ipv4_link_failure
(networking-stable-19_04_19).
o ipv4: set the tcp_min_rtt_wlen range from 0 to one day
(networking-stable-19_04_30).
o ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
o ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
o ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
o ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
o ipv6: mcast: fix unsolicited report interval after receiving querys
(git-fixes).
o ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
o ipvlan: fix ipv6 outbound device (bsc#1051510).
o ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
o ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
o ipvs: fix buffer overflow with sync daemon and service (git-fixes).
o ipvs: fix check on xmit to non-local addresses (git-fixes).
o ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
o ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
o ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
o ipvs: fix stats update from local clients (git-fixes).
o iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
o jbd2: check superblock mapped prior to committing (bsc#1136430).
o kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
o kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
o kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#
1137586).
o kABI: protect dma-mapping.h include (kabi).
o kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).
o kABI: protect ip_options_rcv_srr (kabi).
o kABI: protect struct mlx5_td (kabi).
o kABI: protect struct pci_dev (kabi).
o kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).
o kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).
o kABI: protect struct smc_link (bsc#1129857 LTC#176247).
o kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
o kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#
1051510).
o kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
o kernel/sys.c: prctl: fix false positive in validate_prctl_map()
(git-fixes).
o kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
(bsc#1051510).
o kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#
1051510).
o keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
o kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904
LTC#176078).
o kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128905
LTC#176077).
o kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
o kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
o kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#
1134201).
o kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
o kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
o kvm: s390: use created_vcpus in more places (bsc#1136206).
o kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
o kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#
1134202).
o kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#
1134203).
o kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#
1134204).
o kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#
1134205).
o l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
o l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
o l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
o l2tp: revert "l2tp: fix missing print session offset info" (bsc#1051510).
o leds: avoid races with workqueue (bsc#1051510).
o leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
o lib: add crc64 calculation routines (bsc#1130972).
o libata: fix using DMA buffers on stack (bsc#1051510).
o lib: do not depend on linux headers being installed (bsc#1130972).
o linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#
1051510).
o livepatch: Convert error about unsupported reliable stacktrace into a
warning (bsc#1071995).
o livepatch: Remove custom kobject state handling (bsc#1071995).
o livepatch: Remove duplicated code for early initialization (bsc#1071995).
o lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
o mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
o mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
o mac8390: Fix mmio access size probe (bsc#1051510).
o md: fix invalid stored role for a disk (bsc#1051510).
o media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
o media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
o media: cx23885: check allocation return (bsc#1051510).
o media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
o media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
o media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
o media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#
1051510).
o media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
o media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
o media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#
1051510).
o media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
(bsc#1051510).
o media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#
1051510).
o media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
o media: wl128x: prevent two potential buffer overflows (bsc#1051510).
o memcg: make it work on sparse non-0-node systems (bnc#1133616).
o memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
o mISDN: Check address length before reading address family (bsc#1051510).
o mlxsw: spectrum: Fix autoneg status in ethtool
(networking-stable-19_04_30).
o mmc: block: Delete gendisk before cleaning up the request queue (bsc#
1127616).
o mmc: core: fix possible use after free of host (bsc#1051510).
o mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
o mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned
addresses (bsc#1135330).
o mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
o mount: copy the port field into the cloned nfs_server structure (bsc#
1136990).
o mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
o mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#
1051510).
o mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol
(bsc#1051510).
o mtd: part: fix incorrect format specifier for an unsigned long long (bsc#
1051510).
o mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
(bsc#1129770).
o mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
o mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
o mwifiex: Fix possible buffer overflows at parsing bss descriptor
o mwifiex: prevent an array overflow (bsc#1051510).
o mwl8k: Fix rate_idx underflow (bsc#1051510).
o neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
o net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
(networking-stable-19_03_28).
o net: atm: Fix potential Spectre v1 vulnerabilities
(networking-stable-19_04_19).
o net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
o net: do not keep lonely packets forever in the gro hash (git-fixes).
o net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
(networking-stable-19_05_04).
o net: dsa: legacy: do not unmask port bitmaps (git-fixes).
o net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
(git-fixes).
o net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#
1117561).
o net: ethtool: not call vzalloc for zero sized memory request
(networking-stable-19_04_10).
o netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev
(git-fixes).
o netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
o netfilter: bridge: ebt_among: add more missing match size checks
(git-fixes).
o netfilter: drop template ct when conntrack is skipped (git-fixes).
o netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
(git-fixes).
o netfilter: ebtables: handle string from userspace with care (git-fixes).
o netfilter: ebtables: reject non-bridge targets (git-fixes).
o netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
(git-fixes).
o netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
o netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
o netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
(git-fixes).
o netfilter: nf_tables: can't fail after linking rule into active rule list
(git-fixes).
o netfilter: nf_tables: check msg_type before nft_trans_set(trans)
(git-fixes).
o netfilter: nf_tables: fix leaking object reference count (git-fixes).
o netfilter: nf_tables: fix NULL pointer dereference on
nft_ct_helper_obj_dump() (git-fixes).
o netfilter: nf_tables: release chain in flushing set (git-fixes).
o netfilter: nft_compat: do not dump private area (git-fixes).
o netfilter: x_tables: initialise match/target check parameter struct
(git-fixes).
o net: Fix a bug in removing queues from XPS map (git-fixes).
o net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
o net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
(networking-stable-19_04_19).
o net-gro: Fix GRO flush when receiving a GSO packet
(networking-stable-19_04_10).
o net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#
1104353 bsc#1135056).
o net/ibmvnic: Remove tests of member address (bsc#1137739).
o net/ibmvnic: Update carrier state after link state change (bsc#1135100).
o net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
o net: initialize skb->peeked when cloning (git-fixes).
o net/ipv4: defensive cipso option parsing (git-fixes).
o net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev
(git-fixes).
o net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
o net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
o net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
o netlink: fix uninit-value in netlink_sendmsg (git-fixes).
o net: make skb_partial_csum_set() more robust against overflows (git-fixes).
o net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
o net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
o net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
(networking-stable-19_04_30).
o net/mlx5e: Fix trailing semicolon (bsc#1075020).
o net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
o net: phy: marvell: Fix buffer overrun with stats counters
(networking-stable-19_05_04).
o net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
o net: rose: fix a possible stack overflow (networking-stable-19_03_28).
o net/rose: fix unbound loop in rose_loopback_timer()
(networking-stable-19_04_30).
o net/sched: act_sample: fix divide by zero in the traffic path
(networking-stable-19_04_10).
o net/sched: do not dereference a->goto_chain to read the chain index (bsc#
1064802 bsc#1066129).
o net/sched: fix ->get helper of the matchall cls
(networking-stable-19_04_10).
o net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).
o net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).
o net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).
o net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409
LTC#176346).
o net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).
o net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).
o net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).
o net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
o net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).
o net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).
o net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
o net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
o net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
o net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).
o net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#
176247).
o net/smc: do not wait for send buffer space when data was already sent (bsc#
1129857 LTC#176247).
o net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).
o net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
o net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).
o net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
o net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).
o net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
o net/smc: fix sender_free computation (bsc#1129857 LTC#176247).
o net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).
o net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).
o net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
o net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
o net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).
o net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
o net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).
o net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).
o net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
o net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).
o net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#
176247).
o net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc
#1129857 LTC#176247).
o net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
o net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#
1129857 LTC#176247).
o net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).
o net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).
o net/smc: rework pnet table (bsc#1130409 LTC#176346).
o net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#
176247).
o net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC
#176247).
o net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).
o net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).
o net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC
#177518).
o net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
o net: stmmac: fix memory corruption with large MTUs
(networking-stable-19_03_28).
o net: stmmac: move stmmac_check_ether_addr() to driver probe
(networking-stable-19_04_30).
o net: test tailroom before appending to linear skb (git-fixes).
o net: thunderx: do not allow jumbo frames with XDP
(networking-stable-19_04_19).
o net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
o net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
o net: use indirect call wrappers at GRO network layer (bsc#1124503).
o net: use indirect call wrappers at GRO transport layer (bsc#1124503).
o nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
o nfs: Update config files for NFSv4.2 Enable NFSv4.2 support - jsc@PM-231
This requires a module parameter for NFSv4.2 to actually be available on
SLE12 and SLE15-SP0
o nfsv4.x: always serialize open/close operations (bsc#1114893).
o nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#
1051510).
o nvme: Do not remove namespaces during reset (bsc#1131673).
o nvme: flush scan_work when resetting controller (bsc#1131673).
o nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#
1120423).
o objtool: Fix function fallthrough detection (bsc#1058115).
o ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
o ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on
OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
o of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
o omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
o openvswitch: add seqadj extension when NAT is used (bsc#1051510).
o openvswitch: fix flow actions reallocation (bsc#1051510).
o p54: drop device reference count if fails to enable device (bsc#1135642).
o packet: fix reserve calculation (git-fixes).
o packet: in packet_snd start writing at link layer allocation (git-fixes).
o packet: refine ring v3 block size test to hold one frame (git-fixes).
o packet: reset network header if packet shorter than ll reserved space
(git-fixes).
o packets: Always register packet sk in the same order
(networking-stable-19_03_28).
o packet: validate msg_namelen in send directly (git-fixes).
o pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent()
(git-fixes).
o pci: Factor out pcie_retrain_link() function (git-fixes).
o pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
o pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
o pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum
(git-fixes).
o phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#
1051510).
o platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
o platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
o platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
o platform/x86: intel_punit_ipc: Revert "Fix resource ioremap warning" (bsc#
1051510).
o platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI
table (bsc#1051510).
o platform/x86: pmc_atom: Add several Beckhoff Automation boards to
critclk_systems DMI table (bsc#1051510).
o platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
o platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
o powerpc: Always initialize input array when calling epapr_hypercall() (bsc#
1065729).
o powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
o powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
o powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
o powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
o powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
o powerpc/process: Fix sparse address space warnings (bsc#1065729).
o power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc
#1051510).
o power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
o proc/kcore: do not bounds check against address 0 (bsc#1051510).
o proc: revalidate kernel thread inodes to root:root (bsc#1051510).
o proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
o ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
(git-fixes).
o pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
o pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
o pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
o pwm: meson: Use the spin-lock only to protect register modifications (bsc#
1051510).
o pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
o qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
o qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
o qmi_wwan: add Olicard 600 (bsc#1051510).
o rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
o rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387,
bsc#1103992).
o re-export snd_cards for kABI compatibility (bsc#1051510).
o regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#
1051510).
o Revert "ALSA: seq: Protect in-kernel ioctl calls with mutex" (bsc#1051510).
o Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers"
(bsc#1110946, bsc#1119843).
o Revert "drm/sun4i: rgb: Change the pixel clock validation check (bnc#
1113722)" The patch seems buggy, breaks the build for armv7hl/pae config.
o Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (bsc#
1110946).
o Revert "tty: pty: Fix race condition between release_one_tty and pty_write"
(bsc#1051510).
o rt2x00: do not increment sequence number while re-transmitting (bsc#
1051510).
o rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
o rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
o rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
o rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
o rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket
(git-fixes).
o s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#
176247).
o s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
o sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
(bsc#1051510).
o sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
o sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
o scripts/bugzilla-create: Set 'Proactive-Upstream-Fix' keyword
o scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
o scripts: override locale from environment when running recordmcount.pl (bsc
#1134354).
o scsi: qedf: fixup bit operations (bsc#1135542).
o scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
o scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
o scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
o scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
o scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
o scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
o scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
o scsi: qla2xxx: fix spelling mistake: "existant" -> "existent" (bsc#
1118139).
o scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
o scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
o scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
o scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#
1137444).
o scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#
1137444).
o scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res'
(bsc#1137444).
o scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#
1137444).
o scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
o scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
o scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#
1137444).
o scsi: qla2xxx: Remove unused symbols (bsc#1118139).
o scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
o scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing
them (bsc#1137444).
o scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
o sctp: avoid running the sctp state machine recursively
(networking-stable-19_05_04).
o sctp: fix identification of new acks for SFR-CACC (git-fixes).
o sctp: get sctphdr by offset in sctp_compute_cksum
(networking-stable-19_03_28).
o sctp: initialize _pad of sockaddr_in before copying to user memory
(networking-stable-19_04_10).
o sctp: only update outstanding_bytes for transmitted queue when doing
prsctp_prune (git-fixes).
o sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
o selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
o serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
o serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
o serial: uartps: console_setup() can't be placed to init section (bsc#
1051510).
o signal: Always notice exiting tasks (git-fixes).
o signal: Better detection of synchronous signals (git-fixes).
o signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
o smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#
176247).
o soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
o soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#
1051510).
o spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
o spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#
1051510).
o spi: bcm2835aux: setup gpio-cs to output and correct level during setup
(bsc#1051510).
o spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#
1051510).
o spi: Micrel eth switch: declare missing of table (bsc#1051510).
o spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
o spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
o ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#
1051510).
o staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#
1051510).
o stm class: Fix an endless loop in channel allocation (bsc#1051510).
o stm class: Fix channel free in stm output free path (bsc#1051510).
o stm class: Prevent division by zero (bsc#1051510).
o stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
o supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
o supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
o switchtec: Fix unintended mask of MRPC event (git-fixes).
o tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
o tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
o tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
o tcp: limit payload size of sacked skbs (bsc#1137586).
o tcp: purge write queue in tcp_connect_init() (git-fixes).
o tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
o tcp: tcp_grow_window() needs to respect tcp_space()
(networking-stable-19_04_19).
o team: fix possible recursive locking when add slaves
(networking-stable-19_04_30).
o team: set slave to promisc if team is already in promisc mode (bsc#
1051510).
o thermal: cpu_cooling: Actually trace CPU load in
thermal_power_cpu_get_power (bsc#1051510).
o thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
o thermal/int340x_thermal: fix mode setting (bsc#1051510).
o thunderx: eliminate extra calls to put_page() for pages held for recycling
(networking-stable-19_03_28).
o thunderx: enable page recycling for non-XDP case
(networking-stable-19_03_28).
o tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
o tipc: missing entries in name table of publications
(networking-stable-19_04_19).
o tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
o tracing: Fix partial reading of trace event's id file (bsc#1136573).
o treewide: Use DEVICE_ATTR_WO (bsc#1137739).
o tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
o tty: pty: Fix race condition between release_one_tty and pty_write (bsc#
1051510).
o tty: serial_core, add ->install (bnc#1129693).
o tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
(bsc#1051510).
o tun: add a missing rcu_read_unlock() in error path
(networking-stable-19_03_28).
o tun: properly test for IFF_UP (networking-stable-19_03_28).
o uas: fix alignment of scatter/gather segments (bsc#1129770).
o udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
o ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#
1135323).
o usb: cdc-acm: fix unthrottle races (bsc#1051510).
o usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#
1051510).
o usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
o usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
o usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
o usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
o usb: serial: fix unthrottle races (bsc#1051510).
o usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
o usb: u132-hcd: fix resource leak (bsc#1051510).
o usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#
1051510).
o usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
o usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#
1051510).
o usb: yurex: Fix protection fault after device removal (bsc#1051510).
o userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
o vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
o vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#
1051510).
o vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
o vfio/pci: use correct format characters (bsc#1051510).
o vhost: reject zero size iova range (networking-stable-19_04_19).
o vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
o virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
o virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
o virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
o vrf: check accept_source_route on the original netdevice
(networking-stable-19_04_10).
o vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
o vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#
1051510).
o vsock/virtio: Initialize core virtio vsock before registering the driver
(bsc#1051510).
o vsock/virtio: reset connected sockets on device removal (bsc#1051510).
o vt: always call notifier with the console lock held (bsc#1051510).
o vxlan: Do not call gro_cells_destroy() before device is unregistered
(networking-stable-19_03_28).
o x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
o x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
o x86/speculation/mds: Fix documentation typo (bsc#1135642).
o xenbus: drop useless LIST_HEAD in xenbus_write_watch() and
xenbus_file_write() (bsc#1065600).
o xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
o xfrm6: call kfree_skb when skb is toobig (git-fixes).
o xfrm: fix missing dst_release() after policy blocking lbcast and multicast
(git-fixes).
o xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
o xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
o xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
o xfrm: reset crypto_done when iterating over multiple input xfrms
(git-fixes).
o xfrm: reset transport header back to network header after all input
transforms ahave been applied (git-fixes).
o xfrm: Return error on unknown encap_type in init_state (git-fixes).
o xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
o xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
o xfs: add log item pinning error injection tag (bsc#1114427).
o xfs: buffer lru reference count error injection tag (bsc#1114427).
o xfs: check _btree_check_block value (bsc#1123663).
o xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
o xfs: create block pointer check functions (bsc#1123663).
o xfs: create inode pointer verifiers (bsc#1114427).
o xfs: detect and fix bad summary counts at mount (bsc#1114427).
o xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub
(bsc#1114427).
o xfs: export various function for the online scrubber (bsc#1123663).
o xfs: expose errortag knobs via sysfs (bsc#1114427).
o xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
o xfs: force summary counter recalc at next mount (bsc#1114427).
o xfs: kill meaningless variable 'zero' (bsc#1106011).
o xfs: make errortag a per-mountpoint structure (bsc#1123663).
o xfs: move error injection tags into their own file (bsc#1114427).
o xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
o xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#
1106011).
o xfs: refactor btree block header checking functions (bsc#1123663).
o xfs: refactor btree pointer checks (bsc#1123663).
o xfs: refactor unmount record write (bsc#1114427).
o xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
o xfs: remove xfs_zero_range (bsc#1106011).
o xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
o xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
o xfs: sanity-check the unused space before trying to use it (bsc#1123663).
o xfs: serialize unaligned dio writes against all other dio writes (bsc#
1134936).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Server 12-SP4:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1536=1
Package List:
o SUSE Linux Enterprise Server 12-SP4 (x86_64):
kernel-azure-4.12.14-6.15.2
kernel-azure-base-4.12.14-6.15.2
kernel-azure-base-debuginfo-4.12.14-6.15.2
kernel-azure-debuginfo-4.12.14-6.15.2
kernel-azure-debugsource-4.12.14-6.15.2
kernel-azure-devel-4.12.14-6.15.2
kernel-syms-azure-4.12.14-6.15.2
o SUSE Linux Enterprise Server 12-SP4 (noarch):
kernel-devel-azure-4.12.14-6.15.2
kernel-source-azure-4.12.14-6.15.2
References:
o https://www.suse.com/security/cve/CVE-2018-7191.html
o https://www.suse.com/security/cve/CVE-2019-10124.html
o https://www.suse.com/security/cve/CVE-2019-11085.html
o https://www.suse.com/security/cve/CVE-2019-11477.html
o https://www.suse.com/security/cve/CVE-2019-11479.html
o https://www.suse.com/security/cve/CVE-2019-11486.html
o https://www.suse.com/security/cve/CVE-2019-11487.html
o https://www.suse.com/security/cve/CVE-2019-11815.html
o https://www.suse.com/security/cve/CVE-2019-11833.html
o https://www.suse.com/security/cve/CVE-2019-11884.html
o https://www.suse.com/security/cve/CVE-2019-12382.html
o https://www.suse.com/security/cve/CVE-2019-3846.html
o https://www.suse.com/security/cve/CVE-2019-5489.html
o https://bugzilla.suse.com/1012382
o https://bugzilla.suse.com/1050242
o https://bugzilla.suse.com/1051510
o https://bugzilla.suse.com/1053043
o https://bugzilla.suse.com/1056787
o https://bugzilla.suse.com/1058115
o https://bugzilla.suse.com/1063638
o https://bugzilla.suse.com/1064802
o https://bugzilla.suse.com/1065600
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1066129
o https://bugzilla.suse.com/1068546
o https://bugzilla.suse.com/1071995
o https://bugzilla.suse.com/1075020
o https://bugzilla.suse.com/1082387
o https://bugzilla.suse.com/1083647
o https://bugzilla.suse.com/1085535
o https://bugzilla.suse.com/1099658
o https://bugzilla.suse.com/1103992
o https://bugzilla.suse.com/1104353
o https://bugzilla.suse.com/1104427
o https://bugzilla.suse.com/1106011
o https://bugzilla.suse.com/1106284
o https://bugzilla.suse.com/1108838
o https://bugzilla.suse.com/1110946
o https://bugzilla.suse.com/1111696
o https://bugzilla.suse.com/1112063
o https://bugzilla.suse.com/1113722
o https://bugzilla.suse.com/1114427
o https://bugzilla.suse.com/1114893
o https://bugzilla.suse.com/1115688
o https://bugzilla.suse.com/1117158
o https://bugzilla.suse.com/1117561
o https://bugzilla.suse.com/1118139
o https://bugzilla.suse.com/1119843
o https://bugzilla.suse.com/1120091
o https://bugzilla.suse.com/1120423
o https://bugzilla.suse.com/1120566
o https://bugzilla.suse.com/1120843
o https://bugzilla.suse.com/1120902
o https://bugzilla.suse.com/1122776
o https://bugzilla.suse.com/1123454
o https://bugzilla.suse.com/1123663
o https://bugzilla.suse.com/1124503
o https://bugzilla.suse.com/1124839
o https://bugzilla.suse.com/1126356
o https://bugzilla.suse.com/1127616
o https://bugzilla.suse.com/1128052
o https://bugzilla.suse.com/1128904
o https://bugzilla.suse.com/1128905
o https://bugzilla.suse.com/1128979
o https://bugzilla.suse.com/1129138
o https://bugzilla.suse.com/1129497
o https://bugzilla.suse.com/1129693
o https://bugzilla.suse.com/1129770
o https://bugzilla.suse.com/1129848
o https://bugzilla.suse.com/1129857
o https://bugzilla.suse.com/1130409
o https://bugzilla.suse.com/1130972
o https://bugzilla.suse.com/1131451
o https://bugzilla.suse.com/1131488
o https://bugzilla.suse.com/1131565
o https://bugzilla.suse.com/1131673
o https://bugzilla.suse.com/1132044
o https://bugzilla.suse.com/1132894
o https://bugzilla.suse.com/1133176
o https://bugzilla.suse.com/1133188
o https://bugzilla.suse.com/1133190
o https://bugzilla.suse.com/1133320
o https://bugzilla.suse.com/1133612
o https://bugzilla.suse.com/1133616
o https://bugzilla.suse.com/1134160
o https://bugzilla.suse.com/1134162
o https://bugzilla.suse.com/1134199
o https://bugzilla.suse.com/1134200
o https://bugzilla.suse.com/1134201
o https://bugzilla.suse.com/1134202
o https://bugzilla.suse.com/1134203
o https://bugzilla.suse.com/1134204
o https://bugzilla.suse.com/1134205
o https://bugzilla.suse.com/1134354
o https://bugzilla.suse.com/1134393
o https://bugzilla.suse.com/1134459
o https://bugzilla.suse.com/1134460
o https://bugzilla.suse.com/1134461
o https://bugzilla.suse.com/1134537
o https://bugzilla.suse.com/1134591
o https://bugzilla.suse.com/1134597
o https://bugzilla.suse.com/1134607
o https://bugzilla.suse.com/1134651
o https://bugzilla.suse.com/1134671
o https://bugzilla.suse.com/1134760
o https://bugzilla.suse.com/1134806
o https://bugzilla.suse.com/1134810
o https://bugzilla.suse.com/1134813
o https://bugzilla.suse.com/1134848
o https://bugzilla.suse.com/1134936
o https://bugzilla.suse.com/1135006
o https://bugzilla.suse.com/1135007
o https://bugzilla.suse.com/1135008
o https://bugzilla.suse.com/1135056
o https://bugzilla.suse.com/1135100
o https://bugzilla.suse.com/1135120
o https://bugzilla.suse.com/1135278
o https://bugzilla.suse.com/1135281
o https://bugzilla.suse.com/1135309
o https://bugzilla.suse.com/1135312
o https://bugzilla.suse.com/1135314
o https://bugzilla.suse.com/1135315
o https://bugzilla.suse.com/1135316
o https://bugzilla.suse.com/1135320
o https://bugzilla.suse.com/1135323
o https://bugzilla.suse.com/1135330
o https://bugzilla.suse.com/1135492
o https://bugzilla.suse.com/1135542
o https://bugzilla.suse.com/1135556
o https://bugzilla.suse.com/1135603
o https://bugzilla.suse.com/1135642
o https://bugzilla.suse.com/1135661
o https://bugzilla.suse.com/1135758
o https://bugzilla.suse.com/1136206
o https://bugzilla.suse.com/1136424
o https://bugzilla.suse.com/1136428
o https://bugzilla.suse.com/1136430
o https://bugzilla.suse.com/1136432
o https://bugzilla.suse.com/1136434
o https://bugzilla.suse.com/1136435
o https://bugzilla.suse.com/1136438
o https://bugzilla.suse.com/1136439
o https://bugzilla.suse.com/1136477
o https://bugzilla.suse.com/1136478
o https://bugzilla.suse.com/1136573
o https://bugzilla.suse.com/1136586
o https://bugzilla.suse.com/1136881
o https://bugzilla.suse.com/1136935
o https://bugzilla.suse.com/1136990
o https://bugzilla.suse.com/1137151
o https://bugzilla.suse.com/1137152
o https://bugzilla.suse.com/1137153
o https://bugzilla.suse.com/1137162
o https://bugzilla.suse.com/1137372
o https://bugzilla.suse.com/1137444
o https://bugzilla.suse.com/1137586
o https://bugzilla.suse.com/1137739
o https://bugzilla.suse.com/1137752
- --------------------------------------------------------------------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:1532-1
Rating: important
References: #1005778 #1005780 #1005781 #1012382 #1019695 #1019696
#1022604 #1063638 #1065600 #1085535 #1085539 #1090888
#1099658 #1100132 #1106110 #1106284 #1106929 #1108293
#1108838 #1110785 #1110946 #1112063 #1112178 #1116803
#1117562 #1119086 #1120642 #1120843 #1120902 #1122776
#1126040 #1126356 #1128052 #1129138 #1129770 #1130972
#1131107 #1131488 #1131565 #1132212 #1132472 #1133188
#1133874 #1134160 #1134162 #1134338 #1134537 #1134564
#1134565 #1134566 #1134651 #1134760 #1134806 #1134813
#1134848 #1135013 #1135014 #1135015 #1135100 #1135120
#1135281 #1135603 #1135642 #1135661 #1135878 #1136424
#1136438 #1136448 #1136449 #1136451 #1136452 #1136455
#1136458 #1136539 #1136573 #1136575 #1136586 #1136590
#1136623 #1136810 #1136935 #1136990 #1137142 #1137162
#1137586 #843419
Cross-References: CVE-2018-17972 CVE-2018-7191 CVE-2019-11190 CVE-2019-11477
CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11815
CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-3846
CVE-2019-5489
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Server 12-SP3
SUSE Linux Enterprise Live Patching 12-SP3
SUSE Linux Enterprise High Availability 12-SP3
SUSE Linux Enterprise Desktop 12-SP3
SUSE CaaS Platform ALL
SUSE CaaS Platform 3.0
______________________________________________________________________________
An update that solves 13 vulnerabilities and has 73 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.180 to receive
various security and bugfixes.
The following security bugs were fixed:
o CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic.
o CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able
to further exploit the fragmented queue to cause an expensive linked-list
walk for subsequent SACKs received for that same TCP connection.
o CVE-2019-11479: An attacker could force the Linux kernel to segment its
responses into multiple TCP segments. This would drastically increased the
bandwidth required to deliver the same amount of data. Further, it would
consume additional resources such as CPU and NIC processing power.
o CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and
possibly escalate privileges was found in the mwifiex kernel module while
connecting to a malicious wireless network. (bnc#1136424)
o CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked
kstrdup of fwstr, which might have allowed an attacker to cause a denial of
service (NULL pointer dereference and system crash). (bnc#1136586)
o CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of
other processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.)
Limited remote exploitation may have been possible, as demonstrated by
latency differences in accessing public files from an Apache HTTP Server.
(bnc#1120843)
o CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might have allowed
local users to obtain sensitive information by reading uninitialized data
in the filesystem. (bnc#1135281)
o CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name
was not called before register_netdevice. This allowed local users to cause
a denial of service (NULL pointer dereference and panic) via an ioctl
(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
o CVE-2019-11190: The Linux kernel allowed local users to bypass ASLR on
setuid programs (such as /bin/su) because install_exec_creds() was called
too late in load_elf_binary() in fs/binfmt_elf.c, and thus the
ptrace_may_access() check had a race condition when reading /proc/pid/stat.
(bnc#1132472)
o CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/
tcp.c in the Linux kernel There was a race condition leading to a
use-after-free, related to net namespace cleanup. (bnc#1134537)
o CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/
sock.c in the Linux kernel allowed a local user to obtain potentially
sensitive information from kernel stack memory via a HIDPCONNADD command,
because a name field may not end with a '\0' character. (bnc#1134848)
o CVE-2018-17972: An issue was discovered in the proc_pid_stack function in
fs/proc/base.c in the Linux kernel It did not ensure that only root may
inspect the kernel stack of an arbitrary task, allowing a local attacker to
exploit racy stack unwinding and leak kernel task stack contents. (bnc#
1110785)
o CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/
n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
o 9p locks: add mount option for lock retry interval (bnc#1012382).
o 9p: do not trust pdu content for stat item size (bnc#1012382).
o X.509: unpack RSA signatureValue field from BIT STRING (git-fixes).
o acpi / sbs: Fix GPE storm on recent MacBookPro's (bnc#1012382).
o alsa: core: Fix card races between register and disconnect (bnc#1012382).
o alsa: echoaudio: add a check for ioremap_nocache (bnc#1012382).
o alsa: info: Fix racy addition/deletion of nodes (bnc#1012382).
o alsa: line6: use dynamic buffers (bnc#1012382).
o alsa: opl3: fix mismatch between snd_opl3_drum_switch definition and
declaration (bnc#1012382).
o alsa: pcm: check if ops are defined before suspending PCM (bnc#1012382).
o alsa: sb8: add a check for request_region (bnc#1012382).
o alsa: seq: Fix OOB-reads from strlcpy (bnc#1012382).
o appletalk: Fix compile regression (bnc#1012382).
o appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382).
o arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419
(bsc#1126040).
o arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp
(bsc#1126040).
o arm64: Add helper to decode register from instruction (bsc#1126040).
o arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals
(bnc#1012382).
o arm64: debug: Ensure debug handlers check triggering exception level (bnc#
1012382).
o arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#
1012382).
o arm64: futex: Restore oldval initialization to work around buggy compilers
(bnc#1012382).
o arm64: module-plts: factor out PLT generation code for ftrace (bsc#
1126040).
o arm64: module: do not BUG when exceeding preallocated PLT count (bsc#
1126040).
o arm64: module: split core and init PLT sections (bsc#1126040).
o arm: 8833/1: Ensure that NEON code always compiles with Clang (bnc#
1012382).
o arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382).
o arm: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382).
o arm: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382).
o arm: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382).
o arm: dts: pfla02: increase phy reset duration (bnc#1012382).
o arm: iop: do not use using 64-bit DMA masks (bnc#1012382).
o arm: orion: do not use using 64-bit DMA masks (bnc#1012382).
o arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
(bnc#1012382).
o asoc: Intel: avoid Oops if DMA setup fails (bnc#1012382).
o asoc: cs4270: Set auto-increment bit for register writes (bnc#1012382).
o asoc: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc
#1012382).
o asoc: fsl_esai: fix channel swap issue when stream starts (bnc#1012382).
o asoc: tlv320aic32x4: Fix Common Pins (bnc#1012382).
o asoc:soc-pcm:fix a codec fixup issue in TDM case (bnc#1012382).
o backlight: lm3630a: Return 0 on success in update_status functions (bsc#
1106929)
o bcache: Move couple of functions to sysfs.c (bsc#1130972).
o bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
o bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
o bcache: account size of buckets used in uuid write to ca->
meta_sectors_written (bsc#1130972).
o bcache: add MODULE_DESCRIPTION information (bsc#1130972).
o bcache: add a comment in super.c (bsc#1130972).
o bcache: add code comments for bset.c (bsc#1130972).
o bcache: add comment for cache_set->fill_iter (bsc#1130972).
o bcache: add identifier names to arguments of function definitions (bsc#
1130972).
o bcache: add missing SPDX header (bsc#1130972).
o bcache: add separate workqueue for journal_write to avoid deadlock (bsc#
1130972).
o bcache: add static const prefix to char * array declarations (bsc#1130972).
o bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#
1130972).
o bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
o bcache: cannot set writeback_running via sysfs if no writeback kthread
created (bsc#1130972).
o bcache: comment on direct access to bvec table (bsc#1130972).
o bcache: correct dirty data statistics (bsc#1130972).
o bcache: do not assign in if condition in bcache_device_init() (bsc#
1130972).
o bcache: do not assign in if condition in bcache_init() (bsc#1130972).
o bcache: do not assign in if condition register_bcache() (bsc#1130972).
o bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#
1130972).
o bcache: do not check if debug dentry is ERR or NULL explicitly on remove
(bsc#1130972).
o bcache: do not clone bio in bch_data_verify (bsc#1130972).
o bcache: do not mark writeback_running too early (bsc#1130972).
o bcache: export backing_dev_name via sysfs (bsc#1130972).
o bcache: export backing_dev_uuid via sysfs (bsc#1130972).
o bcache: fix code comments style (bsc#1130972).
o bcache: fix indent by replacing blank by tabs (bsc#1130972).
o bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
o bcache: fix input integer overflow of congested threshold (bsc#1130972).
o bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#
1012382).
o bcache: fix input overflow to journal_delay_ms (bsc#1130972).
o bcache: fix input overflow to sequential_cutoff (bnc#1012382).
o bcache: fix input overflow to writeback_delay (bsc#1130972).
o bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
o bcache: fix ioctl in flash device (bsc#1130972).
o bcache: fix mistaken code comments in bcache.h (bsc#1130972).
o bcache: fix mistaken comments in request.c (bsc#1130972).
o bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#
1130972).
o bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#
1130972).
o bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
o bcache: fix typo in code comments of closure_return_with_destructor() (bsc#
1130972).
o bcache: improve sysfs_strtoul_clamp() (bnc#1012382).
o bcache: introduce force_wake_up_gc() (bsc#1130972).
o bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#
1130972).
o bcache: move open brace at end of function definitions to next line (bsc#
1130972).
o bcache: never writeback a discard operation (bsc#1130972).
o bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc
#1130972).
o bcache: option to automatically run gc thread after writeback (bsc#
1130972).
o bcache: panic fix for making cache device (bsc#1130972).
o bcache: prefer 'help' in Kconfig (bsc#1130972).
o bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
o bcache: recal cached_dev_sectors on detach (bsc#1130972).
o bcache: remove unnecessary space before ioctl function pointer arguments
(bsc#1130972).
o bcache: remove unused bch_passthrough_cache (bsc#1130972).
o bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
o bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
o bcache: replace Symbolic permissions by octal permission numbers (bsc#
1130972).
o bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
o bcache: replace printk() by pr_*() routines (bsc#1130972).
o bcache: set writeback_percent in a flexible range (bsc#1130972).
o bcache: split combined if-condition code into separate ones (bsc#1130972).
o bcache: stop using the deprecated get_seconds() (bsc#1130972).
o bcache: style fix to add a blank line after declarations (bsc#1130972).
o bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
o bcache: style fixes for lines over 80 characters (bsc#1130972).
o bcache: trace missed reading by cache_missed (bsc#1130972).
o bcache: treat stale and dirty keys as bad keys (bsc#1130972).
o bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#
1130972).
o bcache: update comment for bch_data_insert (bsc#1130972).
o bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
o bcache: use MAX_CACHES_PER_SET instead of magic number 8 in
__bch_bucket_alloc_set (bsc#1130972).
o bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
o bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
o bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
o bcache: writeback: properly order backing device IO (bsc#1130972).
o binfmt_elf: switch to new creds when switching to new mm (bnc#1012382).
o bitops: avoid integer overflow in GENMASK(_ULL) (bnc#1012382).
o block: check_events: do not bother with events if unsupported (bsc#
1110946).
o block: disk_events: introduce event flags (bsc#1110946).
o block: do not leak memory in bio_copy_user_iov() (bnc#1012382).
o block: fix use-after-free on gendisk (bsc#1136448).
o bluetooth: Align minimum encryption key size for LE and BR/EDR connections
(bnc#1012382).
o bluetooth: Fix decrementing reference count twice in releasing socket (bnc#
1012382).
o bnxt_en: Improve multicast address setup logic (bnc#1012382).
o bonding: fix arp_validate toggling in active-backup mode (bnc#1012382).
o bonding: fix event handling for stacked bonds (bnc#1012382).
o bonding: show full hw address in sysfs for slave entries (bnc#1012382).
o bpf: reject wrong sized filters earlier (bnc#1012382).
o bridge: Fix error path for kobject_init_and_add() (bnc#1012382).
o btrfs: Do not panic when we can't find a root key (bsc#1112063).
o btrfs: Factor out common delayed refs init code (bsc#1134813).
o btrfs: Introduce init_delayed_ref_head (bsc#1134813).
o btrfs: Open-code add_delayed_data_ref (bsc#1134813).
o btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
o btrfs: add a helper to return a head ref (bsc#1134813).
o btrfs: breakout empty head cleanup to a helper (bsc#1134813).
o btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: move all ref head cleanup to the helper function (bsc#1134813).
o btrfs: move extent_op cleanup to a helper (bsc#1134813).
o btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
o btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer
dereference (bsc#1134806).
o btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to
btrfs_qgroup_extent_record (bsc#1134162).
o btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release
(bsc#1134160).
o btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON()
(bsc#1134338).
o btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root
lifespan (bsc#1134651).
o btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
o btrfs: split delayed ref head initialization and addition (bsc#1134813).
o btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
o cdc-acm: cleaning up debug in data submission path (bsc#1136539).
o cdc-acm: fix race between reset and control messaging (bsc#1106110).
o cdc-acm: handle read pipe errors (bsc#1135878).
o cdc-acm: reassemble fragmented notifications (bsc#1136590).
o cdc-acm: store in and out pipes in acm structure (bsc#1136575).
o cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382).
o ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564).
o ceph: fix ci->i_head_snapc leak (bsc#1122776).
o ceph: fix use-after-free on symlink traversal (bsc#1134565).
o ceph: only use d_name directly when parent is locked (bsc#1134566).
o cifs: Fix NULL pointer dereference of devname (bnc#1012382).
o cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012382).
o cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#
1012382).
o cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#
1131565).
o cifs: use correct format characters (bnc#1012382).
o clk: fix mux clock documentation (bsc#1090888).
o coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382).
o cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012382 bsc#
1112178).
o cpupower: remove stringop-truncation waring (bsc#1119086).
o crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382).
o crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382).
o crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382).
o crypto: vmx - CTR: always increment IV as quadword (bsc#1135661, bsc#
1137162).
o crypto: vmx - fix copy-paste error in CTR mode (bsc#1135661, bsc#1137162).
o crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#
1137162).
o crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#
1137162).
o crypto: vmx: Only call enable_kernel_vsx() (bsc#1135661, bsc#1137162).
o crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382).
o debugfs: fix use-after-free on symlink traversal (bnc#1012382).
o device_cgroup: fix RCU imbalance in error case (bnc#1012382).
o dm thin: add sanity checks to thin-pool and external snapshot creation (bnc
#1012382).
o dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#
1012382).
o dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382).
o documentation: Add MDS vulnerability documentation (bnc#1012382).
o documentation: Add nospectre_v1 parameter (bnc#1012382).
o documentation: Correct the possible MDS sysfs values (bnc#1012382).
o documentation: Move L1TF to separate directory (bnc#1012382).
o drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#
1012382).
o drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#
1012382).
o drm/bridge: adv7511: Fix low refresh rate selection (bsc#1106929)
o drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#
1012382).
o drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929)
o drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929)
o drm/rockchip: shutdown drm subsystem on shutdown (bsc#1106929)
o drm/ttm: Remove warning about inconsistent mapping information (bnc#
1131488)
o drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#
1106929)
o drm/vc4: Account for interrupts in flight (bsc#1106929)
o drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#
1106929)
o drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#
1106929)
o drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#
1106929)
o drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929)
o drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929)
o drm/vc4: Fix memory leak during gpu reset. (bsc#1106929)
o drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929)
o drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929)
o drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#
1106929)
o drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929)
o drm/vc4: Fix scaling of uni-planar formats (bsc#1106929)
o drm/vc4: Fix the "no scaling" case on multi-planar YUV formats (bsc#
1106929)
o drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929)
o drm/vc4: Free hang state before destroying BO cache. (bsc#1106929)
o drm/vc4: Move IRQ enable to PM path (bsc#1106929)
o drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#
1106929)
o drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929)
o drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#
1106929)
o drm/vc4: fix a bounds check (bsc#1106929)
o drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#
1106929)
o drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to (bsc#
1106929)
o dt-bindings: rcar-dmac: Document missing error interrupt (bsc#1085535).
o e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ).
o e1000e: Add Support for CannonLake (bsc#1108293).
o e1000e: Fix -Wformat-truncation warnings (bnc#1012382).
o e1000e: Initial Support for CannonLake (bsc#1108293 ).
o enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382).
o exportfs: fix 'passing zero to ERR_PTR()' warning (bsc#1136458).
o ext4: Return EAGAIN in case of DIO is beyond end of file (bsc#1136810).
o ext4: actually request zeroing of inode table after grow (bsc#1136451).
o ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382).
o ext4: avoid panic during forced reboot due to aborted journal (bsc#
1126356).
o ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382).
o ext4: fix ext4_show_options for file systems w/o journal (bsc#1136452).
o ext4: fix use-after-free race with debug_want_extra_isize (bsc#1136449).
o ext4: make sure enough credits are reserved for dioread_nolock writes (bsc#
1136623).
o ext4: prohibit fstrim in norecovery mode (bnc#1012382).
o ext4: report real fs size after failed resize (bnc#1012382).
o ext4: wait for outstanding dio during truncate in nojournal mode (bsc#
1136438).
o f2fs: do not use mutex lock in atomic context (bnc#1012382).
o f2fs: fix to do sanity check with current segment number (bnc#1012382).
o fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#
1012382).
o fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382).
o fs/file.c: initialize init_files.resize_wait (bnc#1012382).
o fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012382).
o fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382).
o ftrace/x86_64: Emulate call function while updating in breakpoint handler
(bsc#1099658).
o genirq: Prevent use-after-free and work list corruption (bnc#1012382).
o genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#
1012382).
o gpio: gpio-omap: fix level interrupt idling (bnc#1012382).
o gpu: ipu-v3: dp: fix CSC handling (bnc#1012382).
o h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#
1012382).
o hid: debug: fix race condition with between rdesc_show() and device removal
(bnc#1012382).
o hid: input: add mapping for Expose/Overview key (bnc#1012382).
o hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bnc#
1012382).
o hugetlbfs: fix memory leak for resv_map (bnc#1012382).
o hwrng: virtio - Avoid repeated init of completion (bnc#1012382).
o i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#
1012382).
o ib/hfi1: Eliminate opcode tests on mr deref ().
o ib/hfi1: Unreserve a reserved request when it is completed ().
o ib/mlx4: Fix race condition between catas error reset and aliasguid flows
(bnc#1012382).
o ib/mlx4: Increase the timeout for CM cache (bnc#1012382).
o ib/rdmavt: Add wc_flags and wc_immdata to cq entry trace ().
o ib/rdmavt: Fix frwr memory registration ().
o igb: Fix WARN_ONCE on runtime suspend (bnc#1012382).
o iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382).
o iio: ad_sigma_delta: select channel when reading register (bnc#1012382).
o iio: adc: at91: disable adc channel interrupt in timeout case (bnc#
1012382).
o iio: adc: xilinx: fix potential use-after-free on remove (bnc#1012382).
o include/linux/bitrev.h: fix constant bitrev (bnc#1012382).
o include/linux/swap.h: use offsetof() instead of custom __swapoffset macro
(bnc#1012382).
o init: initialize jump labels before command line option parsing (bnc#
1012382).
o input: snvs_pwrkey - initialize necessary driver data before enabling IRQ
(bnc#1012382).
o io: accel: kxcjk1013: restore the range after resume (bnc#1012382).
o iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#
1135013).
o iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014).
o iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015).
o ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382).
o ipmi:ssif: compare block number correctly for multi-part return messages
(bsc#1135120).
o ipv4: Fix raw socket lookup for local traffic (bnc#1012382).
o ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
o ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382).
o ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012382).
o ipv4: recompile ip options in ipv4_link_failure (bnc#1012382).
o ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012382).
o ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012382).
o ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382).
o ipv6: fix a potential deadlock in do_ipv6_setsockopt() (bnc#1012382).
o ipv6: invert flowlabel sharing check in process and user mode (bnc#
1012382).
o ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382).
o ipvs: do not schedule icmp errors from tunnels (bnc#1012382).
o jffs2: fix use-after-free on symlink traversal (bnc#1012382).
o kABI: protect ring_buffer_read_prepare (kabi).
o kABI: protect struct tlb_state (kabi).
o kABI: protect struct usb_interface (kabi).
o kABI: restore ___ptrace_may_access (kabi).
o kABI: restore icmp_send (kabi).
o kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040)
o kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
o kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#
1137586).
o kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382).
o kbuild: simplify ld-option implementation (bnc#1012382).
o kconfig/[mn]conf: handle backspace (^H) key (bnc#1012382).
o kconfig: display recursive dependency resolution hint just once (bsc#
1100132).
o kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#
1012382).
o keys: Timestamp new keys (bsc#1120902).
o kprobes: Fix error check when reusing optimized probes (bnc#1012382).
o kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382).
o kprobes: Prohibit probing on bsearch() (bnc#1012382).
o kvm: fail KVM_SET_VCPU_EVENTS with invalid exception number (bnc#1012382).
o kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#
1012382).
o kvm: x86: avoid misreporting level-triggered irqs as edge-triggered in
tracing (bnc#1012382).
o leds: lp55xx: fix null deref on firmware load failure (bnc#1012382).
o lib/div64.c: off by one in shift (bnc#1012382).
o lib/int_sqrt: optimize initial value compute (bnc#1012382).
o lib/string.c: implement a basic bcmp (bnc#1012382).
o lib: add crc64 calculation routines (bsc#1130972).
o lib: do not depend on linux headers being installed (bsc#1130972).
o libata: fix using DMA buffers on stack (bnc#1012382).
o libnvdimm/btt: Fix a kmemdup failure check (bnc#1012382).
o lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
o mac80211: do not call driver wake_tx_queue op during reconfig (bnc#
1012382).
o mac80211_hwsim: validate number of different channels (bsc#1085539).
o md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212).
o media: mt9m111: set initial frame size other than 0x0 (bnc#1012382).
o media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#
1012382).
o media: pvrusb2: Prevent a buffer overflow (bsc#1135642).
o media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#
1012382).
o media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#
1012382).
o media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#
1012382).
o media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#
1012382).
o media: v4l2: i2c: ov7670: Fix PLL bypass register values (bnc#1012382).
o media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed
(bsc#1120902).
o mips: scall64-o32: Fix indirect syscall number load (bnc#1012382).
o mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382).
o mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382).
o mm/slab.c: kmemleak no scan alien caches (bnc#1012382).
o mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382).
o mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP
=n (bnc#1012382).
o mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified
(bnc#1012382).
o mmc: davinci: remove extraneous __init annotation (bnc#1012382).
o mmc: omap: fix the maximum timeout setting (bnc#1012382).
o modpost: file2alias: check prototype of handler (bnc#1012382).
o modpost: file2alias: go back to simple devtable lookup (bnc#1012382).
o mount: copy the port field into the cloned nfs_server structure (bsc#
1136990).
o mt7601u: bump supported EEPROM version (bnc#1012382).
o mtd: Fix comparison in map_word_andequal() (git-fixes).
o mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
o net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
o net/ibmvnic: Update carrier state after link state change (bsc#1135100).
o net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382).
o net: bridge: multicast: use rcu to access port list from
br_multicast_start_querier (bnc#1012382).
o net: ena: fix return value of ena_com_config_llq_info() (bsc#1117562).
o net: ethernet: ti: fix possible object reference leak (bnc#1012382).
o net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382).
o net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
(bnc#1012382).
o net: hns: Fix WARNING when remove HNS driver with SMMU enabled (bnc#
1012382).
o net: hns: Use NAPI_POLL_WEIGHT for hns driver (bnc#1012382).
o net: ibm: fix possible object reference leak (bnc#1012382).
o net: ks8851: Delay requesting IRQ until opened (bnc#1012382).
o net: ks8851: Dequeue RX packets explicitly (bnc#1012382).
o net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012382).
o net: ks8851: Set initial carrier state to down (bnc#1012382).
o net: rds: force to destroy connection if t_sock is NULL in
rds_tcp_kill_sock() (bnc#1012382).
o net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012382).
o net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#
1012382).
o net: xilinx: fix possible object reference leak (bnc#1012382).
o netfilter: bridge: set skb transport_header before entering
NF_INET_PRE_ROUTING (bnc#1012382).
o netfilter: compat: initialize all fields in xt_init (bnc#1012382).
o netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012382).
o netfilter: physdev: relax br_netfilter dependency (bnc#1012382).
o netns: provide pure entropy for net_hash_mix() (bnc#1012382).
o nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount
(git-fixes).
o nfs: Add missing encode / decode sequence_maxsz to v4.2 operations
(git-fixes).
o nfs: Fix I/O request leakages (git-fixes).
o nfs: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family (bnc#
1012382).
o nfs: clean up rest of reqs when failing to add one (git-fixes).
o nfsd: Do not release the callback slot unless it was actually held (bnc#
1012382).
o ntp: Allow TAI-UTC offset to be set to zero (bsc#1135642).
o nvme-fc: resolve io failures during connect (bsc#1116803).
o nvme: Do not allow to reset a reconnecting controller (bsc#1133874).
o ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382).
o openvswitch: fix flow actions reallocation (bnc#1012382).
o pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes).
o packet: Fix error path in packet_init (bnc#1012382).
o packet: validate msg_namelen in send directly (bnc#1012382).
o pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#
1012382).
o pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1137142).
o pci: Mark Atheros AR9462 to avoid bus reset (bsc#1135642).
o pci: xilinx-nwl: Add missing of_node_put() (bsc#1100132).
o perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382).
o perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382).
o perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#
1012382).
o perf tests: Fix a memory leak of cpu_map object in the
openat_syscall_event_on_all_cpus test (bnc#1012382).
o perf top: Fix error handling in cmd_top() (bnc#1012382).
o perf/core: Restore mmap record type correctly (bnc#1012382).
o perf/x86/intel: Allow PEBS multi-entry in watermark mode (git-fixes).
o perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS (bnc#
1012382).
o platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012382).
o powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (bnc#1012382).
o powerpc/64: Call setup_barrier_nospec() from setup_arch() (bnc#1012382 bsc#
1131107).
o powerpc/64: Make meltdown reporting Book3S 64 specific (bnc#1012382).
o powerpc/64s: Include cpu header (bnc#1012382).
o powerpc/booke64: set RI in default MSR (bnc#1012382).
o powerpc/fsl: Add FSL_PPC_BOOK3E as supported arch for nospectre_v2 boot arg
(bnc#1012382).
o powerpc/fsl: Add barrier_nospec implementation for NXP PowerPC Book3E (bnc#
1012382).
o powerpc/fsl: Add infrastructure to fixup branch predictor flush (bnc#
1012382).
o powerpc/fsl: Add macro to flush the branch predictor (bnc#1012382).
o powerpc/fsl: Add nospectre_v2 command line argument (bnc#1012382).
o powerpc/fsl: Emulate SPRN_BUCSR register (bnc#1012382).
o powerpc/fsl: Enable runtime patching if nospectre_v2 boot arg is used (bnc#
1012382).
o powerpc/fsl: Fix the flush of branch predictor (bnc#1012382).
o powerpc/fsl: Fixed warning: orphan section `__btb_flush_fixup' (bnc#
1012382).
o powerpc/fsl: Flush branch predictor when entering KVM (bnc#1012382).
o powerpc/fsl: Flush the branch predictor at each kernel entry (32 bit) (bnc#
1012382).
o powerpc/fsl: Flush the branch predictor at each kernel entry (64bit) (bnc#
1012382).
o powerpc/fsl: Sanitize the syscall table for NXP PowerPC 32 bit platforms
(bnc#1012382).
o powerpc/fsl: Update Spectre v2 reporting (bnc#1012382).
o powerpc/lib: fix book3s/32 boot failure due to code patching (bnc#1012382).
o powerpc/xmon: Add RFI flush related fields to paca dump (bnc#1012382).
o qede: fix write to free'd pointer error and double free of ptp (bsc#1019695
bsc#1019696).
o qlcnic: Avoid potential NULL pointer dereference (bnc#1012382).
o qmi_wwan: add Olicard 600 (bnc#1012382).
o rdma/iw_cxgb4: Fix the unchecked ep dereference (bsc#1005778 bsc#1005780
bsc#1005781).
o rdma/qedr: Fix out of bounds index check in query pkey (bsc#1022604).
o regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#
1012382).
o rsi: improve kernel thread handling to fix kernel panic (bnc#1012382).
o rtc: da9063: set uie_unsupported when relevant (bnc#1012382).
o rtc: sh: Fix invalid alarm warning for non-enabled alarm (bnc#1012382).
o s390/3270: fix lockdep false positive on view->lock (bnc#1012382).
o s390/dasd: Fix capacity calculation for large volumes (bnc#1012382).
o s390: ctcm: fix ctcm_new_device error return code (bnc#1012382).
o sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
(bnc#1012382).
o sc16is7xx: move label 'err_spi' to correct section (git-fixes).
o sched/fair: Do not re-read ->h_load_next during hierarchical load
calculation (bnc#1012382).
o sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#
1012382).
o sched/numa: Fix a possible divide-by-zero (bnc#1012382).
o sched: Add sched_smt_active() (bnc#1012382).
o scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#
1012382).
o scsi: csiostor: fix missing data copy in csio_scsi_err_handler() (bnc#
1012382).
o scsi: libsas: fix a race condition when smp task timeout (bnc#1012382).
o scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382).
o scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines
(bnc#1012382).
o scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012382).
o scsi: storvsc: Fix calculation of sub-channel count (bnc#1012382).
o scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN
(bnc#1012382).
o sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#
1012382).
o selftests/net: correct the return value for run_netsocktests (bnc#1012382).
o selinux: never allow relabeling on context mounts (bnc#1012382).
o serial: uartps: console_setup() can't be placed to init section (bnc#
1012382).
o slip: make slhc_free() silently accept an error pointer (bnc#1012382).
o soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382).
o soc: imx-sgtl5000: add missing put_device() (bnc#1012382).
o soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382).
o staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#
1012382).
o staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382).
o staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#
1012382).
o staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382).
o staging: iio: adt7316: allow adt751x to use internal vref for all dacs (bnc
#1012382).
o staging: iio: adt7316: fix the dac read calculation (bnc#1012382).
o staging: iio: adt7316: fix the dac write calculation (bnc#1012382).
o supported.conf: add lib/crc64 because bcache uses it
o sysctl: handle overflow for file-max (bnc#1012382).
o tcp: Ensure DCTCP reacts to losses (bnc#1012382).
o tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
o tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
o tcp: limit payload size of sacked skbs (bsc#1137586).
o tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
o tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382).
o team: fix possible recursive locking when add slaves (bnc#1012382).
o thermal/int340x_thermal: Add additional UUIDs (bnc#1012382).
o thermal/int340x_thermal: fix mode setting (bnc#1012382).
o timer/debug: Change /proc/timer_stats from 0644 to 0600 (bnc#1012382).
o tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
(bnc#1012382).
o tipc: check link name with right length in tipc_nl_compat_link_set (bnc#
1012382).
o tipc: handle the err returned from cmd header function (bnc#1012382).
o tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382).
o tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
o tools/power turbostat: return the exit status of a command (bnc#1012382).
o tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382).
o tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#
1012382).
o trace: Fix preempt_enable_no_resched() abuse (bnc#1012382).
o tracing: Fix partial reading of trace event's id file (bsc#1136573).
o tracing: kdb: Fix ftdump to not sleep (bnc#1012382).
o tty/serial: atmel: Add is_half_duplex helper (bnc#1012382).
o tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#
1012382).
o tty: increase the default flip buffer limit to 2*640K (bnc#1012382).
o tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382).
o uas: fix alignment of scatter/gather segments (bnc#1012382 bsc#1129770).
o uas: fix alignment of scatter/gather segments (bsc#1129770).
o ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#
1136455).
o usb: Add new USB LPM helpers (bsc#1129770).
o usb: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770).
o usb: cdc-acm: fix race during wakeup blocking TX traffic (bsc#1129770).
o usb: cdc-acm: fix unthrottle races (bsc#1135642).
o usb: chipidea: Grab the (legacy) usb PHY by phandle first (bnc#1012382).
o usb: core: Fix bug caused by duplicate interface PM usage counter (bnc#
1012382).
o usb: core: Fix unterminated string returned by usb_string() (bnc#1012382).
o usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012382).
o usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012382).
o usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012382).
o usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012382).
o usb: serial: fix unthrottle races (bnc#1012382).
o usb: serial: use variable for status (bnc#1012382).
o usb: u132-hcd: fix resource leak (bnc#1012382).
o usb: usbip: fix isoc packet num validation in get_pipe (bnc#1012382).
o usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bnc#
1012382).
o usb: yurex: Fix protection fault after device removal (bnc#1012382).
o usbnet: ipheth: fix potential null pointer dereference in
ipheth_carrier_set (bnc#1012382).
o usbnet: ipheth: prevent TX queue timeouts when device not ready (bnc#
1012382).
o vfio/pci: use correct format characters (bnc#1012382).
o vlan: disable SIOCSHWTSTAMP in container (bnc#1012382).
o vrf: sit mtu should not be updated when vrf netdev is the link (bnc#
1012382).
o wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#
1012382).
o x86/Kconfig: Select SCHED_SMT if SMP enabled (bnc#1012382).
o x86/MCE: Save microcode revision in machine check records (bnc#1012382).
o x86/bugs: Add AMD's SPEC_CTRL MSR usage (bnc#1012382).
o x86/bugs: Change L1TF mitigation string to match upstream (bnc#1012382).
o x86/bugs: Fix the AMD SSBD usage of the SPEC_CTRL MSR (bnc#1012382).
o x86/bugs: Switch the selection of mitigation from CPU vendor to CPU
features (bnc#1012382).
o x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#
1012382).
o x86/build: Specify elf_i386 linker emulation explicitly for i386 objects
(bnc#1012382).
o x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012382).
o x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#
1012382).
o x86/cpufeatures: Hide AMD-specific speculation flags (bnc#1012382).
o x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382).
o x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return
an error (bnc#1012382).
o x86/kprobes: Verify stack frame on kretprobe (bnc#1012382).
o x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012382).
o x86/microcode/intel: Add a helper which gives the microcode revision (bnc#
1012382).
o x86/microcode/intel: Check microcode revision before updating sibling
threads (bnc#1012382).
o x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bnc#
1012382).
o x86/microcode: Update the new microcode revision unconditionally (bnc#
1012382).
o x86/mm: Use WRITE_ONCE() when setting PTEs (bnc#1012382).
o x86/process: Consolidate and simplify switch_to_xtra() code (bnc#1012382).
o x86/speculataion: Mark command line parser data __initdata (bnc#1012382).
o x86/speculation/l1tf: Document l1tf in sysfs (bnc#1012382).
o x86/speculation/mds: Fix comment (bnc#1012382).
o x86/speculation/mds: Fix documentation typo (bnc#1012382).
o x86/speculation: Add command line control for indirect branch speculation
(bnc#1012382).
o x86/speculation: Add prctl() control for indirect branch speculation (bnc#
1012382).
o x86/speculation: Add seccomp Spectre v2 user space protection mode (bnc#
1012382).
o x86/speculation: Avoid __switch_to_xtra() calls (bnc#1012382).
o x86/speculation: Clean up spectre_v2_parse_cmdline() (bnc#1012382).
o x86/speculation: Disable STibP when enhanced IBRS is in use (bnc#1012382).
o x86/speculation: Enable prctl mode for spectre_v2_user (bnc#1012382).
o x86/speculation: Mark string arrays const correctly (bnc#1012382).
o x86/speculation: Move STIPB/ibPB string conditionals out of cpu_show_common
() (bnc#1012382).
o x86/speculation: Prepare arch_smt_update() for PRCTL mode (bnc#1012382).
o x86/speculation: Prepare for conditional ibPB in switch_mm() (bnc#1012382).
o x86/speculation: Prepare for per task indirect branch speculation control
(bnc#1012382).
o x86/speculation: Prevent stale SPEC_CTRL msr content (bnc#1012382).
o x86/speculation: Provide ibPB always command line options (bnc#1012382).
o x86/speculation: Remove SPECTRE_V2_ibRS in enum spectre_v2_mitigation (bnc#
1012382).
o x86/speculation: Remove unnecessary ret variable in cpu_show_common() (bnc#
1012382).
o x86/speculation: Rename SSBD update functions (bnc#1012382).
o x86/speculation: Reorder the spec_v2 code (bnc#1012382).
o x86/speculation: Reorganize speculation control MSRs update (bnc#1012382).
o x86/speculation: Split out TIF update (bnc#1012382).
o x86/speculation: Support 'mitigations=' cmdline option (bnc#1012382 bsc#
1112178).
o x86/speculation: Support Enhanced ibRS on future CPUs (bnc#1012382).
o x86/speculation: Unify conditional spectre v2 print functions (bnc#
1012382).
o x86/speculation: Update the TIF_SSBD comment (bnc#1012382).
o x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382).
o x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes).
o x86: vdso: Use $LD instead of $CC to link (bnc#1012382).
o x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
o x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
o xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382).
o xenbus: drop useless LIST_HEAD in xenbus_write_watch() and
xenbus_file_write() (bsc#1065600).
o xsysace: Fix error handling in ace_setup (bnc#1012382).
o xtensa: fix return_address (bnc#1012382).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Workstation Extension 12-SP3:
zypper in -t patch SUSE-SLE-WE-12-SP3-2019-1532=1
o SUSE Linux Enterprise Software Development Kit 12-SP3:
zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-1532=1
o SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-1532=1
o SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2019-1532=1
o SUSE Linux Enterprise High Availability 12-SP3:
zypper in -t patch SUSE-SLE-HA-12-SP3-2019-1532=1
o SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-1532=1
o SUSE CaaS Platform ALL:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will
inform you if it detects new updates and let you then trigger updating of
the complete cluster in a controlled way.
o SUSE CaaS Platform 3.0:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will
inform you if it detects new updates and let you then trigger updating of
the complete cluster in a controlled way.
Package List:
o SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
kernel-default-extra-4.4.180-94.97.1
kernel-default-extra-debuginfo-4.4.180-94.97.1
o SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-4.4.180-94.97.1
kernel-obs-build-debugsource-4.4.180-94.97.1
o SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):
kernel-docs-4.4.180-94.97.1
o SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-4.4.180-94.97.1
kernel-default-base-4.4.180-94.97.1
kernel-default-base-debuginfo-4.4.180-94.97.1
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
kernel-default-devel-4.4.180-94.97.1
kernel-syms-4.4.180-94.97.1
o SUSE Linux Enterprise Server 12-SP3 (noarch):
kernel-devel-4.4.180-94.97.1
kernel-macros-4.4.180-94.97.1
kernel-source-4.4.180-94.97.1
o SUSE Linux Enterprise Server 12-SP3 (s390x):
kernel-default-man-4.4.180-94.97.1
o SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_180-94_97-default-1-4.3.3
kgraft-patch-4_4_180-94_97-default-debuginfo-1-4.3.3
o SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.4.180-94.97.1
cluster-md-kmp-default-debuginfo-4.4.180-94.97.1
dlm-kmp-default-4.4.180-94.97.1
dlm-kmp-default-debuginfo-4.4.180-94.97.1
gfs2-kmp-default-4.4.180-94.97.1
gfs2-kmp-default-debuginfo-4.4.180-94.97.1
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
ocfs2-kmp-default-4.4.180-94.97.1
ocfs2-kmp-default-debuginfo-4.4.180-94.97.1
o SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
kernel-default-4.4.180-94.97.1
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
kernel-default-devel-4.4.180-94.97.1
kernel-default-extra-4.4.180-94.97.1
kernel-default-extra-debuginfo-4.4.180-94.97.1
kernel-syms-4.4.180-94.97.1
o SUSE Linux Enterprise Desktop 12-SP3 (noarch):
kernel-devel-4.4.180-94.97.1
kernel-macros-4.4.180-94.97.1
kernel-source-4.4.180-94.97.1
o SUSE CaaS Platform ALL (x86_64):
kernel-default-4.4.180-94.97.1
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
o SUSE CaaS Platform 3.0 (x86_64):
kernel-default-4.4.180-94.97.1
kernel-default-debuginfo-4.4.180-94.97.1
kernel-default-debugsource-4.4.180-94.97.1
References:
o https://www.suse.com/security/cve/CVE-2018-17972.html
o https://www.suse.com/security/cve/CVE-2018-7191.html
o https://www.suse.com/security/cve/CVE-2019-11190.html
o https://www.suse.com/security/cve/CVE-2019-11477.html
o https://www.suse.com/security/cve/CVE-2019-11478.html
o https://www.suse.com/security/cve/CVE-2019-11479.html
o https://www.suse.com/security/cve/CVE-2019-11486.html
o https://www.suse.com/security/cve/CVE-2019-11815.html
o https://www.suse.com/security/cve/CVE-2019-11833.html
o https://www.suse.com/security/cve/CVE-2019-11884.html
o https://www.suse.com/security/cve/CVE-2019-12382.html
o https://www.suse.com/security/cve/CVE-2019-3846.html
o https://www.suse.com/security/cve/CVE-2019-5489.html
o https://bugzilla.suse.com/1005778
o https://bugzilla.suse.com/1005780
o https://bugzilla.suse.com/1005781
o https://bugzilla.suse.com/1012382
o https://bugzilla.suse.com/1019695
o https://bugzilla.suse.com/1019696
o https://bugzilla.suse.com/1022604
o https://bugzilla.suse.com/1063638
o https://bugzilla.suse.com/1065600
o https://bugzilla.suse.com/1085535
o https://bugzilla.suse.com/1085539
o https://bugzilla.suse.com/1090888
o https://bugzilla.suse.com/1099658
o https://bugzilla.suse.com/1100132
o https://bugzilla.suse.com/1106110
o https://bugzilla.suse.com/1106284
o https://bugzilla.suse.com/1106929
o https://bugzilla.suse.com/1108293
o https://bugzilla.suse.com/1108838
o https://bugzilla.suse.com/1110785
o https://bugzilla.suse.com/1110946
o https://bugzilla.suse.com/1112063
o https://bugzilla.suse.com/1112178
o https://bugzilla.suse.com/1116803
o https://bugzilla.suse.com/1117562
o https://bugzilla.suse.com/1119086
o https://bugzilla.suse.com/1120642
o https://bugzilla.suse.com/1120843
o https://bugzilla.suse.com/1120902
o https://bugzilla.suse.com/1122776
o https://bugzilla.suse.com/1126040
o https://bugzilla.suse.com/1126356
o https://bugzilla.suse.com/1128052
o https://bugzilla.suse.com/1129138
o https://bugzilla.suse.com/1129770
o https://bugzilla.suse.com/1130972
o https://bugzilla.suse.com/1131107
o https://bugzilla.suse.com/1131488
o https://bugzilla.suse.com/1131565
o https://bugzilla.suse.com/1132212
o https://bugzilla.suse.com/1132472
o https://bugzilla.suse.com/1133188
o https://bugzilla.suse.com/1133874
o https://bugzilla.suse.com/1134160
o https://bugzilla.suse.com/1134162
o https://bugzilla.suse.com/1134338
o https://bugzilla.suse.com/1134537
o https://bugzilla.suse.com/1134564
o https://bugzilla.suse.com/1134565
o https://bugzilla.suse.com/1134566
o https://bugzilla.suse.com/1134651
o https://bugzilla.suse.com/1134760
o https://bugzilla.suse.com/1134806
o https://bugzilla.suse.com/1134813
o https://bugzilla.suse.com/1134848
o https://bugzilla.suse.com/1135013
o https://bugzilla.suse.com/1135014
o https://bugzilla.suse.com/1135015
o https://bugzilla.suse.com/1135100
o https://bugzilla.suse.com/1135120
o https://bugzilla.suse.com/1135281
o https://bugzilla.suse.com/1135603
o https://bugzilla.suse.com/1135642
o https://bugzilla.suse.com/1135661
o https://bugzilla.suse.com/1135878
o https://bugzilla.suse.com/1136424
o https://bugzilla.suse.com/1136438
o https://bugzilla.suse.com/1136448
o https://bugzilla.suse.com/1136449
o https://bugzilla.suse.com/1136451
o https://bugzilla.suse.com/1136452
o https://bugzilla.suse.com/1136455
o https://bugzilla.suse.com/1136458
o https://bugzilla.suse.com/1136539
o https://bugzilla.suse.com/1136573
o https://bugzilla.suse.com/1136575
o https://bugzilla.suse.com/1136586
o https://bugzilla.suse.com/1136590
o https://bugzilla.suse.com/1136623
o https://bugzilla.suse.com/1136810
o https://bugzilla.suse.com/1136935
o https://bugzilla.suse.com/1136990
o https://bugzilla.suse.com/1137142
o https://bugzilla.suse.com/1137162
o https://bugzilla.suse.com/1137586
o https://bugzilla.suse.com/843419
- ------------------------------------------------------------------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:1529-1
Rating: important
References: #1012382 #1050242 #1051510 #1053043 #1055186 #1056787
#1058115 #1063638 #1064802 #1065600 #1065729 #1066129
#1068546 #1071995 #1075020 #1082387 #1083647 #1085535
#1099658 #1103992 #1104353 #1104427 #1106011 #1106284
#1108193 #1108838 #1108937 #1110946 #1111696 #1112063
#1113722 #1114427 #1115688 #1117158 #1117561 #1118139
#1119843 #1120091 #1120423 #1120566 #1120843 #1120902
#1122776 #1123454 #1123663 #1124503 #1124839 #1126356
#1127616 #1128052 #1128904 #1128979 #1129138 #1129273
#1129497 #1129693 #1129770 #1130579 #1130699 #1130972
#1131326 #1131451 #1131488 #1131565 #1131673 #1132044
#1133176 #1133188 #1133190 #1133320 #1133612 #1133616
#1134160 #1134162 #1134199 #1134200 #1134201 #1134202
#1134203 #1134204 #1134205 #1134354 #1134393 #1134459
#1134460 #1134461 #1134537 #1134597 #1134651 #1134671
#1134760 #1134806 #1134810 #1134813 #1134848 #1134936
#1135006 #1135007 #1135008 #1135056 #1135100 #1135120
#1135278 #1135281 #1135309 #1135312 #1135314 #1135315
#1135316 #1135320 #1135323 #1135330 #1135492 #1135542
#1135556 #1135603 #1135642 #1135661 #1135758 #1136206
#1136424 #1136428 #1136430 #1136432 #1136434 #1136435
#1136438 #1136439 #1136477 #1136478 #1136573 #1136586
#1136881 #1136935 #1136990 #1137151 #1137152 #1137153
#1137162 #1137372 #1137444 #1137586 #1137739 #1137752
Cross-References: CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11477
CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487
CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382
CVE-2019-3846 CVE-2019-5489
Affected Products:
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Basesystem 15
SUSE Linux Enterprise High Availability 15
______________________________________________________________________________
An update that solves 14 vulnerabilities and has 130 fixes is now available.
Description:
The SUSE Linux Enterprise 15 kernel was updated to receive various security and
bugfixes.
The following security bugs were fixed:
o CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic.
o CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able
to further exploit the fragmented queue to cause an expensive linked-list
walk for subsequent SACKs received for that same TCP connection.
o CVE-2019-11479: An attacker could force the Linux kernel to segment its
responses into multiple TCP segments. This would drastically increased the
bandwidth required to deliver the same amount of data. Further, it would
consume additional resources such as CPU and NIC processing power.
o CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and
possibly escalate privileges was found in the mwifiex kernel module while
connecting to a malicious wireless network. (bnc#1136424)
o CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked
kstrdup of fwstr, which might have allowed an attacker to cause a denial of
service (NULL pointer dereference and system crash). (bnc#1136586)
o CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of
other processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.)
Limited remote exploitation may have been possible, as demonstrated by
latency differences in accessing public files from an Apache HTTP Server.
(bnc#1120843)
o CVE-2019-11487: The Linux kernel allowed page reference count overflow,
with resultant use-after-free issues, if about 140 GiB of RAM existed. It
could have occured with FUSE requests. (bnc#1133190)
o CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might have allowed
local users to obtain sensitive information by reading uninitialized data
in the filesystem. (bnc#1135281)
o CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name
was not called before register_netdevice. This allowed local users to cause
a denial of service (NULL pointer dereference and panic) via an ioctl
(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
o CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915
Graphics for Linux may have allowed an authenticated user to potentially
enable escalation of privilege via local access. (bnc#1135278)
o CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/
tcp.c in the Linux kernel There was a race condition leading to a
use-after-free, related to net namespace cleanup. (bnc#1134537)
o CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/
sock.c in the Linux kernel allowed a local user to obtain potentially
sensitive information from kernel stack memory via a HIDPCONNADD command,
because a name field may not end with a '\0' character. (bnc#1134848)
o CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/
n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
o 9p locks: add mount option for lock retry interval (bsc#1051510).
o acpi / utils: Drop reference in test for device presence (bsc#1051510).
o acpi: button: reinitialize button state upon resume (bsc#1051510).
o acpi: fix menuconfig presentation of ACPI submenu (bsc#1117158).
o acpicA: AML interpreter: add region addresses in global list during
initialization (bsc#1051510).
o acpica: Namespace: remove address node from global list after method
termination (bsc#1051510).
o alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
o alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
o alsa: hda - Register irq handler after the chip initialization (bsc#
1051510).
o alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
o alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#
1051510).
o alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#
1051510).
o alsa: hda/realtek - Add new Dell platform for headset mode (bsc#1051510).
o alsa: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510).
o alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
o alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: hda/realtek - EAPD turn on later (bsc#1051510).
o alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
(bsc#1051510).
o alsa: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510).
o alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#
1051510).
o alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#
1051510).
o alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
o alsa: line6: use dynamic buffers (bsc#1051510).
o alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
o alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#
1051510).
o alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
o alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#
1051510).
o alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
o alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
o alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
o alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
o alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
o alsa: timer: Coding style fixes (bsc#1051510).
o alsa: timer: Make snd_timer_close() really kill pending actions (bsc#
1051510).
o alsa: timer: Make sure to clear pending ack list (bsc#1051510).
o alsa: timer: Revert active callback sync check at close (bsc#1051510).
o alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
o alsa: timer: Unify timer callback process code (bsc#1051510).
o alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
o alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
(bsc#1051510).
o alsa: usx2y: fix a double free bug (bsc#1051510).
o appletalk: Fix compile regression (bsc#1051510).
o appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
o arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
o arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
table (bsc#1117158).
o arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
o arm64: acpi: fix alignment fault in accessing ACPI (bsc#1117158).
o arm64: fix ACPI dependencies (bsc#1117158).
o arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
o arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#
1051510).
o arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
o arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
o arm: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be
uninitialized (bsc#1051510).
o arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#
1051510).
o arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
o arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
(bsc#1051510).
o arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
o arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
o arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
o arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
o arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
(bsc#1051510).
o asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
o asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
o asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
o asoc: fix valid stream condition (bsc#1051510).
o asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
o asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
o asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
o asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
o asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
o asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#
1051510).
o asoc: stm32: fix sai driver name initialisation (bsc#1051510).
o asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
o asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
o asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
o at76c50x-usb: Do not register led_trigger if usb_register_driver failed
(bsc#1051510).
o audit: fix a memleak caused by auditing load module (bsc#1051510).
o b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
o backlight: lm3630a: Return 0 on success in update_status functions (bsc#
1051510).
o bcache: Move couple of functions to sysfs.c (bsc#1130972).
o bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
o bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
o bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#
1130972).
o bcache: account size of buckets used in uuid write to ca->
meta_sectors_written (bsc#1130972).
o bcache: add MODULE_DESCRIPTION information (bsc#1130972).
o bcache: add a comment in super.c (bsc#1130972).
o bcache: add code comments for bset.c (bsc#1130972).
o bcache: add comment for cache_set->fill_iter (bsc#1130972).
o bcache: add identifier names to arguments of function definitions (bsc#
1130972).
o bcache: add missing SPDX header (bsc#1130972).
o bcache: add separate workqueue for journal_write to avoid deadlock (bsc#
1130972).
o bcache: add static const prefix to char * array declarations (bsc#1130972).
o bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#
1130972).
o bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
o bcache: cannot set writeback_running via sysfs if no writeback kthread
created (bsc#1130972).
o bcache: correct dirty data statistics (bsc#1130972).
o bcache: do not assign in if condition in bcache_init() (bsc#1130972).
o bcache: do not assign in if condition register_bcache() (bsc#1130972).
o bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#
1130972).
o bcache: do not check if debug dentry is ERR or NULL explicitly on remove
(bsc#1130972).
o bcache: do not clone bio in bch_data_verify (bsc#1130972).
o bcache: do not mark writeback_running too early (bsc#1130972).
o bcache: export backing_dev_name via sysfs (bsc#1130972).
o bcache: export backing_dev_uuid via sysfs (bsc#1130972).
o bcache: fix code comments style (bsc#1130972).
o bcache: fix indent by replacing blank by tabs (bsc#1130972).
o bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
o bcache: fix input integer overflow of congested threshold (bsc#1130972).
o bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
o bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#
1130972).
o bcache: fix input overflow to journal_delay_ms (bsc#1130972).
o bcache: fix input overflow to sequential_cutoff (bsc#1130972).
o bcache: fix input overflow to writeback_delay (bsc#1130972).
o bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
o bcache: fix ioctl in flash device (bsc#1130972).
o bcache: fix mistaken code comments in bcache.h (bsc#1130972).
o bcache: fix mistaken comments in request.c (bsc#1130972).
o bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#
1130972).
o bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#
1130972).
o bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
o bcache: fix typo in code comments of closure_return_with_destructor() (bsc#
1130972).
o bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
o bcache: introduce force_wake_up_gc() (bsc#1130972).
o bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#
1130972).
o bcache: move open brace at end of function definitions to next line (bsc#
1130972).
o bcache: never writeback a discard operation (bsc#1130972).
o bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc
#1130972).
o bcache: option to automatically run gc thread after writeback (bsc#
1130972).
o bcache: panic fix for making cache device (bsc#1130972).
o bcache: prefer 'help' in Kconfig (bsc#1130972).
o bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
o bcache: recal cached_dev_sectors on detach (bsc#1130972).
o bcache: remove unnecessary space before ioctl function pointer arguments
(bsc#1130972).
o bcache: remove unused bch_passthrough_cache (bsc#1130972).
o bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
o bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
o bcache: replace Symbolic permissions by octal permission numbers (bsc#
1130972).
o bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
o bcache: replace printk() by pr_*() routines (bsc#1130972).
o bcache: set writeback_percent in a flexible range (bsc#1130972).
o bcache: split combined if-condition code into separate ones (bsc#1130972).
o bcache: stop bcache device when backing device is offline (bsc#1130972).
o bcache: stop using the deprecated get_seconds() (bsc#1130972).
o bcache: style fix to add a blank line after declarations (bsc#1130972).
o bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
o bcache: style fixes for lines over 80 characters (bsc#1130972).
o bcache: treat stale and dirty keys as bad keys (bsc#1130972).
o bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#
1130972).
o bcache: update comment for bch_data_insert (bsc#1130972).
o bcache: update comment in sysfs.c (bsc#1130972).
o bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
o bcache: use MAX_CACHES_PER_SET instead of magic number 8 in
__bch_bucket_alloc_set (bsc#1130972).
o bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
o bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
o bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
o block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
o block: check_events: do not bother with events if unsupported (bsc#1110946,
bsc#1119843).
o block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
o block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
o block: fix the return errno for direct IO (bsc#1135320).
o block: fix use-after-free on gendisk (bsc#1135312).
o bluetooth: Align minimum encryption key size for LE and BR/EDR connections
(bsc#1051510).
o bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#
1135556).
o bluetooth: hidp: fix buffer overflow (bsc#1051510).
o bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
(bsc#1050242).
o bnxt_en: Improve RX consumer index validity check
(networking-stable-19_04_10).
o bnxt_en: Improve multicast address setup logic
(networking-stable-19_05_04).
o bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
o bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
o bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#
1083647).
o bpf: Add missed newline in verifier verbose log (bsc#1056787).
o bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#
1083647).
o brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
o btrfs: Do not panic when we can't find a root key (bsc#1112063).
o btrfs: Factor out common delayed refs init code (bsc#1134813).
o btrfs: Introduce init_delayed_ref_head (bsc#1134813).
o btrfs: Open-code add_delayed_data_ref (bsc#1134813).
o btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
o btrfs: add a helper to return a head ref (bsc#1134813).
o btrfs: breakout empty head cleanup to a helper (bsc#1134813).
o btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: do not allow trimming when a fs is mounted with the nologreplay
option (bsc#1135758).
o btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
o btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: fix fsync not persisting changed attributes of a directory (bsc#
1137151).
o btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#
1136477).
o btrfs: fix race updating log root item during fsync (bsc#1137153).
o btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#
1137152).
o btrfs: improve performance on fsync of files with multiple hardlinks (bsc#
1123454).
o btrfs: move all ref head cleanup to the helper function (bsc#1134813).
o btrfs: move extent_op cleanup to a helper (bsc#1134813).
o btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
o btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer
dereference (bsc#1134806).
o btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to
btrfs_qgroup_extent_record (bsc#1134162).
o btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release
(bsc#1134160).
o btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON()
(bsc#1133612).
o btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
o btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
o btrfs: split delayed ref head initialization and addition (bsc#1134813).
o btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
o btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#
1136478).
o ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
o ceph: fix ci->i_head_snapc leak (bsc#1122776).
o ceph: fix use-after-free on symlink traversal (bsc#1134459).
o ceph: only use d_name directly when parent is locked (bsc#1134460).
o cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#
1131565).
o clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
o clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
o configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
o configfs: fix possible use-after-free in configfs_register_group (bsc#
1051510).
o crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
o crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#
1051510).
o crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bsc#
1051510).
o crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#
1051510).
o crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
o crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#
1051510).
o crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
o crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bsc#
1051510).
o crypto: skcipher - do not WARN on unprocessed data after slow walk step
(bsc#1051510).
o crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
o crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
o crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
o crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#
1137162).
o crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#
1137162).
o crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#
1051510).
o dccp: Fix memleak in __feat_register_sp (bsc#1051510).
o dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o debugfs: fix use-after-free on symlink traversal (bsc#1051510).
o devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
o dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#
1051510).
o dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
o documentation: Add MDS vulnerability documentation (bsc#1135642).
o drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
o drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
o drm/etnaviv: lock MMU while dumping core (bsc#1113722)
o drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
o drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
o drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
o drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#
1113722)
o drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#
1113722)
o drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
o drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware
(bsc#1051510).
o drm/i915/gvt: refine ggtt range validation (bsc#1113722)
o drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
o drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
o drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
o drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
o drm/mediatek: fix possible object reference leak (bsc#1051510).
o drm/meson: add size and alignment requirements for dumb buffers (bnc#
1113722)
o drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
o drm/rockchip: fix for mailbox read validation (bsc#1051510).
o drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
o drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
o drm/ttm: Remove warning about inconsistent mapping information (bnc#
1131488)
o drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc
#1051510).
o drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#
1113722)
o drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an
invalid read (bsc#1051510).
o dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
o dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
o dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#
1085535).
o dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings
(bsc#1129770).
o dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
o dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#
1051510).
o efi/arm: Defer persistent reservations until after paging_init() (bsc#
1117158).
o efi/arm: Do not mark ACPI reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc
#1115688 bsc#1120566).
o efi/arm: Revert "Defer persistent reservations until after paging_init()"
(bsc#1117158).
o efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
o efi/arm: libstub: add a root memreserve config table (bsc#1117158).
o efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#
1117158).
o efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#
1117158).
o efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#
1117158).
o efi: Permit multiple entries in persistent memreserve data structure (bsc#
1117158).
o efi: Prevent GICv3 WARN() by mapping the memreserve table before first use
(bsc#1117158).
o efi: Reduce the amount of memblock reservations for persistent allocations
(bsc#1117158).
o efi: add API to reserve memory persistently across kexec reboot (bsc#
1117158).
o efi: honour memory reservations passed via a linux specific config table
(bsc#1117158).
o ext4: actually request zeroing of inode table after grow (bsc#1135315).
o ext4: avoid panic during forced reboot due to aborted journal (bsc#
1126356).
o ext4: fix data corruption caused by overlapping unaligned and aligned IO
(bsc#1136428).
o ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
o ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
o ext4: make sanity check in mballoc more strict (bsc#1136439).
o ext4: wait for outstanding dio during truncate in nojournal mode (bsc#
1136438).
o fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
o fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
o firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
o fix rtnh_ok() (git-fixes).
o fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
o fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount (bsc#1136435).
o ftrace/x86_64: Emulate call function while updating in breakpoint handler
(bsc#1099658).
o genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
o ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
o gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
o gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
o hid: debug: fix race condition with between rdesc_show() and device removal
(bsc#1051510).
o hid: input: add mapping for "Toggle Display" key (bsc#1051510).
o hid: input: add mapping for Assistant key (bsc#1051510).
o hid: input: add mapping for Expose/Overview key (bsc#1051510).
o hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#
1051510).
o hid: logitech: check the return value of create_singlethread_workqueue (bsc
#1051510).
o hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193).
o ibmvnic: Add device identification to requested IRQs (bsc#1137739).
o ibmvnic: Do not close unopened driver during reset (bsc#1137752).
o ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
o ibmvnic: Refresh device multicast list after reset (bsc#1137752).
o ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
o igmp: fix incorrect unsolicit report count when join group (git-fixes).
o iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
o indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#
1124503).
o inetpeer: fix uninit-value in inet_getpeer (git-fixes).
o input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#
1051510).
o input: introduce KEY_ASSISTANT (bsc#1051510).
o input: synaptics-rmi4 - fix possible double free (bsc#1051510).
o intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
o intel_th: pci: Add Comet Lake support (bsc#1051510).
o iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump
kernel (bsc#1117158).
o iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#
1134671).
o iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#
1135006).
o iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
o iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
o ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
(networking-stable-19_04_10).
o ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address
(git-fixes).
o ip_gre: fix parsing gre header in ipgre_err (git-fixes).
o ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
o ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
o ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193).
o ipmi:ssif: compare block number correctly for multi-part return messages
(bsc#1051510).
o ipmi_ssif: Remove duplicate NULL check (bsc#1108193).
o ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
(git-fixes).
o ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
o ipv4: ensure rcu_read_lock() in ipv4_link_failure()
(networking-stable-19_04_19).
o ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
(networking-stable-19_05_04).
o ipv4: recompile ip options in ipv4_link_failure
(networking-stable-19_04_19).
o ipv4: set the tcp_min_rtt_wlen range from 0 to one day
(networking-stable-19_04_30).
o ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
o ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
o ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
o ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
o ipv6: mcast: fix unsolicited report interval after receiving querys
(git-fixes).
o ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
o ipvlan: fix ipv6 outbound device (bsc#1051510).
o ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
o ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
o ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
o ipvs: fix buffer overflow with sync daemon and service (git-fixes).
o ipvs: fix check on xmit to non-local addresses (git-fixes).
o ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
o ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
o ipvs: fix stats update from local clients (git-fixes).
o iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
o jbd2: check superblock mapped prior to committing (bsc#1136430).
o kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
o kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#
1051510).
o kABI: protect dma-mapping.h include (kabi).
o kABI: protect ip_options_rcv_srr (kabi).
o kABI: protect struct mlx5_td (kabi).
o kABI: protect struct pci_dev (kabi).
o kabi: drop LINUX_MIB_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
o kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
o kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#
1137586)
o kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
o kernel/sys.c: prctl: fix false positive in validate_prctl_map()
(git-fixes).
o kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
(bsc#1051510).
o kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#
1051510).
o keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
o kmsg: Update message catalog to latest IBM level (2019/03/08) (bsc#1128904
LTC#176078).
o kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
o kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#
1134202).
o kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
o kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#
1134201).
o kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
o kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
o kvm: s390: use created_vcpus in more places (bsc#1136206).
o kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
o kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#
1134203).
o kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#
1134204).
o kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#
1134205).
o l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
o l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
o l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
o l2tp: revert "l2tp: fix missing print session offset info" (bsc#1051510).
o leds: avoid races with workqueue (bsc#1051510).
o leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
o lib: add crc64 calculation routines (bsc#1130972).
o lib: do not depend on linux headers being installed (bsc#1130972).
o libata: fix using DMA buffers on stack (bsc#1051510).
o linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#
1051510).
o livepatch: Convert error about unsupported reliable stacktrace into a
warning (bsc#1071995).
o livepatch: Remove custom kobject state handling (bsc#1071995).
o livepatch: Remove duplicated code for early initialization (bsc#1071995).
o lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
o mISDN: Check address length before reading address family (bsc#1051510).
o mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
o mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
o mac8390: Fix mmio access size probe (bsc#1051510).
o md: fix invalid stored role for a disk (bsc#1051510).
o media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
o media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
o media: cx23885: check allocation return (bsc#1051510).
o media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
o media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
o media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
o media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#
1051510).
o media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
o media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
o media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#
1051510).
o media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
(bsc#1051510).
o media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#
1051510).
o media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
o media: wl128x: prevent two potential buffer overflows (bsc#1051510).
o memcg: make it work on sparse non-0-node systems (bnc#1133616).
o memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
o mlxsw: spectrum: Fix autoneg status in ethtool
(networking-stable-19_04_30).
o mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned
addresses (bsc#1135330).
o mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
o mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
o mmc: block: Delete gendisk before cleaning up the request queue (bsc#
1127616).
o mmc: core: fix possible use after free of host (bsc#1051510).
o mount: copy the port field into the cloned nfs_server structure (bsc#
1136990).
o mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#
1051510).
o mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
o mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol
(bsc#1051510).
o mtd: part: fix incorrect format specifier for an unsigned long long (bsc#
1051510).
o mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
(bsc#1129770).
o mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
o mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
o mwifiex: Fix possible buffer overflows at parsing bss descriptor
o mwifiex: prevent an array overflow (bsc#1051510).
o mwl8k: Fix rate_idx underflow (bsc#1051510).
o neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
o net-gro: Fix GRO flush when receiving a GSO packet
(networking-stable-19_04_10).
o net/ibmvnic: Remove tests of member address (bsc#1137739).
o net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
o net/ibmvnic: Update carrier state after link state change (bsc#1135100).
o net/ipv4: defensive cipso option parsing (git-fixes).
o net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev
(git-fixes).
o net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
o net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
o net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
o net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
o net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
o net/mlx5e: Fix error handling when refreshing TIRs
(networking-stable-19_04_10).
o net/mlx5e: Fix trailing semicolon (bsc#1075020).
o net/mlx5e: IPoIB, Reset QP after channels are closed (bsc#1075020).
o net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
(networking-stable-19_04_30).
o net/rose: fix unbound loop in rose_loopback_timer()
(networking-stable-19_04_30).
o net/sched: act_sample: fix divide by zero in the traffic path
(networking-stable-19_04_10).
o net/sched: do not dereference a->goto_chain to read the chain index (bsc#
1064802 bsc#1066129).
o net/sched: fix ->get helper of the matchall cls
(networking-stable-19_04_10).
o net: Fix a bug in removing queues from XPS map (git-fixes).
o net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
(networking-stable-19_03_28).
o net: atm: Fix potential Spectre v1 vulnerabilities
(networking-stable-19_04_19).
o net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
o net: do not keep lonely packets forever in the gro hash (git-fixes).
o net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
(networking-stable-19_05_04).
o net: dsa: legacy: do not unmask port bitmaps (git-fixes).
o net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
(git-fixes).
o net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#
1117561).
o net: ethtool: not call vzalloc for zero sized memory request
(networking-stable-19_04_10).
o net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
o net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
(networking-stable-19_04_19).
o net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#
1104353 bsc#1135056).
o net: initialize skb->peeked when cloning (git-fixes).
o net: make skb_partial_csum_set() more robust against overflows (git-fixes).
o net: phy: marvell: Fix buffer overrun with stats counters
(networking-stable-19_05_04).
o net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
o net: rose: fix a possible stack overflow (networking-stable-19_03_28).
o net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
o net: stmmac: fix memory corruption with large MTUs
(networking-stable-19_03_28).
o net: stmmac: move stmmac_check_ether_addr() to driver probe
(networking-stable-19_04_30).
o net: test tailroom before appending to linear skb (git-fixes).
o net: thunderx: do not allow jumbo frames with XDP
(networking-stable-19_04_19).
o net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
o net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
o net: use indirect call wrappers at GRO network layer (bsc#1124503).
o net: use indirect call wrappers at GRO transport layer (bsc#1124503).
o netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev
(git-fixes).
o netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
o netfilter: bridge: ebt_among: add more missing match size checks
(git-fixes).
o netfilter: drop template ct when conntrack is skipped (git-fixes).
o netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
(git-fixes).
o netfilter: ebtables: handle string from userspace with care (git-fixes).
o netfilter: ebtables: reject non-bridge targets (git-fixes).
o netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
(git-fixes).
o netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
o netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
o netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
(git-fixes).
o netfilter: nf_tables: can't fail after linking rule into active rule list
(git-fixes).
o netfilter: nf_tables: check msg_type before nft_trans_set(trans)
(git-fixes).
o netfilter: nf_tables: fix NULL pointer dereference on
nft_ct_helper_obj_dump() (git-fixes).
o netfilter: nf_tables: fix leaking object reference count (git-fixes).
o netfilter: nf_tables: release chain in flushing set (git-fixes).
o netfilter: nft_compat: do not dump private area (git-fixes).
o netfilter: x_tables: initialise match/target check parameter struct
(git-fixes).
o netlink: fix uninit-value in netlink_sendmsg (git-fixes).
o nfs: Add missing encode / decode sequence_maxsz to v4.2 operations
(git-fixes).
o nfs: add module option to limit NFSv4 minor version (jsc#PM-231).
o nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#
1051510).
o nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#
1129273).
o nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#
1120423).
o nvme: Do not remove namespaces during reset (bsc#1131673).
o nvme: flush scan_work when resetting controller (bsc#1131673).
o objtool: Fix function fallthrough detection (bsc#1058115).
o ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
o ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on
OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
o of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
o omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
o openvswitch: add seqadj extension when NAT is used (bsc#1051510).
o openvswitch: fix flow actions reallocation (bsc#1051510).
o p54: drop device reference count if fails to enable device (bsc#1135642).
o packet: fix reserve calculation (git-fixes).
o packet: in packet_snd start writing at link layer allocation (git-fixes).
o packet: refine ring v3 block size test to hold one frame (git-fixes).
o packet: reset network header if packet shorter than ll reserved space
(git-fixes).
o packet: validate msg_namelen in send directly (git-fixes).
o packets: Always register packet sk in the same order
(networking-stable-19_03_28).
o pci: Factor out pcie_retrain_link() function (git-fixes).
o pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
o pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
o pci: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum
(git-fixes).
o pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent()
(git-fixes).
o phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#
1051510).
o platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
o platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
o platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
o platform/x86: intel_punit_ipc: Revert "Fix resource ioremap warning" (bsc#
1051510).
o platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI
table (bsc#1051510).
o platform/x86: pmc_atom: Add several Beckhoff Automation boards to
critclk_systems DMI table (bsc#1051510).
o platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
o platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
o power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc
#1051510).
o power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
o powerpc/64s: Fix page table fragment refcount race vs speculative
references (bsc#1131326, bsc#1108937).
o powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
o powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186,
git-fixes).
o powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186,
git-fixes).
o powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes).
o powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
o powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
o powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
o powerpc/process: Fix sparse address space warnings (bsc#1065729).
o powerpc: Always initialize input array when calling epapr_hypercall() (bsc#
1065729).
o powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
o proc/kcore: do not bounds check against address 0 (bsc#1051510).
o proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
o proc: revalidate kernel thread inodes to root:root (bsc#1051510).
o ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
(git-fixes).
o pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
o pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
o pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
o pwm: meson: Use the spin-lock only to protect register modifications (bsc#
1051510).
o pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
o qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
o qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
o qmi_wwan: add Olicard 600 (bsc#1051510).
o rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
o rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387,
bsc#1103992).
o regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#
1051510).
o rt2x00: do not increment sequence number while re-transmitting (bsc#
1051510).
o rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
o rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
o rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
o rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
o rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket
(git-fixes).
o s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
o sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
(bsc#1051510).
o sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
o sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
o scripts: override locale from environment when running recordmcount.pl (bsc
#1134354).
o scsi: qedf: fixup bit operations (bsc#1135542).
o scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
o scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
o scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#
1130579).
o scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
o scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
o scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
o scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
o scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
o scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#
1137444).
o scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#
1137444).
o scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res'
(bsc#1137444).
o scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#
1137444).
o scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
o scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#
1137444).
o scsi: qla2xxx: Remove unused symbols (bsc#1118139).
o scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
o scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
o scsi: qla2xxx: fix error message (bsc#1118139).
o scsi: qla2xxx: fix spelling mistake: "existant" -> "existent" (bsc#
1118139).
o scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
o scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
o scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
o scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing
them (bsc#1137444).
o sctp: avoid running the sctp state machine recursively
(networking-stable-19_05_04).
o sctp: fix identification of new acks for SFR-CACC (git-fixes).
o sctp: get sctphdr by offset in sctp_compute_cksum
(networking-stable-19_03_28).
o sctp: initialize _pad of sockaddr_in before copying to user memory
(networking-stable-19_04_10).
o sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
o selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
o serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
o serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
o serial: uartps: console_setup() can't be placed to init section (bsc#
1051510).
o signal: Always notice exiting tasks (git-fixes).
o signal: Better detection of synchronous signals (git-fixes).
o signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
o soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
o soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#
1051510).
o spi: Micrel eth switch: declare missing of table (bsc#1051510).
o spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
o spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
o spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#
1051510).
o spi: bcm2835aux: setup gpio-cs to output and correct level during setup
(bsc#1051510).
o spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#
1051510).
o spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
o ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#
1051510).
o staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#
1051510).
o stm class: Fix an endless loop in channel allocation (bsc#1051510).
o stm class: Fix channel free in stm output free path (bsc#1051510).
o stm class: Prevent division by zero (bsc#1051510).
o stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
o supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
o switchtec: Fix unintended mask of MRPC event (git-fixes).
o tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
o tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
o tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
o tcp: fix fack_count accounting on tcp_shift_skb_data() (CVE-2019-11477 bsc#
1137586).
o tcp: limit payload size of sacked skbs (bsc#1137586).
o tcp: purge write queue in tcp_connect_init() (git-fixes).
o tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
o tcp: tcp_grow_window() needs to respect tcp_space()
(networking-stable-19_04_19).
o team: fix possible recursive locking when add slaves
(networking-stable-19_04_30).
o team: set slave to promisc if team is already in promisc mode (bsc#
1051510).
o thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
o thermal/int340x_thermal: fix mode setting (bsc#1051510).
o thermal: cpu_cooling: Actually trace CPU load in
thermal_power_cpu_get_power (bsc#1051510).
o thunderx: eliminate extra calls to put_page() for pages held for recycling
(networking-stable-19_03_28).
o thunderx: enable page recycling for non-XDP case
(networking-stable-19_03_28).
o tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
o tipc: missing entries in name table of publications
(networking-stable-19_04_19).
o tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
o tracing: Fix partial reading of trace event's id file (bsc#1136573).
o treewide: Use DEVICE_ATTR_WO (bsc#1137739).
o tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
o tty: pty: Fix race condition between release_one_tty and pty_write (bsc#
1051510).
o tty: serial_core, add ->install (bnc#1129693).
o tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
(bsc#1051510).
o tun: add a missing rcu_read_unlock() in error path
(networking-stable-19_03_28).
o tun: properly test for IFF_UP (networking-stable-19_03_28).
o uas: fix alignment of scatter/gather segments (bsc#1129770).
o udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
o ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#
1135323).
o usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
o usb: cdc-acm: fix unthrottle races (bsc#1051510).
o usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#
1051510).
o usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
o usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
o usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
o usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
o usb: serial: fix unthrottle races (bsc#1051510).
o usb: u132-hcd: fix resource leak (bsc#1051510).
o usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#
1051510).
o usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
o usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#
1051510).
o usb: yurex: Fix protection fault after device removal (bsc#1051510).
o userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
o vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
o vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#
1051510).
o vfio/pci: use correct format characters (bsc#1051510).
o vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
o vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
o vhost: reject zero size iova range (networking-stable-19_04_19).
o virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
o virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
o virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
o vrf: check accept_source_route on the original netdevice
(networking-stable-19_04_10).
o vsock/virtio: Initialize core virtio vsock before registering the driver
(bsc#1051510).
o vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
o vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#
1051510).
o vsock/virtio: reset connected sockets on device removal (bsc#1051510).
o vt: always call notifier with the console lock held (bsc#1051510).
o vxlan: Do not call gro_cells_destroy() before device is unregistered
(networking-stable-19_03_28).
o x86/speculation/mds: Fix documentation typo (bsc#1135642).
o x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
o x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
o xenbus: drop useless LIST_HEAD in xenbus_write_watch() and
xenbus_file_write() (bsc#1065600).
o xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
o xfrm6: call kfree_skb when skb is toobig (git-fixes).
o xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
o xfrm: Return error on unknown encap_type in init_state (git-fixes).
o xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
o xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
o xfrm: fix missing dst_release() after policy blocking lbcast and multicast
(git-fixes).
o xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
o xfrm: reset crypto_done when iterating over multiple input xfrms
(git-fixes).
o xfrm: reset transport header back to network header after all input
transforms ahave been applied (git-fixes).
o xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
o xfs: add log item pinning error injection tag (bsc#1114427).
o xfs: buffer lru reference count error injection tag (bsc#1114427).
o xfs: check _btree_check_block value (bsc#1123663).
o xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
o xfs: create block pointer check functions (bsc#1123663).
o xfs: create inode pointer verifiers (bsc#1114427).
o xfs: detect and fix bad summary counts at mount (bsc#1114427).
o xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub
(bsc#1114427).
o xfs: export various function for the online scrubber (bsc#1123663).
o xfs: expose errortag knobs via sysfs (bsc#1114427).
o xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
o xfs: force summary counter recalc at next mount (bsc#1114427).
o xfs: kill meaningless variable 'zero' (bsc#1106011).
o xfs: make errortag a per-mountpoint structure (bsc#1123663).
o xfs: move error injection tags into their own file (bsc#1114427).
o xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
o xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#
1106011).
o xfs: refactor btree block header checking functions (bsc#1123663).
o xfs: refactor btree pointer checks (bsc#1123663).
o xfs: refactor unmount record write (bsc#1114427).
o xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
o xfs: remove xfs_zero_range (bsc#1106011).
o xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
o xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
o xfs: sanity-check the unused space before trying to use it (bsc#1123663).
o xfs: serialize unaligned dio writes against all other dio writes (bsc#
1134936).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Workstation Extension 15:
zypper in -t patch SUSE-SLE-Product-WE-15-2019-1529=1
o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:
zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-1529=1
o SUSE Linux Enterprise Module for Live Patching 15:
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-2019-1529=1
o SUSE Linux Enterprise Module for Legacy Software 15:
zypper in -t patch SUSE-SLE-Module-Legacy-15-2019-1529=1
o SUSE Linux Enterprise Module for Development Tools 15:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2019-1529=1
o SUSE Linux Enterprise Module for Basesystem 15:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-1529=1
o SUSE Linux Enterprise High Availability 15:
zypper in -t patch SUSE-SLE-Product-HA-15-2019-1529=1
Package List:
o SUSE Linux Enterprise Workstation Extension 15 (x86_64):
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
kernel-default-extra-4.12.14-150.22.1
kernel-default-extra-debuginfo-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
(aarch64 ppc64le s390x x86_64):
kernel-default-base-4.12.14-150.22.1
kernel-default-base-debuginfo-4.12.14-150.22.1
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
kernel-obs-qa-4.12.14-150.22.1
kselftests-kmp-default-4.12.14-150.22.1
kselftests-kmp-default-debuginfo-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
(noarch):
kernel-docs-html-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Live Patching 15 (ppc64le x86_64):
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
kernel-default-livepatch-4.12.14-150.22.1
kernel-livepatch-4_12_14-150_22-default-1-1.5.1
kernel-livepatch-4_12_14-150_22-default-debuginfo-1-1.5.1
o SUSE Linux Enterprise Module for Legacy Software 15 (aarch64 ppc64le s390x
x86_64):
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
reiserfs-kmp-default-4.12.14-150.22.1
reiserfs-kmp-default-debuginfo-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-4.12.14-150.22.1
kernel-obs-build-debugsource-4.12.14-150.22.1
kernel-syms-4.12.14-150.22.1
kernel-vanilla-base-4.12.14-150.22.1
kernel-vanilla-base-debuginfo-4.12.14-150.22.1
kernel-vanilla-debuginfo-4.12.14-150.22.1
kernel-vanilla-debugsource-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Development Tools 15 (noarch):
kernel-docs-4.12.14-150.22.1
kernel-source-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x
x86_64):
kernel-default-4.12.14-150.22.1
kernel-default-base-4.12.14-150.22.1
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
kernel-default-devel-4.12.14-150.22.1
kernel-default-devel-debuginfo-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Basesystem 15 (noarch):
kernel-devel-4.12.14-150.22.1
kernel-macros-4.12.14-150.22.1
o SUSE Linux Enterprise Module for Basesystem 15 (s390x):
kernel-default-man-4.12.14-150.22.1
kernel-zfcpdump-4.12.14-150.22.1
kernel-zfcpdump-debuginfo-4.12.14-150.22.1
kernel-zfcpdump-debugsource-4.12.14-150.22.1
o SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-150.22.1
cluster-md-kmp-default-debuginfo-4.12.14-150.22.1
dlm-kmp-default-4.12.14-150.22.1
dlm-kmp-default-debuginfo-4.12.14-150.22.1
gfs2-kmp-default-4.12.14-150.22.1
gfs2-kmp-default-debuginfo-4.12.14-150.22.1
kernel-default-debuginfo-4.12.14-150.22.1
kernel-default-debugsource-4.12.14-150.22.1
ocfs2-kmp-default-4.12.14-150.22.1
ocfs2-kmp-default-debuginfo-4.12.14-150.22.1
References:
o https://www.suse.com/security/cve/CVE-2018-7191.html
o https://www.suse.com/security/cve/CVE-2019-10124.html
o https://www.suse.com/security/cve/CVE-2019-11085.html
o https://www.suse.com/security/cve/CVE-2019-11477.html
o https://www.suse.com/security/cve/CVE-2019-11478.html
o https://www.suse.com/security/cve/CVE-2019-11479.html
o https://www.suse.com/security/cve/CVE-2019-11486.html
o https://www.suse.com/security/cve/CVE-2019-11487.html
o https://www.suse.com/security/cve/CVE-2019-11815.html
o https://www.suse.com/security/cve/CVE-2019-11833.html
o https://www.suse.com/security/cve/CVE-2019-11884.html
o https://www.suse.com/security/cve/CVE-2019-12382.html
o https://www.suse.com/security/cve/CVE-2019-3846.html
o https://www.suse.com/security/cve/CVE-2019-5489.html
o https://bugzilla.suse.com/1012382
o https://bugzilla.suse.com/1050242
o https://bugzilla.suse.com/1051510
o https://bugzilla.suse.com/1053043
o https://bugzilla.suse.com/1055186
o https://bugzilla.suse.com/1056787
o https://bugzilla.suse.com/1058115
o https://bugzilla.suse.com/1063638
o https://bugzilla.suse.com/1064802
o https://bugzilla.suse.com/1065600
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1066129
o https://bugzilla.suse.com/1068546
o https://bugzilla.suse.com/1071995
o https://bugzilla.suse.com/1075020
o https://bugzilla.suse.com/1082387
o https://bugzilla.suse.com/1083647
o https://bugzilla.suse.com/1085535
o https://bugzilla.suse.com/1099658
o https://bugzilla.suse.com/1103992
o https://bugzilla.suse.com/1104353
o https://bugzilla.suse.com/1104427
o https://bugzilla.suse.com/1106011
o https://bugzilla.suse.com/1106284
o https://bugzilla.suse.com/1108193
o https://bugzilla.suse.com/1108838
o https://bugzilla.suse.com/1108937
o https://bugzilla.suse.com/1110946
o https://bugzilla.suse.com/1111696
o https://bugzilla.suse.com/1112063
o https://bugzilla.suse.com/1113722
o https://bugzilla.suse.com/1114427
o https://bugzilla.suse.com/1115688
o https://bugzilla.suse.com/1117158
o https://bugzilla.suse.com/1117561
o https://bugzilla.suse.com/1118139
o https://bugzilla.suse.com/1119843
o https://bugzilla.suse.com/1120091
o https://bugzilla.suse.com/1120423
o https://bugzilla.suse.com/1120566
o https://bugzilla.suse.com/1120843
o https://bugzilla.suse.com/1120902
o https://bugzilla.suse.com/1122776
o https://bugzilla.suse.com/1123454
o https://bugzilla.suse.com/1123663
o https://bugzilla.suse.com/1124503
o https://bugzilla.suse.com/1124839
o https://bugzilla.suse.com/1126356
o https://bugzilla.suse.com/1127616
o https://bugzilla.suse.com/1128052
o https://bugzilla.suse.com/1128904
o https://bugzilla.suse.com/1128979
o https://bugzilla.suse.com/1129138
o https://bugzilla.suse.com/1129273
o https://bugzilla.suse.com/1129497
o https://bugzilla.suse.com/1129693
o https://bugzilla.suse.com/1129770
o https://bugzilla.suse.com/1130579
o https://bugzilla.suse.com/1130699
o https://bugzilla.suse.com/1130972
o https://bugzilla.suse.com/1131326
o https://bugzilla.suse.com/1131451
o https://bugzilla.suse.com/1131488
o https://bugzilla.suse.com/1131565
o https://bugzilla.suse.com/1131673
o https://bugzilla.suse.com/1132044
o https://bugzilla.suse.com/1133176
o https://bugzilla.suse.com/1133188
o https://bugzilla.suse.com/1133190
o https://bugzilla.suse.com/1133320
o https://bugzilla.suse.com/1133612
o https://bugzilla.suse.com/1133616
o https://bugzilla.suse.com/1134160
o https://bugzilla.suse.com/1134162
o https://bugzilla.suse.com/1134199
o https://bugzilla.suse.com/1134200
o https://bugzilla.suse.com/1134201
o https://bugzilla.suse.com/1134202
o https://bugzilla.suse.com/1134203
o https://bugzilla.suse.com/1134204
o https://bugzilla.suse.com/1134205
o https://bugzilla.suse.com/1134354
o https://bugzilla.suse.com/1134393
o https://bugzilla.suse.com/1134459
o https://bugzilla.suse.com/1134460
o https://bugzilla.suse.com/1134461
o https://bugzilla.suse.com/1134537
o https://bugzilla.suse.com/1134597
o https://bugzilla.suse.com/1134651
o https://bugzilla.suse.com/1134671
o https://bugzilla.suse.com/1134760
o https://bugzilla.suse.com/1134806
o https://bugzilla.suse.com/1134810
o https://bugzilla.suse.com/1134813
o https://bugzilla.suse.com/1134848
o https://bugzilla.suse.com/1134936
o https://bugzilla.suse.com/1135006
o https://bugzilla.suse.com/1135007
o https://bugzilla.suse.com/1135008
o https://bugzilla.suse.com/1135056
o https://bugzilla.suse.com/1135100
o https://bugzilla.suse.com/1135120
o https://bugzilla.suse.com/1135278
o https://bugzilla.suse.com/1135281
o https://bugzilla.suse.com/1135309
o https://bugzilla.suse.com/1135312
o https://bugzilla.suse.com/1135314
o https://bugzilla.suse.com/1135315
o https://bugzilla.suse.com/1135316
o https://bugzilla.suse.com/1135320
o https://bugzilla.suse.com/1135323
o https://bugzilla.suse.com/1135330
o https://bugzilla.suse.com/1135492
o https://bugzilla.suse.com/1135542
o https://bugzilla.suse.com/1135556
o https://bugzilla.suse.com/1135603
o https://bugzilla.suse.com/1135642
o https://bugzilla.suse.com/1135661
o https://bugzilla.suse.com/1135758
o https://bugzilla.suse.com/1136206
o https://bugzilla.suse.com/1136424
o https://bugzilla.suse.com/1136428
o https://bugzilla.suse.com/1136430
o https://bugzilla.suse.com/1136432
o https://bugzilla.suse.com/1136434
o https://bugzilla.suse.com/1136435
o https://bugzilla.suse.com/1136438
o https://bugzilla.suse.com/1136439
o https://bugzilla.suse.com/1136477
o https://bugzilla.suse.com/1136478
o https://bugzilla.suse.com/1136573
o https://bugzilla.suse.com/1136586
o https://bugzilla.suse.com/1136881
o https://bugzilla.suse.com/1136935
o https://bugzilla.suse.com/1136990
o https://bugzilla.suse.com/1137151
o https://bugzilla.suse.com/1137152
o https://bugzilla.suse.com/1137153
o https://bugzilla.suse.com/1137162
o https://bugzilla.suse.com/1137372
o https://bugzilla.suse.com/1137444
o https://bugzilla.suse.com/1137586
o https://bugzilla.suse.com/1137739
o https://bugzilla.suse.com/1137752
- -----------------------------------------------------------------------------
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2019:1530-1
Rating: important
References: #1012382 #1050242 #1051510 #1053043 #1056787 #1058115
#1063638 #1064802 #1065600 #1065729 #1066129 #1068546
#1071995 #1075020 #1082387 #1083647 #1085535 #1099658
#1103992 #1104353 #1104427 #1106011 #1106284 #1108838
#1110946 #1111696 #1112063 #1113722 #1114427 #1114893
#1115688 #1117158 #1117561 #1118139 #1119843 #1120091
#1120423 #1120566 #1120843 #1120902 #1122776 #1123454
#1123663 #1124503 #1124839 #1126356 #1127616 #1128052
#1128904 #1128905 #1128979 #1129138 #1129497 #1129693
#1129770 #1129848 #1129857 #1130409 #1130699 #1130972
#1131451 #1131488 #1131565 #1131673 #1132044 #1132894
#1133176 #1133188 #1133190 #1133320 #1133612 #1133616
#1134160 #1134162 #1134199 #1134200 #1134201 #1134202
#1134203 #1134204 #1134205 #1134354 #1134393 #1134459
#1134460 #1134461 #1134537 #1134591 #1134597 #1134607
#1134651 #1134671 #1134760 #1134806 #1134810 #1134813
#1134848 #1134936 #1135006 #1135007 #1135008 #1135056
#1135100 #1135120 #1135278 #1135281 #1135309 #1135312
#1135314 #1135315 #1135316 #1135320 #1135323 #1135330
#1135492 #1135542 #1135556 #1135603 #1135642 #1135661
#1135758 #1136206 #1136424 #1136428 #1136430 #1136432
#1136434 #1136435 #1136438 #1136439 #1136477 #1136478
#1136573 #1136586 #1136881 #1136935 #1136990 #1137151
#1137152 #1137153 #1137162 #1137372 #1137444 #1137586
#1137739 #1137752
Cross-References: CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11477
CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487
CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382
CVE-2019-3846 CVE-2019-5489
Affected Products:
SUSE Linux Enterprise Workstation Extension 12-SP4
SUSE Linux Enterprise Software Development Kit 12-SP4
SUSE Linux Enterprise Server 12-SP4
SUSE Linux Enterprise Live Patching 12-SP4
SUSE Linux Enterprise High Availability 12-SP4
SUSE Linux Enterprise Desktop 12-SP4
______________________________________________________________________________
An update that solves 14 vulnerabilities and has 132 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security
and bugfixes.
The following security bugs were fixed:
o CVE-2019-11477: A sequence of SACKs may have been crafted such that one can
trigger an integer overflow, leading to a kernel panic.
o CVE-2019-11478: It was possible to send a crafted sequence of SACKs which
will fragment the TCP retransmission queue. An attacker may have been able
to further exploit the fragmented queue to cause an expensive linked-list
walk for subsequent SACKs received for that same TCP connection.
o CVE-2019-11479: An attacker could force the Linux kernel to segment its
responses into multiple TCP segments. This would drastically increased the
bandwidth required to deliver the same amount of data. Further, it would
consume additional resources such as CPU and NIC processing power.
o CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and
possibly escalate privileges was found in the mwifiex kernel module while
connecting to a malicious wireless network. (bnc#1136424)
o CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in
drivers/gpu/drm/drm_edid_load.c in the Linux kernel, there was an unchecked
kstrdup of fwstr, which might have allowed an attacker to cause a denial of
service (NULL pointer dereference and system crash). (bnc#1136586)
o CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux
kernel allowed local attackers to observe page cache access patterns of
other processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.)
Limited remote exploitation may have been possible, as demonstrated by
latency differences in accessing public files from an Apache HTTP Server.
(bnc#1120843)
o CVE-2019-11487: The Linux kernel allowed page reference count overflow,
with resultant use-after-free issues, if about 140 GiB of RAM existed. It
could have occured with FUSE requests. (bnc#1133190)
o CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the
unused memory region in the extent tree block, which might have allowed
local users to obtain sensitive information by reading uninitialized data
in the filesystem. (bnc#1135281)
o CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name
was not called before register_netdevice. This allowed local users to cause
a denial of service (NULL pointer dereference and panic) via an ioctl
(TUNSETIFF) call with a dev name containing a / character. (bnc#1135603)
o CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in i915
Graphics for Linux may have allowed an authenticated user to potentially
enable escalation of privilege via local access. (bnc#1135278)
o CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/
tcp.c in the Linux kernel There was a race condition leading to a
use-after-free, related to net namespace cleanup. (bnc#1134537)
o CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/
sock.c in the Linux kernel allowed a local user to obtain potentially
sensitive information from kernel stack memory via a hidPCONNADD command,
because a name field may not end with a '\0' character. (bnc#1134848)
o CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/
n_r3964.c in the Linux kernel had multiple race conditions. (bnc#1133188)
The following non-security bugs were fixed:
o 9p locks: add mount option for lock retry interval (bsc#1051510).
o Update config files. Debug kernel is not supported (bsc#1135492).
o acpi / utils: Drop reference in test for device presence (bsc#1051510).
o acpi: button: reinitialize button state upon resume (bsc#1051510).
o acpi: fix menuconfig presentation of acpi submenu (bsc#1117158).
o acpica: AML interpreter: add region addresses in global list during
initialization (bsc#1051510).
o acpica: Namespace: remove address node from global list after method
termination (bsc#1051510).
o alsa: core: Do not refer to snd_cards array directly (bsc#1051510).
o alsa: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510).
o alsa: hda - Register irq handler after the chip initialization (bsc#
1051510).
o alsa: hda - Use a macro for snd_array iteration loops (bsc#1051510).
o alsa: hda/hdmi - Consider eld_valid when reporting jack event (bsc#
1051510).
o alsa: hda/hdmi - Read the pin sense from register when repolling (bsc#
1051510).
o alsa: hda/realtek - Avoid superfluous COEF EAPD setups (bsc#1051510).
o alsa: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: hda/realtek - EAPD turn on later (bsc#1051510).
o alsa: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug
(bsc#1051510).
o alsa: hda/realtek - Fixup headphone noise via runtime suspend (bsc#
1051510).
o alsa: hda/realtek - Improve the headset mic for Acer Aspire laptops (bsc#
1051510).
o alsa: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#
1051510).
o alsa: line6: Avoid polluting led_* namespace (bsc#1051510).
o alsa: seq: Align temporary re-locking with irqsave version (bsc#1051510).
o alsa: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#
1051510).
o alsa: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510).
o alsa: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#
1051510).
o alsa: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510).
o alsa: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510).
o alsa: seq: Remove superfluous irqsave flags (bsc#1051510).
o alsa: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510).
o alsa: timer: Check ack_list emptiness instead of bit flag (bsc#1051510).
o alsa: timer: Coding style fixes (bsc#1051510).
o alsa: timer: Make snd_timer_close() really kill pending actions (bsc#
1051510).
o alsa: timer: Make sure to clear pending ack list (bsc#1051510).
o alsa: timer: Revert active callback sync check at close (bsc#1051510).
o alsa: timer: Simplify error path in snd_timer_open() (bsc#1051510).
o alsa: timer: Unify timer callback process code (bsc#1051510).
o alsa: usb-audio: Fix a memory leak bug (bsc#1051510).
o alsa: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk()
(bsc#1051510).
o alsa: usx2y: fix a double free bug (bsc#1051510).
o appletalk: Fix compile regression (bsc#1051510).
o appletalk: Fix use-after-free in atalk_proc_exit (bsc#1051510).
o arch: arm64: acpi: KABI ginore includes (bsc#1117158 bsc#1134671).
o arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
table (bsc#1117158).
o arm64/x86: Update config files. Use CONFIG_ARCH_SUPPORTS_acpi
o arm64: Export save_stack_trace_tsk() (jsc#SLE-4214).
o arm64: acpi: fix alignment fault in accessing acpi (bsc#1117158).
o arm64: fix acpi dependencies (bsc#1117158).
o arm: 8824/1: fix a migrating irq bug when hotplug cpu (bsc#1051510).
o arm: 8833/1: Ensure that NEON code always compiles with Clang (bsc#
1051510).
o arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bsc#1051510).
o arm: 8840/1: use a raw_spinlock_t in unwind (bsc#1051510).
o arm: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be
uninitialized (bsc#1051510).
o arm: OMAP2+: fix lack of timer interrupts on CPU1 after hotplug (bsc#
1051510).
o arm: avoid Cortex-A9 livelock on tight dmb loops (bsc#1051510).
o arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time
(bsc#1051510).
o arm: iop: do not use using 64-bit DMA masks (bsc#1051510).
o arm: orion: do not use using 64-bit DMA masks (bsc#1051510).
o arm: pxa: ssp: unneeded to free devm_ allocated data (bsc#1051510).
o arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bsc#1051510).
o arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms
(bsc#1051510).
o asoc: Intel: avoid Oops if DMA setup fails (bsc#1051510).
o asoc: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510).
o asoc: cs4270: Set auto-increment bit for register writes (bsc#1051510).
o asoc: fix valid stream condition (bsc#1051510).
o asoc: fsl_esai: Fix missing break in switch statement (bsc#1051510).
o asoc: hdmi-codec: fix S/PDIF DAI (bsc#1051510).
o asoc: max98090: Fix restore of DAPM Muxes (bsc#1051510).
o asoc: nau8810: fix the issue of widget with prefixed name (bsc#1051510).
o asoc: nau8824: fix the issue of the widget with prefix name (bsc#1051510).
o asoc: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#
1051510).
o asoc: stm32: fix sai driver name initialisation (bsc#1051510).
o asoc: tlv320aic32x4: Fix Common Pins (bsc#1051510).
o asoc: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510).
o asoc:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510).
o at76c50x-usb: Do not register led_trigger if usb_register_driver failed
(bsc#1051510).
o audit: fix a memleak caused by auditing load module (bsc#1051510).
o b43: shut up clang -Wuninitialized variable warning (bsc#1051510).
o backlight: lm3630a: Return 0 on success in update_status functions (bsc#
1051510).
o bcache: Move couple of functions to sysfs.c (bsc#1130972).
o bcache: Move couple of string arrays to sysfs.c (bsc#1130972).
o bcache: Populate writeback_rate_minimum attribute (bsc#1130972).
o bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#
1130972).
o bcache: account size of buckets used in uuid write to ca->
meta_sectors_written (bsc#1130972).
o bcache: add MODULE_DESCRIPTION information (bsc#1130972).
o bcache: add a comment in super.c (bsc#1130972).
o bcache: add code comments for bset.c (bsc#1130972).
o bcache: add comment for cache_set->fill_iter (bsc#1130972).
o bcache: add identifier names to arguments of function definitions (bsc#
1130972).
o bcache: add missing SPDX header (bsc#1130972).
o bcache: add separate workqueue for journal_write to avoid deadlock (bsc#
1130972).
o bcache: add static const prefix to char * array declarations (bsc#1130972).
o bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#
1130972).
o bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972).
o bcache: cannot set writeback_running via sysfs if no writeback kthread
created (bsc#1130972).
o bcache: correct dirty data statistics (bsc#1130972).
o bcache: do not assign in if condition in bcache_init() (bsc#1130972).
o bcache: do not assign in if condition register_bcache() (bsc#1130972).
o bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#
1130972).
o bcache: do not check if debug dentry is ERR or NULL explicitly on remove
(bsc#1130972).
o bcache: do not clone bio in bch_data_verify (bsc#1130972).
o bcache: do not mark writeback_running too early (bsc#1130972).
o bcache: export backing_dev_name via sysfs (bsc#1130972).
o bcache: export backing_dev_uuid via sysfs (bsc#1130972).
o bcache: fix code comments style (bsc#1130972).
o bcache: fix indent by replacing blank by tabs (bsc#1130972).
o bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972).
o bcache: fix input integer overflow of congested threshold (bsc#1130972).
o bcache: fix input overflow to cache set io_error_limit (bsc#1130972).
o bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#
1130972).
o bcache: fix input overflow to journal_delay_ms (bsc#1130972).
o bcache: fix input overflow to sequential_cutoff (bsc#1130972).
o bcache: fix input overflow to writeback_delay (bsc#1130972).
o bcache: fix input overflow to writeback_rate_minimum (bsc#1130972).
o bcache: fix ioctl in flash device (bsc#1130972).
o bcache: fix mistaken code comments in bcache.h (bsc#1130972).
o bcache: fix mistaken comments in request.c (bsc#1130972).
o bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#
1130972).
o bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#
1130972).
o bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972).
o bcache: fix typo in code comments of closure_return_with_destructor() (bsc#
1130972).
o bcache: improve sysfs_strtoul_clamp() (bsc#1130972).
o bcache: introduce force_wake_up_gc() (bsc#1130972).
o bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#
1130972).
o bcache: move open brace at end of function definitions to next line (bsc#
1130972).
o bcache: never writeback a discard operation (bsc#1130972).
o bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc
#1130972).
o bcache: option to automatically run gc thread after writeback (bsc#
1130972).
o bcache: panic fix for making cache device (bsc#1130972).
o bcache: prefer 'help' in Kconfig (bsc#1130972).
o bcache: print number of keys in trace_bcache_journal_write (bsc#1130972).
o bcache: recal cached_dev_sectors on detach (bsc#1130972).
o bcache: remove unnecessary space before ioctl function pointer arguments
(bsc#1130972).
o bcache: remove unused bch_passthrough_cache (bsc#1130972).
o bcache: remove useless parameter of bch_debug_init() (bsc#1130972).
o bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972).
o bcache: replace Symbolic permissions by octal permission numbers (bsc#
1130972).
o bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972).
o bcache: replace printk() by pr_*() routines (bsc#1130972).
o bcache: set writeback_percent in a flexible range (bsc#1130972).
o bcache: split combined if-condition code into separate ones (bsc#1130972).
o bcache: stop bcache device when backing device is offline (bsc#1130972).
o bcache: stop using the deprecated get_seconds() (bsc#1130972).
o bcache: style fix to add a blank line after declarations (bsc#1130972).
o bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972).
o bcache: style fixes for lines over 80 characters (bsc#1130972).
o bcache: treat stale and dirty keys as bad keys (bsc#1130972).
o bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#
1130972).
o bcache: update comment for bch_data_insert (bsc#1130972).
o bcache: update comment in sysfs.c (bsc#1130972).
o bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972).
o bcache: use MAX_CACHES_PER_SET instead of magic number 8 in
__bch_bucket_alloc_set (bsc#1130972).
o bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972).
o bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972).
o bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972).
o block: Do not revalidate bdev of hidden gendisk (bsc#1120091).
o block: check_events: do not bother with events if unsupported (bsc#1110946,
bsc#1119843).
o block: disk_events: introduce event flags (bsc#1110946, bsc#1119843).
o block: do not leak memory in bio_copy_user_iov() (bsc#1135309).
o block: fix the return errno for direct IO (bsc#1135320).
o block: fix use-after-free on gendisk (bsc#1135312).
o bluetooth: Align minimum encryption key size for LE and BR/EDR connections
(bsc#1051510).
o bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#
1135556).
o bluetooth: hidp: fix buffer overflow (bsc#1051510).
o bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one()
(bsc#1050242).
o bnxt_en: Improve RX consumer index validity check
(networking-stable-19_04_10).
o bnxt_en: Improve multicast address setup logic
(networking-stable-19_05_04).
o bnxt_en: Reset device on RX buffer errors (networking-stable-19_04_10).
o bonding: fix event handling for stacked bonds (networking-stable-19_04_19).
o bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bsc#
1083647).
o bpf: Add missed newline in verifier verbose log (bsc#1056787).
o bpf: add map_lookup_elem_sys_only for lookups from syscall side (bsc#
1083647).
o brcm80211: potential NULL dereference in
brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510).
o btrfs: Do not panic when we can't find a root key (bsc#1112063).
o btrfs: Factor out common delayed refs init code (bsc#1134813).
o btrfs: Introduce init_delayed_ref_head (bsc#1134813).
o btrfs: Open-code add_delayed_data_ref (bsc#1134813).
o btrfs: Open-code add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813).
o btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813).
o btrfs: add a helper to return a head ref (bsc#1134813).
o btrfs: breakout empty head cleanup to a helper (bsc#1134813).
o btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_data_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: delayed-ref: Use btrfs_ref to refactor btrfs_add_delayed_tree_ref()
(bsc#1063638 bsc#1128052 bsc#1108838).
o btrfs: do not allow trimming when a fs is mounted with the nologreplay
option (bsc#1135758).
o btrfs: do not double unlock on error in btrfs_punch_hole (bsc#1136881).
o btrfs: extent-tree: Fix a bug that btrfs is unable to add pinned bytes (bsc
#1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor add_pinned_bytes() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_free_extent() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: extent-tree: Use btrfs_ref to refactor btrfs_inc_extent_ref() (bsc#
1063638 bsc#1128052 bsc#1108838).
o btrfs: fix fsync not persisting changed attributes of a directory (bsc#
1137151).
o btrfs: fix race between ranged fsync and writeback of adjacent ranges (bsc#
1136477).
o btrfs: fix race updating log root item during fsync (bsc#1137153).
o btrfs: fix wrong ctime and mtime of a directory after log replay (bsc#
1137152).
o btrfs: improve performance on fsync of files with multiple hardlinks (bsc#
1123454).
o btrfs: move all ref head cleanup to the helper function (bsc#1134813).
o btrfs: move extent_op cleanup to a helper (bsc#1134813).
o btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813).
o btrfs: qgroup: Check bg while resuming relocation to avoid NULL pointer
dereference (bsc#1134806).
o btrfs: qgroup: Do not scan leaf if we're modifying reloc tree (bsc#1063638
bsc#1128052 bsc#1108838).
o btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to
btrfs_qgroup_extent_record (bsc#1134162).
o btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release
(bsc#1134160).
o btrfs: reloc: Also queue orphan reloc tree for cleanup to avoid BUG_ON()
(bsc#1133612).
o btrfs: remove delayed_ref_node from ref_head (bsc#1134813).
o btrfs: send, flush dellaloc in order to avoid data loss (bsc#1133320).
o btrfs: split delayed ref head initialization and addition (bsc#1134813).
o btrfs: track refs in a rb_tree instead of a list (bsc#1134813).
o btrfs: tree-checker: detect file extent items with overlapping ranges (bsc#
1136478).
o ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461).
o ceph: fix ci->i_head_snapc leak (bsc#1122776).
o ceph: fix use-after-free on symlink traversal (bsc#1134459).
o ceph: only use d_name directly when parent is locked (bsc#1134460).
o cifs: keep FileInfo handle live during oplock break (bsc#1106284, bsc#
1131565).
o clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510).
o clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510).
o configfs: Fix use-after-free when accessing sd->s_dentry (bsc#1051510).
o configfs: fix possible use-after-free in configfs_register_group (bsc#
1051510).
o crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510).
o crypto: caam - fix caam_dump_sg that iterates through scatterlist (bsc#
1051510).
o crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bsc#
1051510).
o crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#
1051510).
o crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510).
o crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#
1051510).
o crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510).
o crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bsc#
1051510).
o crypto: skcipher - do not WARN on unprocessed data after slow walk step
(bsc#1051510).
o crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510).
o crypto: vmx - CTR: always increment IV as quadword (bsc#1051510).
o crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510).
o crypto: vmx - ghash: do nosimd fallback manually (bsc#1135661, bsc#
1137162).
o crypto: vmx - return correct error code on failed setkey (bsc#1135661, bsc#
1137162).
o crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#
1051510).
o dccp: Fix memleak in __feat_register_sp (bsc#1051510).
o dccp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o debugfs: fix use-after-free on symlink traversal (bsc#1051510).
o devres: Align data[] to ARCH_KMALLOC_MINALIGN (bsc#1051510).
o dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#
1051510).
o dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510).
o documentation: Add MDS vulnerability documentation (bsc#1135642).
o drivers: acpi: add dependency of EFI for arm64 (bsc#1117158).
o drm/bridge: adv7511: Fix low refresh rate selection (bsc#1051510).
o drm/etnaviv: lock MMU while dumping core (bsc#1113722)
o drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510).
o drm/i915/fbc: disable framebuffer compression on GeminiLake (bsc#1051510).
o drm/i915/gvt: Fix cmd length of VEB_DI_IECP (bsc#1113722)
o drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#
1113722)
o drm/i915/gvt: Tiled Resources mmios are in-context mmios for gen9+ (bsc#
1113722)
o drm/i915/gvt: add 0x4dfc to gen9 save-restore list (bsc#1113722)
o drm/i915/gvt: do not let TRTTE and 0x4dfc write passthrough to hardware
(bsc#1051510).
o drm/i915/gvt: refine ggtt range validation (bsc#1113722)
o drm/i915: Disable LP3 watermarks on all SNB machines (bsc#1051510).
o drm/i915: Downgrade Gen9 Plane WM latency error (bsc#1051510).
o drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510).
o drm/imx: do not skip DP channel disable for background plane (bsc#1051510).
o drm/mediatek: fix possible object reference leak (bsc#1051510).
o drm/meson: add size and alignment requirements for dumb buffers (bnc#
1113722)
o drm/nouveau/i2c: Disable i2c bus access after ->fini() (bsc#1113722)
o drm/rockchip: fix for mailbox read validation (bsc#1051510).
o drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510).
o drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)
o drm/ttm: Remove warning about inconsistent mapping information (bnc#
1131488)
o drm/vmwgfx: Do not send drm sysfs hotplug events on initial master set (bsc
#1051510).
o drm/vmwgfx: NULL pointer dereference from vmw_cmd_dx_view_define() (bsc#
1113722)
o drm/vmwgfx: integer underflow in vmw_cmd_dx_set_shader() leading to an
invalid read (bsc#1051510).
o dt-bindings: clock: r8a7795: Remove CSIREF clock (bsc#1120902).
o dt-bindings: clock: r8a7796: Remove CSIREF clock (bsc#1120902).
o dt-bindings: net: Add binding for the external clock for TI WiLink (bsc#
1085535).
o dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings
(bsc#1129770).
o dt-bindings: rtc: sun6i-rtc: Fix register range in example (bsc#1120902).
o dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#
1051510).
o efi/arm: Defer persistent reservations until after paging_init() (bsc#
1117158).
o efi/arm: Do not mark acpi reclaim memory as MEMBLOCK_NOMAP (bsc#1117158 bsc
#1115688 bsc#1120566).
o efi/arm: Revert "Defer persistent reservations until after paging_init()"
(bsc#1117158).
o efi/arm: Revert deferred unmap of early memmap mapping (bsc#1117158).
o efi/arm: libstub: add a root memreserve config table (bsc#1117158).
o efi/arm: map UEFI memory map even w/o runtime services enabled (bsc#
1117158).
o efi/arm: preserve early mapping of UEFI memory map longer for BGRT (bsc#
1117158).
o efi: Permit calling efi_mem_reserve_persistent() from atomic context (bsc#
1117158).
o efi: Permit multiple entries in persistent memreserve data structure (bsc#
1117158).
o efi: Prevent GICv3 WARN() by mapping the memreserve table before first use
(bsc#1117158).
o efi: Reduce the amount of memblock reservations for persistent allocations
(bsc#1117158).
o efi: add API to reserve memory persistently across kexec reboot (bsc#
1117158).
o efi: honour memory reservations passed via a linux specific config table
(bsc#1117158).
o ext4: Do not warn when enabling DAX (bsc#1132894).
o ext4: actually request zeroing of inode table after grow (bsc#1135315).
o ext4: avoid panic during forced reboot due to aborted journal (bsc#
1126356).
o ext4: fix data corruption caused by overlapping unaligned and aligned IO
(bsc#1136428).
o ext4: fix ext4_show_options for file systems w/o journal (bsc#1135316).
o ext4: fix use-after-free race with debug_want_extra_isize (bsc#1135314).
o ext4: make sanity check in mballoc more strict (bsc#1136439).
o ext4: wait for outstanding dio during truncate in nojournal mode (bsc#
1136438).
o fbdev: fix WARNING in __alloc_pages_nodemask bug (bsc#1113722)
o fbdev: fix divide error in fb_var_to_videomode (bsc#1113722)
o firmware: efi: factor out mem_reserve (bsc#1117158 bsc#1134671).
o fix rtnh_ok() (git-fixes).
o fs/sync.c: sync_file_range(2) may use WB_SYNC_ALL writeback (bsc#1136432).
o fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going
into workqueue when umount (bsc#1136435).
o ftrace/x86_64: Emulate call function while updating in breakpoint handler
(bsc#1099658).
o genetlink: Fix a memory leak on error path (networking-stable-19_03_28).
o ghes, EDAC: Fix ghes_edac registration (bsc#1133176).
o gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510).
o gpu: ipu-v3: dp: fix CSC handling (bsc#1051510).
o hid: debug: fix race condition with between rdesc_show() and device removal
(bsc#1051510).
o hid: input: add mapping for "Toggle Display" key (bsc#1051510).
o hid: input: add mapping for Assistant key (bsc#1051510).
o hid: input: add mapping for Expose/Overview key (bsc#1051510).
o hid: input: add mapping for keyboard Brightness Up/Down/Toggle keys (bsc#
1051510).
o hid: logitech: check the return value of create_singlethread_workqueue (bsc
#1051510).
o hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#
1051510).
o ibmvnic: Add device identification to requested IRQs (bsc#1137739).
o ibmvnic: Do not close unopened driver during reset (bsc#1137752).
o ibmvnic: Fix unchecked return codes of memory allocations (bsc#1137752).
o ibmvnic: Refresh device multicast list after reset (bsc#1137752).
o ibmvnic: remove set but not used variable 'netdev' (bsc#1137739).
o igmp: fix incorrect unsolicit report count when join group (git-fixes).
o iio: adc: xilinx: fix potential use-after-free on remove (bsc#1051510).
o indirect call wrappers: helpers to speed-up indirect calls of builtin (bsc#
1124503).
o inetpeer: fix uninit-value in inet_getpeer (git-fixes).
o input: elan_i2c - add hardware ID for multiple Lenovo laptops (bsc#
1051510).
o input: introduce KEY_ASSISTANT (bsc#1051510).
o input: synaptics-rmi4 - fix possible double free (bsc#1051510).
o intel_th: msu: Fix single mode with IOMMU (bsc#1051510).
o intel_th: pci: Add Comet Lake support (bsc#1051510).
o iommu/arm-smmu-v3: Abort all transactions if SMMU is enabled in kdump
kernel (bsc#1117158).
o iommu/arm-smmu-v3: Do not disable SMMU in kdump kernel (bsc#1117158 bsc#
1134671).
o iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#
1135006).
o iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007).
o iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008).
o ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type
(networking-stable-19_04_10).
o ip6_tunnel: collect_md xmit: Use ip_tunnel_key's provided src address
(git-fixes).
o ip_gre: fix parsing gre header in ipgre_err (git-fixes).
o ip_tunnel: Fix name string concatenate in __ip_tunnel_create() (git-fixes).
o ipconfig: Correctly initialise ic_nameservers (bsc#1051510).
o ipmi:ssif: compare block number correctly for multi-part return messages
(bsc#1051510).
o ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
(git-fixes).
o ipv4: add sanity checks in ipv4_link_failure() (git-fixes).
o ipv4: ensure rcu_read_lock() in ipv4_link_failure()
(networking-stable-19_04_19).
o ipv4: ip_do_fragment: Preserve skb_iif during fragmentation
(networking-stable-19_05_04).
o ipv4: recompile ip options in ipv4_link_failure
(networking-stable-19_04_19).
o ipv4: set the tcp_min_rtt_wlen range from 0 to one day
(networking-stable-19_04_30).
o ipv6/flowlabel: wait rcu grace period before put_pid() (git-fixes).
o ipv6: fix cleanup ordering for ip6_mr failure (git-fixes).
o ipv6: fix cleanup ordering for pingv6 registration (git-fixes).
o ipv6: invert flowlabel sharing check in process and user mode (git-fixes).
o ipv6: mcast: fix unsolicited report interval after receiving querys
(git-fixes).
o ipvlan: Add the skb->mark as flow4's member to lookup route (bsc#1051510).
o ipvlan: fix ipv6 outbound device (bsc#1051510).
o ipvlan: use ETH_MAX_MTU as max mtu (bsc#1051510).
o ipvs: Fix signed integer overflow when setsockopt timeout (bsc#1051510).
o ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf (git-fixes).
o ipvs: fix buffer overflow with sync daemon and service (git-fixes).
o ipvs: fix check on xmit to non-local addresses (git-fixes).
o ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bsc#1051510).
o ipvs: fix rtnl_lock lockups caused by start_sync_thread (git-fixes).
o ipvs: fix stats update from local clients (git-fixes).
o iw_cxgb4: only allow 1 flush on user qps (bsc#1051510).
o jbd2: check superblock mapped prior to committing (bsc#1136430).
o kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510).
o kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#
1051510).
o kABI: protect dma-mapping.h include (kabi).
o kABI: protect functions using struct net_generic (bsc#1130409 LTC#176346).
o kABI: protect ip_options_rcv_srr (kabi).
o kABI: protect struct mlx5_td (kabi).
o kABI: protect struct pci_dev (kabi).
o kABI: protect struct smc_ib_device (bsc#1130409 LTC#176346).
o kABI: protect struct smc_link (bsc#1129857 LTC#176247).
o kABI: protect struct smcd_dev (bsc#1130409 LTC#176346).
o kabi: drop LINUX_Mib_TCPWQUEUETOOBIG snmp counter (bsc#1137586).
o kabi: implement map_lookup_elem_sys_only in another way (bsc#1083647).
o kabi: move sysctl_tcp_min_snd_mss to preserve struct net layout (bsc#
1137586).
o kernel/signal.c: trace_signal_deliver when signal_group_exit (git-fixes).
o kernel/sys.c: prctl: fix false positive in validate_prctl_map()
(git-fixes).
o kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv
(bsc#1051510).
o kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#
1051510).
o keys: safe concurrent user->{session,uid}_keyring access (bsc#1135642).
o kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128904
LTC#176078).
o kmsg: Update message catalog to latest ibM level (2019/03/08) (bsc#1128905
LTC#176077).
o kvm: Fix UAF in nested posted interrupt processing (bsc#1134199).
o kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#
1134202).
o kvm: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200).
o kvm: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#
1134201).
o kvm: s390: fix memory overwrites when not using SCA entries (bsc#1136206).
o kvm: s390: provide io interrupt kvm_stat (bsc#1136206).
o kvm: s390: use created_vcpus in more places (bsc#1136206).
o kvm: s390: vsie: fix 8k check for the itdba (bsc#1136206).
o kvm: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#
1134203).
o kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#
1134204).
o kvm: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#
1134205).
o l2tp: cleanup l2tp_tunnel_delete calls (bsc#1051510).
o l2tp: filter out non-PPP sessions in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: fix missing refcount drop in pppol2tp_tunnel_ioctl() (git-fixes).
o l2tp: only accept PPP sessions in pppol2tp_connect() (git-fixes).
o l2tp: prevent pppol2tp_connect() from creating kernel sockets (git-fixes).
o l2tp: revert "l2tp: fix missing print session offset info" (bsc#1051510).
o leds: avoid races with workqueue (bsc#1051510).
o leds: pwm: silently error out on EPROBE_DEFER (bsc#1051510).
o lib: add crc64 calculation routines (bsc#1130972).
o lib: do not depend on linux headers being installed (bsc#1130972).
o libata: fix using DMA buffers on stack (bsc#1051510).
o linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#
1051510).
o livepatch: Convert error about unsupported reliable stacktrace into a
warning (bsc#1071995).
o livepatch: Remove custom kobject state handling (bsc#1071995).
o livepatch: Remove duplicated code for early initialization (bsc#1071995).
o lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138).
o mISDN: Check address length before reading address family (bsc#1051510).
o mac80211: fix memory accounting with A-MSDU aggregation (bsc#1051510).
o mac80211: fix unaligned access in mesh table hash function (bsc#1051510).
o mac8390: Fix mmio access size probe (bsc#1051510).
o md: fix invalid stored role for a disk (bsc#1051510).
o media: atmel: atmel-isc: fix INIT_WORK misplacement (bsc#1051510).
o media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510).
o media: cx23885: check allocation return (bsc#1051510).
o media: davinci-isif: avoid uninitialized variable use (bsc#1051510).
o media: davinci/vpbe: array underflow in vpbe_enum_outputs() (bsc#1051510).
o media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510).
o media: omap_vout: potential buffer overflow in vidioc_dqbuf() (bsc#
1051510).
o media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510).
o media: pvrusb2: Prevent a buffer overflow (bsc#1129770).
o media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#
1051510).
o media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame
(bsc#1051510).
o media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#
1051510).
o media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510).
o media: wl128x: prevent two potential buffer overflows (bsc#1051510).
o memcg: make it work on sparse non-0-node systems (bnc#1133616).
o memcg: make it work on sparse non-0-node systems kabi (bnc#1133616).
o mlxsw: spectrum: Fix autoneg status in ethtool
(networking-stable-19_04_30).
o mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned
addresses (bsc#1135330).
o mm: Fix buggy backport leading to MAP_SYNC failures (bsc#1137372)
o mm: thp: relax __GFP_THISNODE for MADV_HUGEPAGE mappings (bnc#1012382).
o mmc: block: Delete gendisk before cleaning up the request queue (bsc#
1127616).
o mmc: core: fix possible use after free of host (bsc#1051510).
o mount: copy the port field into the cloned nfs_server structure (bsc#
1136990).
o mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#
1051510).
o mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510).
o mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol
(bsc#1051510).
o mtd: part: fix incorrect format specifier for an unsigned long long (bsc#
1051510).
o mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write
(bsc#1129770).
o mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (bsc#1136935).
o mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510).
o mwifiex: Fix possible buffer overflows at parsing bss descriptor
o mwifiex: prevent an array overflow (bsc#1051510).
o mwl8k: Fix rate_idx underflow (bsc#1051510).
o neighbor: Call __ipv4_neigh_lookup_noref in neigh_xmit (git-fixes).
o net-gro: Fix GRO flush when receiving a GSO packet
(networking-stable-19_04_10).
o net/ibmvnic: Remove tests of member address (bsc#1137739).
o net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760).
o net/ibmvnic: Update carrier state after link state change (bsc#1135100).
o net/ipv4: defensive cipso option parsing (git-fixes).
o net/ipv6: do not reinitialize ndev->cnf.addr_gen_mode on new inet6_dev
(git-fixes).
o net/ipv6: fix addrconf_sysctl_addr_gen_mode (git-fixes).
o net/ipv6: propagate net.ipv6.conf.all.addr_gen_mode to devices (git-fixes).
o net/ipv6: reserve room for IFLA_INET6_ADDR_GEN_MODE (git-fixes).
o net/mlx5: Decrease default mr cache size (networking-stable-19_04_10).
o net/mlx5e: Add a lock on tir list (networking-stable-19_04_10).
o net/mlx5e: Fix error handling when refreshing TIRs
(networking-stable-19_04_10).
o net/mlx5e: Fix trailing semicolon (bsc#1075020).
o net/mlx5e: IPoib, Reset QP after channels are closed (bsc#1075020).
o net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query
(networking-stable-19_04_30).
o net/rose: fix unbound loop in rose_loopback_timer()
(networking-stable-19_04_30).
o net/sched: act_sample: fix divide by zero in the traffic path
(networking-stable-19_04_10).
o net/sched: do not dereference a->goto_chain to read the chain index (bsc#
1064802 bsc#1066129).
o net/sched: fix ->get helper of the matchall cls
(networking-stable-19_04_10).
o net/smc: add pnet table namespace support (bsc#1130409 LTC#176346).
o net/smc: add smcd support to the pnet table (bsc#1130409 LTC#176346).
o net/smc: allow 16 byte pnetids in netlink policy (bsc#1129857 LTC#176247).
o net/smc: allow pci IDs as ib device names in the pnet table (bsc#1130409
LTC#176346).
o net/smc: allow pnetid-less configuration (bsc#1130409 LTC#176346).
o net/smc: call smc_cdc_msg_send() under send_lock (bsc#1129857 LTC#176247).
o net/smc: check connections in smc_lgr_free_work (bsc#1129857 LTC#176247).
o net/smc: check for ip prefix and subnet (bsc#1134607 LTC#177518).
o net/smc: check port_idx of ib event (bsc#1129857 LTC#176247).
o net/smc: cleanup for smcr_tx_sndbuf_nonempty (bsc#1130409 LTC#176346).
o net/smc: cleanup of get vlan id (bsc#1134607 LTC#177518).
o net/smc: code cleanup smc_listen_work (bsc#1134607 LTC#177518).
o net/smc: consolidate function parameters (bsc#1134607 LTC#177518).
o net/smc: correct state change for peer closing (bsc#1129857 LTC#176247).
o net/smc: delete rkey first before switching to unused (bsc#1129857 LTC#
176247).
o net/smc: do not wait for send buffer space when data was already sent (bsc#
1129857 LTC#176247).
o net/smc: do not wait under send_lock (bsc#1129857 LTC#176247).
o net/smc: fallback to TCP after connect problems (bsc#1134607 LTC#177518).
o net/smc: fix a NULL pointer dereference (bsc#1134607 LTC#177518).
o net/smc: fix another sizeof to int comparison (bsc#1129857 LTC#176247).
o net/smc: fix byte_order for rx_curs_confirmed (bsc#1129848 LTC#176249).
o net/smc: fix return code from FLUSH command (bsc#1134607 LTC#177518).
o net/smc: fix sender_free computation (bsc#1129857 LTC#176247).
o net/smc: fix smc_poll in SMC_INIT state (bsc#1129848 LTC#176249).
o net/smc: fix use of variable in cleared area (bsc#1129857 LTC#176247).
o net/smc: improve smc_conn_create reason codes (bsc#1134607 LTC#177518).
o net/smc: improve smc_listen_work reason codes (bsc#1134607 LTC#177518).
o net/smc: move code to clear the conn->lgr field (bsc#1129857 LTC#176247).
o net/smc: move unhash before release of clcsock (bsc#1134607 LTC#177518).
o net/smc: move wake up of close waiter (bsc#1129857 LTC#176247).
o net/smc: no delay for free tx buffer wait (bsc#1129857 LTC#176247).
o net/smc: nonblocking connect rework (bsc#1134607 LTC#177518).
o net/smc: postpone release of clcsock (bsc#1129857 LTC#176247).
o net/smc: preallocated memory for rdma work requests (bsc#1129857 LTC#
176247).
o net/smc: prevent races between smc_lgr_terminate() and smc_conn_free() (bsc
#1129857 LTC#176247).
o net/smc: propagate file from SMC to TCP socket (bsc#1134607 LTC#177518).
o net/smc: recvmsg and splice_read should return 0 after shutdown (bsc#
1129857 LTC#176247).
o net/smc: reduce amount of status updates to peer (bsc#1129857 LTC#176247).
o net/smc: reset cursor update required flag (bsc#1129857 LTC#176247).
o net/smc: rework pnet table (bsc#1130409 LTC#176346).
o net/smc: unlock LGR pending lock earlier for SMC-D (bsc#1129857 LTC#
176247).
o net/smc: use client and server LGR pending locks for SMC-R (bsc#1129857 LTC
#176247).
o net/smc: use device link provided in qp_context (bsc#1129857 LTC#176247).
o net/smc: use smc_curs_copy() for SMC-D (bsc#1129857 LTC#176247).
o net/smc: wait for pending work before clcsock release_sock (bsc#1134607 LTC
#177518).
o net: Fix a bug in removing queues from XPS map (git-fixes).
o net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
(networking-stable-19_03_28).
o net: atm: Fix potential Spectre v1 vulnerabilities
(networking-stable-19_04_19).
o net: avoid skb_warn_bad_offload on IS_ERR (git-fixes).
o net: do not keep lonely packets forever in the gro hash (git-fixes).
o net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc
(networking-stable-19_05_04).
o net: dsa: legacy: do not unmask port bitmaps (git-fixes).
o net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT
(git-fixes).
o net: ena: fix return value of ena_com_config_llq_info() (bsc#1111696 bsc#
1117561).
o net: ethtool: not call vzalloc for zero sized memory request
(networking-stable-19_04_10).
o net: fix uninit-value in __hw_addr_add_ex() (git-fixes).
o net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv
(networking-stable-19_04_19).
o net: hns3: remove resetting check in hclgevf_reset_task_schedule (bsc#
1104353 bsc#1135056).
o net: initialize skb->peeked when cloning (git-fixes).
o net: make skb_partial_csum_set() more robust against overflows (git-fixes).
o net: phy: marvell: Fix buffer overrun with stats counters
(networking-stable-19_05_04).
o net: rds: exchange of 8K and 1M pool (networking-stable-19_04_30).
o net: rose: fix a possible stack overflow (networking-stable-19_03_28).
o net: socket: fix potential spectre v1 gadget in socketcall (git-fixes).
o net: stmmac: fix memory corruption with large MTUs
(networking-stable-19_03_28).
o net: stmmac: move stmmac_check_ether_addr() to driver probe
(networking-stable-19_04_30).
o net: test tailroom before appending to linear skb (git-fixes).
o net: thunderx: do not allow jumbo frames with XDP
(networking-stable-19_04_19).
o net: thunderx: raise XDP MTU to 1508 (networking-stable-19_04_19).
o net: unbreak CONFIG_RETPOLINE=n builds (bsc#1124503).
o net: use indirect call wrappers at GRO network layer (bsc#1124503).
o net: use indirect call wrappers at GRO transport layer (bsc#1124503).
o netfilter: bridge: Do not sabotage nf_hook calls from an l3mdev
(git-fixes).
o netfilter: bridge: ebt_among: add missing match size checks (git-fixes).
o netfilter: bridge: ebt_among: add more missing match size checks
(git-fixes).
o netfilter: drop template ct when conntrack is skipped (git-fixes).
o netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
(git-fixes).
o netfilter: ebtables: handle string from userspace with care (git-fixes).
o netfilter: ebtables: reject non-bridge targets (git-fixes).
o netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel
(git-fixes).
o netfilter: nf_log: do not hold nf_log_mutex during user access (git-fixes).
o netfilter: nf_log: fix uninit read in nf_log_proc_dostring (git-fixes).
o netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6}
(git-fixes).
o netfilter: nf_tables: can't fail after linking rule into active rule list
(git-fixes).
o netfilter: nf_tables: check msg_type before nft_trans_set(trans)
(git-fixes).
o netfilter: nf_tables: fix NULL pointer dereference on
nft_ct_helper_obj_dump() (git-fixes).
o netfilter: nf_tables: fix leaking object reference count (git-fixes).
o netfilter: nf_tables: release chain in flushing set (git-fixes).
o netfilter: nft_compat: do not dump private area (git-fixes).
o netfilter: x_tables: initialise match/target check parameter struct
(git-fixes).
o netlink: fix uninit-value in netlink_sendmsg (git-fixes).
o nfs add module option to limit nfsv4 minor version (jsc#PM-231).
o nfs: Enable nfsv4.2 support - jsc@PM-231 This requires a module parameter
for nfsv4.2 to actually be available on SLE12 and SLE15-SP0
o nfsv4.x: always serialize open/close operations (bsc#1114893).
o nl80211: Add NL80211_FLAG_CLEAR_SKB flag for other NL commands (bsc#
1051510).
o nvme-rdma: fix possible free of a non-allocated async event buffer (bsc#
1120423).
o nvme: Do not remove namespaces during reset (bsc#1131673).
o nvme: flush scan_work when resetting controller (bsc#1131673).
o objtool: Fix function fallthrough detection (bsc#1058115).
o ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bsc#1136434).
o ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on
OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393.
o of: fix clang -Wunsequenced for be32_to_cpu() (bsc#1135642).
o omapfb: add missing of_node_put after of_device_is_available (bsc#1051510).
o openvswitch: add seqadj extension when NAT is used (bsc#1051510).
o openvswitch: fix flow actions reallocation (bsc#1051510).
o p54: drop device reference count if fails to enable device (bsc#1135642).
o packet: fix reserve calculation (git-fixes).
o packet: in packet_snd start writing at link layer allocation (git-fixes).
o packet: refine ring v3 block size test to hold one frame (git-fixes).
o packet: reset network header if packet shorter than ll reserved space
(git-fixes).
o packet: validate msg_namelen in send directly (git-fixes).
o packets: Always register packet sk in the same order
(networking-stable-19_03_28).
o pci: Factor out pcie_retrain_link() function (git-fixes).
o pci: Mark AMD Stoney Radeon R7 GPU ATS as broken (bsc#1051510).
o pci: Mark Atheros AR9462 to avoid bus reset (bsc#1051510).
o pci: Work around Pericom pcie-to-pci bridge Retrain Link erratum
(git-fixes).
o pci: endpoint: Use EPC's device in dma_alloc_coherent()/dma_free_coherent()
(git-fixes).
o phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#
1051510).
o platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510).
o platform/x86: dell-rbtn: Add missing #include (bsc#1051510).
o platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510).
o platform/x86: intel_punit_ipc: Revert "Fix resource ioremap warning" (bsc#
1051510).
o platform/x86: pmc_atom: Add Lex 3I380D industrial PC to critclk_systems DMI
table (bsc#1051510).
o platform/x86: pmc_atom: Add several Beckhoff Automation boards to
critclk_systems DMI table (bsc#1051510).
o platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510).
o platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510).
o power: supply: axp20x_usb_power: Fix typo in VBUS current limit macros (bsc
#1051510).
o power: supply: axp288_charger: Fix unchecked return value (bsc#1051510).
o powerpc/eeh: Fix race with driver un/bind (bsc#1065729).
o powerpc/msi: Fix NULL pointer access in teardown code (bsc#1065729).
o powerpc/perf: Fix MMCRA corruption by bhrb_filter (bsc#1053043).
o powerpc/powernv/idle: Restore IAMR after idle (bsc#1065729).
o powerpc/process: Fix sparse address space warnings (bsc#1065729).
o powerpc: Always initialize input array when calling epapr_hypercall() (bsc#
1065729).
o powerpc: Fix HMIs on big-endian with CONFIG_RELOCATABLE=y (bsc#1065729).
o proc/kcore: do not bounds check against address 0 (bsc#1051510).
o proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510).
o proc: revalidate kernel thread inodes to root:root (bsc#1051510).
o ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK
(git-fixes).
o pwm: Fix deadlock warning when removing PWM device (bsc#1051510).
o pwm: meson: Consider 128 a valid pre-divider (bsc#1051510).
o pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510).
o pwm: meson: Use the spin-lock only to protect register modifications (bsc#
1051510).
o pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510).
o qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979).
o qla2xxx: always allocate qla_tgt_wq (bsc#1131451).
o qmi_wwan: add Olicard 600 (bsc#1051510).
o rdma/hns: Fix bug that caused srq creation to fail (bsc#1104427 ).
o rdma/rxe: Consider skb reserve space based on netdev of GID (bsc#1082387,
bsc#1103992).
o regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#
1051510).
o rt2x00: do not increment sequence number while re-transmitting (bsc#
1051510).
o rtc: da9063: set uie_unsupported when relevant (bsc#1051510).
o rtc: sh: Fix invalid alarm warning for non-enabled alarm (bsc#1051510).
o rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510).
o rxrpc: Fix error reception on AF_INET6 sockets (git-fixes).
o rxrpc: Fix transport sockopts to get IPv4 errors on an IPv6 socket
(git-fixes).
o s390/ism: ignore some errors during deregistration (bsc#1129857 LTC#
176247).
o s390/qdio: clear intparm during shutdown (bsc#1134597 LTC#177516).
o sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init()
(bsc#1051510).
o sc16is7xx: move label 'err_spi' to correct section (bsc#1051510).
o sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510).
o scripts: override locale from environment when running recordmcount.pl (bsc
#1134354).
o scsi: qedf: fixup bit operations (bsc#1135542).
o scsi: qedf: fixup locking in qedf_restart_rport() (bsc#1135542).
o scsi: qedf: missing kref_put in qedf_xmit() (bsc#1135542).
o scsi: qla2xxx: Declare local functions 'static' (bsc#1137444).
o scsi: qla2xxx: Fix function argument descriptions (bsc#1118139).
o scsi: qla2xxx: Fix memory corruption during hba reset test (bsc#1118139).
o scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044).
o scsi: qla2xxx: Improve several kernel-doc headers (bsc#1137444).
o scsi: qla2xxx: Introduce a switch/case statement in qlt_xmit_tm_rsp() (bsc#
1137444).
o scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (bsc#
1137444).
o scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes 'res'
(bsc#1137444).
o scsi: qla2xxx: NULL check before some freeing functions is not needed (bsc#
1137444).
o scsi: qla2xxx: Remove a set-but-not-used variable (bsc#1137444).
o scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (bsc#
1137444).
o scsi: qla2xxx: Remove unused symbols (bsc#1118139).
o scsi: qla2xxx: Split the __qla2x00_abort_all_cmds() function (bsc#1137444).
o scsi: qla2xxx: Use %p for printing pointers (bsc#1118139).
o scsi: qla2xxx: fix error message on qla2400 (bsc#1118139).
o scsi: qla2xxx: fix spelling mistake: "existant" -> "existent" (bsc#
1118139).
o scsi: qla2xxx: fully convert to the generic DMA API (bsc#1137444).
o scsi: qla2xxx: fx00 copypaste typo (bsc#1118139).
o scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (bsc#1118139).
o scsi: qla2xxx: use lower_32_bits and upper_32_bits instead of reinventing
them (bsc#1137444).
o sctp: avoid running the sctp state machine recursively
(networking-stable-19_05_04).
o sctp: fix identification of new acks for SFR-CACC (git-fixes).
o sctp: get sctphdr by offset in sctp_compute_cksum
(networking-stable-19_03_28).
o sctp: initialize _pad of sockaddr_in before copying to user memory
(networking-stable-19_04_10).
o sctp: only update outstanding_bytes for transmitted queue when doing
prsctp_prune (git-fixes).
o sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes).
o selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810).
o serial: 8250_pxa: honor the port number from devicetree (bsc#1051510).
o serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510).
o serial: uartps: console_setup() can't be placed to init section (bsc#
1051510).
o signal: Always notice exiting tasks (git-fixes).
o signal: Better detection of synchronous signals (git-fixes).
o signal: Restore the stop PTRACE_EVENT_EXIT (git-fixes).
o smc: move unhash as early as possible in smc_release() (bsc#1129857 LTC#
176247).
o soc/fsl/qe: Fix an error code in qe_pin_request() (bsc#1051510).
o soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#
1051510).
o spi: Micrel eth switch: declare missing of table (bsc#1051510).
o spi: ST ST95HF NFC: declare missing of table (bsc#1051510).
o spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510).
o spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#
1051510).
o spi: bcm2835aux: setup gpio-cs to output and correct level during setup
(bsc#1051510).
o spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#
1051510).
o spi: rspi: Fix sequencer reset during initialization (bsc#1051510).
o ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#
1051510).
o staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#
1051510).
o stm class: Fix an endless loop in channel allocation (bsc#1051510).
o stm class: Fix channel free in stm output free path (bsc#1051510).
o stm class: Prevent division by zero (bsc#1051510).
o stmmac: pci: Adjust IOT2000 matching (networking-stable-19_04_30).
o supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
o supported.conf: Add openvswitch to kernel-default-base (bsc#1124839).
o switchtec: Fix unintended mask of MRPC event (git-fixes).
o tcp: Ensure DCTCP reacts to losses (networking-stable-19_04_10).
o tcp: add tcp_min_snd_mss sysctl (bsc#1137586).
o tcp: do not use ipv6 header for ipv4 flow (networking-stable-19_03_28).
o tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (bsc#1137586).
o tcp: limit payload size of sacked skbs (bsc#1137586).
o tcp: purge write queue in tcp_connect_init() (git-fixes).
o tcp: tcp_fragment() should apply sane memory limits (bsc#1137586).
o tcp: tcp_grow_window() needs to respect tcp_space()
(networking-stable-19_04_19).
o team: fix possible recursive locking when add slaves
(networking-stable-19_04_30).
o team: set slave to promisc if team is already in promisc mode (bsc#
1051510).
o thermal/int340x_thermal: Add additional UUIDs (bsc#1051510).
o thermal/int340x_thermal: fix mode setting (bsc#1051510).
o thermal: cpu_cooling: Actually trace CPU load in
thermal_power_cpu_get_power (bsc#1051510).
o thunderx: eliminate extra calls to put_page() for pages held for recycling
(networking-stable-19_03_28).
o thunderx: enable page recycling for non-XDP case
(networking-stable-19_03_28).
o tipc: fix hanging clients using poll with EPOLLOUT flag (git-fixes).
o tipc: missing entries in name table of publications
(networking-stable-19_04_19).
o tools lib traceevent: Fix missing equality check for strcmp (bsc#1129770).
o tracing: Fix partial reading of trace event's id file (bsc#1136573).
o treewide: Use DEVICE_ATTR_WO (bsc#1137739).
o tty: increase the default flip buffer limit to 2*640K (bsc#1051510).
o tty: pty: Fix race condition between release_one_tty and pty_write (bsc#
1051510).
o tty: serial_core, add ->install (bnc#1129693).
o tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0
(bsc#1051510).
o tun: add a missing rcu_read_unlock() in error path
(networking-stable-19_03_28).
o tun: properly test for IFF_UP (networking-stable-19_03_28).
o uas: fix alignment of scatter/gather segments (bsc#1129770).
o udp: use indirect call wrappers for GRO socket lookup (bsc#1124503).
o ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour (bsc#
1135323).
o usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510).
o usb: cdc-acm: fix unthrottle races (bsc#1051510).
o usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#
1051510).
o usb: core: Fix unterminated string returned by usb_string() (bsc#1051510).
o usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510).
o usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510).
o usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510).
o usb: serial: f81232: fix interrupt worker not stop (bsc#1051510).
o usb: serial: fix unthrottle races (bsc#1051510).
o usb: u132-hcd: fix resource leak (bsc#1051510).
o usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#
1051510).
o usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510).
o usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#
1051510).
o usb: yurex: Fix protection fault after device removal (bsc#1051510).
o userfaultfd: use RCU to free the task struct when fork fails (git-fixes).
o vfio/mdev: Avoid release parent reference during error path (bsc#1051510).
o vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#
1051510).
o vfio/pci: use correct format characters (bsc#1051510).
o vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510).
o vhost/vsock: fix reset orphans race with close timeout (bsc#1051510).
o vhost: reject zero size iova range (networking-stable-19_04_19).
o virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510).
o virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510).
o virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510).
o vrf: check accept_source_route on the original netdevice
(networking-stable-19_04_10).
o vsock/virtio: Initialize core virtio vsock before registering the driver
(bsc#1051510).
o vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510).
o vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#
1051510).
o vsock/virtio: reset connected sockets on device removal (bsc#1051510).
o vt: always call notifier with the console lock held (bsc#1051510).
o vxlan: Do not call gro_cells_destroy() before device is unregistered
(networking-stable-19_03_28).
o x86/speculation/mds: Fix documentation typo (bsc#1135642).
o x86_64: Add gap to int3 to allow for call emulation (bsc#1099658).
o x86_64: Allow breakpoints to emulate call instructions (bsc#1099658).
o xenbus: drop useless LIST_HEAD in xenbus_write_watch() and
xenbus_file_write() (bsc#1065600).
o xfrm6: avoid potential infinite loop in _decode_session6() (git-fixes).
o xfrm6: call kfree_skb when skb is toobig (git-fixes).
o xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes).
o xfrm: Return error on unknown encap_type in init_state (git-fixes).
o xfrm: Validate address prefix lengths in the xfrm selector (git-fixes).
o xfrm: fix 'passing zero to ERR_PTR()' warning (git-fixes).
o xfrm: fix missing dst_release() after policy blocking lbcast and multicast
(git-fixes).
o xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes).
o xfrm: reset crypto_done when iterating over multiple input xfrms
(git-fixes).
o xfrm: reset transport header back to network header after all input
transforms ahave been applied (git-fixes).
o xfrm_user: prevent leaking 2 bytes of kernel memory (git-fixes).
o xfs: add log item pinning error injection tag (bsc#1114427).
o xfs: buffer lru reference count error injection tag (bsc#1114427).
o xfs: check _btree_check_block value (bsc#1123663).
o xfs: convert drop_writes to use the errortag mechanism (bsc#1114427).
o xfs: create block pointer check functions (bsc#1123663).
o xfs: create inode pointer verifiers (bsc#1114427).
o xfs: detect and fix bad summary counts at mount (bsc#1114427).
o xfs: export _inobt_btrec_to_irec and _ialloc_cluster_alignment for scrub
(bsc#1114427).
o xfs: export various function for the online scrubber (bsc#1123663).
o xfs: expose errortag knobs via sysfs (bsc#1114427).
o xfs: fix unused variable warning in xfs_buf_set_ref() (bsc#1114427).
o xfs: force summary counter recalc at next mount (bsc#1114427).
o xfs: kill meaningless variable 'zero' (bsc#1106011).
o xfs: make errortag a per-mountpoint structure (bsc#1123663).
o xfs: move error injection tags into their own file (bsc#1114427).
o xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011).
o xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#
1106011).
o xfs: refactor btree block header checking functions (bsc#1123663).
o xfs: refactor btree pointer checks (bsc#1123663).
o xfs: refactor unmount record write (bsc#1114427).
o xfs: remove unneeded parameter from XFS_TEST_ERROR (bsc#1123663).
o xfs: remove xfs_zero_range (bsc#1106011).
o xfs: rename MAXPATHLEN to XFS_SYMLINK_MAXLEN (bsc#1123663).
o xfs: replace log_badcrc_factor knob with error injection tag (bsc#1114427).
o xfs: sanity-check the unused space before trying to use it (bsc#1123663).
o xfs: serialize unaligned dio writes against all other dio writes (bsc#
1134936).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE Linux Enterprise Workstation Extension 12-SP4:
zypper in -t patch SUSE-SLE-WE-12-SP4-2019-1530=1
o SUSE Linux Enterprise Software Development Kit 12-SP4:
zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-1530=1
o SUSE Linux Enterprise Server 12-SP4:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1530=1
o SUSE Linux Enterprise Live Patching 12-SP4:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2019-1530=1
o SUSE Linux Enterprise High Availability 12-SP4:
zypper in -t patch SUSE-SLE-HA-12-SP4-2019-1530=1
o SUSE Linux Enterprise Desktop 12-SP4:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-1530=1
Package List:
o SUSE Linux Enterprise Workstation Extension 12-SP4 (x86_64):
kernel-default-debuginfo-4.12.14-95.19.1
kernel-default-debugsource-4.12.14-95.19.1
kernel-default-extra-4.12.14-95.19.1
kernel-default-extra-debuginfo-4.12.14-95.19.1
o SUSE Linux Enterprise Software Development Kit 12-SP4 (aarch64 ppc64le
s390x x86_64):
kernel-obs-build-4.12.14-95.19.1
kernel-obs-build-debugsource-4.12.14-95.19.1
o SUSE Linux Enterprise Software Development Kit 12-SP4 (noarch):
kernel-docs-4.12.14-95.19.1
o SUSE Linux Enterprise Server 12-SP4 (aarch64 ppc64le s390x x86_64):
kernel-default-4.12.14-95.19.1
kernel-default-base-4.12.14-95.19.1
kernel-default-base-debuginfo-4.12.14-95.19.1
kernel-default-debuginfo-4.12.14-95.19.1
kernel-default-debugsource-4.12.14-95.19.1
kernel-default-devel-4.12.14-95.19.1
kernel-syms-4.12.14-95.19.1
o SUSE Linux Enterprise Server 12-SP4 (x86_64):
kernel-default-devel-debuginfo-4.12.14-95.19.1
o SUSE Linux Enterprise Server 12-SP4 (noarch):
kernel-devel-4.12.14-95.19.1
kernel-macros-4.12.14-95.19.1
kernel-source-4.12.14-95.19.1
o SUSE Linux Enterprise Server 12-SP4 (s390x):
kernel-default-man-4.12.14-95.19.1
o SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le x86_64):
kgraft-patch-4_12_14-95_19-default-1-6.3.1
o SUSE Linux Enterprise High Availability 12-SP4 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.12.14-95.19.1
cluster-md-kmp-default-debuginfo-4.12.14-95.19.1
dlm-kmp-default-4.12.14-95.19.1
dlm-kmp-default-debuginfo-4.12.14-95.19.1
gfs2-kmp-default-4.12.14-95.19.1
gfs2-kmp-default-debuginfo-4.12.14-95.19.1
kernel-default-debuginfo-4.12.14-95.19.1
kernel-default-debugsource-4.12.14-95.19.1
ocfs2-kmp-default-4.12.14-95.19.1
ocfs2-kmp-default-debuginfo-4.12.14-95.19.1
o SUSE Linux Enterprise Desktop 12-SP4 (x86_64):
kernel-default-4.12.14-95.19.1
kernel-default-debuginfo-4.12.14-95.19.1
kernel-default-debugsource-4.12.14-95.19.1
kernel-default-devel-4.12.14-95.19.1
kernel-default-devel-debuginfo-4.12.14-95.19.1
kernel-default-extra-4.12.14-95.19.1
kernel-default-extra-debuginfo-4.12.14-95.19.1
kernel-syms-4.12.14-95.19.1
o SUSE Linux Enterprise Desktop 12-SP4 (noarch):
kernel-devel-4.12.14-95.19.1
kernel-macros-4.12.14-95.19.1
kernel-source-4.12.14-95.19.1
References:
o https://www.suse.com/security/cve/CVE-2018-7191.html
o https://www.suse.com/security/cve/CVE-2019-10124.html
o https://www.suse.com/security/cve/CVE-2019-11085.html
o https://www.suse.com/security/cve/CVE-2019-11477.html
o https://www.suse.com/security/cve/CVE-2019-11478.html
o https://www.suse.com/security/cve/CVE-2019-11479.html
o https://www.suse.com/security/cve/CVE-2019-11486.html
o https://www.suse.com/security/cve/CVE-2019-11487.html
o https://www.suse.com/security/cve/CVE-2019-11815.html
o https://www.suse.com/security/cve/CVE-2019-11833.html
o https://www.suse.com/security/cve/CVE-2019-11884.html
o https://www.suse.com/security/cve/CVE-2019-12382.html
o https://www.suse.com/security/cve/CVE-2019-3846.html
o https://www.suse.com/security/cve/CVE-2019-5489.html
o https://bugzilla.suse.com/1012382
o https://bugzilla.suse.com/1050242
o https://bugzilla.suse.com/1051510
o https://bugzilla.suse.com/1053043
o https://bugzilla.suse.com/1056787
o https://bugzilla.suse.com/1058115
o https://bugzilla.suse.com/1063638
o https://bugzilla.suse.com/1064802
o https://bugzilla.suse.com/1065600
o https://bugzilla.suse.com/1065729
o https://bugzilla.suse.com/1066129
o https://bugzilla.suse.com/1068546
o https://bugzilla.suse.com/1071995
o https://bugzilla.suse.com/1075020
o https://bugzilla.suse.com/1082387
o https://bugzilla.suse.com/1083647
o https://bugzilla.suse.com/1085535
o https://bugzilla.suse.com/1099658
o https://bugzilla.suse.com/1103992
o https://bugzilla.suse.com/1104353
o https://bugzilla.suse.com/1104427
o https://bugzilla.suse.com/1106011
o https://bugzilla.suse.com/1106284
o https://bugzilla.suse.com/1108838
o https://bugzilla.suse.com/1110946
o https://bugzilla.suse.com/1111696
o https://bugzilla.suse.com/1112063
o https://bugzilla.suse.com/1113722
o https://bugzilla.suse.com/1114427
o https://bugzilla.suse.com/1114893
o https://bugzilla.suse.com/1115688
o https://bugzilla.suse.com/1117158
o https://bugzilla.suse.com/1117561
o https://bugzilla.suse.com/1118139
o https://bugzilla.suse.com/1119843
o https://bugzilla.suse.com/1120091
o https://bugzilla.suse.com/1120423
o https://bugzilla.suse.com/1120566
o https://bugzilla.suse.com/1120843
o https://bugzilla.suse.com/1120902
o https://bugzilla.suse.com/1122776
o https://bugzilla.suse.com/1123454
o https://bugzilla.suse.com/1123663
o https://bugzilla.suse.com/1124503
o https://bugzilla.suse.com/1124839
o https://bugzilla.suse.com/1126356
o https://bugzilla.suse.com/1127616
o https://bugzilla.suse.com/1128052
o https://bugzilla.suse.com/1128904
o https://bugzilla.suse.com/1128905
o https://bugzilla.suse.com/1128979
o https://bugzilla.suse.com/1129138
o https://bugzilla.suse.com/1129497
o https://bugzilla.suse.com/1129693
o https://bugzilla.suse.com/1129770
o https://bugzilla.suse.com/1129848
o https://bugzilla.suse.com/1129857
o https://bugzilla.suse.com/1130409
o https://bugzilla.suse.com/1130699
o https://bugzilla.suse.com/1130972
o https://bugzilla.suse.com/1131451
o https://bugzilla.suse.com/1131488
o https://bugzilla.suse.com/1131565
o https://bugzilla.suse.com/1131673
o https://bugzilla.suse.com/1132044
o https://bugzilla.suse.com/1132894
o https://bugzilla.suse.com/1133176
o https://bugzilla.suse.com/1133188
o https://bugzilla.suse.com/1133190
o https://bugzilla.suse.com/1133320
o https://bugzilla.suse.com/1133612
o https://bugzilla.suse.com/1133616
o https://bugzilla.suse.com/1134160
o https://bugzilla.suse.com/1134162
o https://bugzilla.suse.com/1134199
o https://bugzilla.suse.com/1134200
o https://bugzilla.suse.com/1134201
o https://bugzilla.suse.com/1134202
o https://bugzilla.suse.com/1134203
o https://bugzilla.suse.com/1134204
o https://bugzilla.suse.com/1134205
o https://bugzilla.suse.com/1134354
o https://bugzilla.suse.com/1134393
o https://bugzilla.suse.com/1134459
o https://bugzilla.suse.com/1134460
o https://bugzilla.suse.com/1134461
o https://bugzilla.suse.com/1134537
o https://bugzilla.suse.com/1134591
o https://bugzilla.suse.com/1134597
o https://bugzilla.suse.com/1134607
o https://bugzilla.suse.com/1134651
o https://bugzilla.suse.com/1134671
o https://bugzilla.suse.com/1134760
o https://bugzilla.suse.com/1134806
o https://bugzilla.suse.com/1134810
o https://bugzilla.suse.com/1134813
o https://bugzilla.suse.com/1134848
o https://bugzilla.suse.com/1134936
o https://bugzilla.suse.com/1135006
o https://bugzilla.suse.com/1135007
o https://bugzilla.suse.com/1135008
o https://bugzilla.suse.com/1135056
o https://bugzilla.suse.com/1135100
o https://bugzilla.suse.com/1135120
o https://bugzilla.suse.com/1135278
o https://bugzilla.suse.com/1135281
o https://bugzilla.suse.com/1135309
o https://bugzilla.suse.com/1135312
o https://bugzilla.suse.com/1135314
o https://bugzilla.suse.com/1135315
o https://bugzilla.suse.com/1135316
o https://bugzilla.suse.com/1135320
o https://bugzilla.suse.com/1135323
o https://bugzilla.suse.com/1135330
o https://bugzilla.suse.com/1135492
o https://bugzilla.suse.com/1135542
o https://bugzilla.suse.com/1135556
o https://bugzilla.suse.com/1135603
o https://bugzilla.suse.com/1135642
o https://bugzilla.suse.com/1135661
o https://bugzilla.suse.com/1135758
o https://bugzilla.suse.com/1136206
o https://bugzilla.suse.com/1136424
o https://bugzilla.suse.com/1136428
o https://bugzilla.suse.com/1136430
o https://bugzilla.suse.com/1136432
o https://bugzilla.suse.com/1136434
o https://bugzilla.suse.com/1136435
o https://bugzilla.suse.com/1136438
o https://bugzilla.suse.com/1136439
o https://bugzilla.suse.com/1136477
o https://bugzilla.suse.com/1136478
o https://bugzilla.suse.com/1136573
o https://bugzilla.suse.com/1136586
o https://bugzilla.suse.com/1136881
o https://bugzilla.suse.com/1136935
o https://bugzilla.suse.com/1136990
o https://bugzilla.suse.com/1137151
o https://bugzilla.suse.com/1137152
o https://bugzilla.suse.com/1137153
o https://bugzilla.suse.com/1137162
o https://bugzilla.suse.com/1137372
o https://bugzilla.suse.com/1137444
o https://bugzilla.suse.com/1137586
o https://bugzilla.suse.com/1137739
o https://bugzilla.suse.com/1137752
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXQg6oGaOgq3Tt24GAQhZzA//QY75+zS4IiYUieL/iqhpUp4d5TVqnSXO
cG1a0xkOuce6bk/iTmULBrZIBEhJW23Cwxl7V5WZFNFLR4ERwo5QWuvQ0Z3NqVg7
OChg3nEV2M8AC8oLZuN8VfUvEq1LrZCtWUVjbYjmXy6I9E4r+xZqfGARg2dmBnZA
NWkXV9umIF3TwTCUjeUwaiJ3fFScO2/aj9wdmPvpHnTfGOahq+88SzVLGDA3aO9I
Ct0zF6LfodlnTvM3s95HtxpqSGl+bywTOMsAnS1ues2hl+W/3A2IWfaDhLu2hQqr
OABEOetfef4AEIAOog2FoNSsYxWyKHyZp9m/aLKX5vZB6aMCMgAkCALrd0FxgdSs
zPoHsJ9Bq9DNU85i5/zP33EZE5e2ks2FMC2v5qgdU6jeNg6hvZgu8FiT1x4x+ijr
yjvQSTHRg0/0ICZFiqt1cOw5KnZpNVgXuO394fdsoomx9qjslx+KJuBW56H3xYGq
F6yydEGBz7xh/ew7TG0nJwlFT6n0cmK27Jt84+RsCMTWBu995ev0XAB5iC1XhG+f
SG2CmgWABLuxWOhgd2mPBy9XvCl2OTEZDrgOsp+M1t5DXmCwlIh8Jf+X+g0aaifr
NG54YBXmCR/8r3PSvfbR0O3l8/1shHyJQ0pLipNnzAuph0VJq/cwh6N1ojaUq2ZG
aLj6HOlmdPQ=
=M5kk
-----END PGP SIGNATURE-----