Security update for the Linux Kernel

Announcement ID: SUSE-SU-2020:3713-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2020-15436 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-15436 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-15437 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-15437 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-25668 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-25668 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-25669 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-25669 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-25704 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-25704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-27777 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-27777 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-28368 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-28368 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-28915 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
  • CVE-2020-28915 ( NVD ): 5.8 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H
  • CVE-2020-28941 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-28941 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2020-28974 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
  • CVE-2020-28974 ( NVD ): 5.0 CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
  • CVE-2020-29369 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-29369 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-29371 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
  • CVE-2020-29371 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2020-4788 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-4788 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-8694 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-8694 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • CVE-2020-8695 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-8695 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
  • Public Cloud Module 15-SP2
  • SUSE Linux Enterprise High Performance Computing 15 SP2
  • SUSE Linux Enterprise Server 15 SP2
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2
  • SUSE Manager Proxy 4.1
  • SUSE Manager Retail Branch Server 4.1
  • SUSE Manager Server 4.1

An update that solves 15 vulnerabilities, contains one feature and has 71 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141).
  • CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service(bsc#1179140).
  • CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op (bsc#1178123).
  • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182).
  • CVE-2020-25704: Fixed a leak in perf_event_parse_addr_filter() (bsc#1178393).
  • CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
  • CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886).
  • CVE-2020-28941: Fixed an issue where local attackers on systems with the speakup driver could cause a local denial of service attack (bsc#1178740).
  • CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589).
  • CVE-2020-29371: Fixed uninitialized memory leaks to userspace (bsc#1179429).
  • CVE-2020-4788: Fixed an issue with IBM Power9 processors could have allowed a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances (bsc#1177666).
  • CVE-2020-8694, CVE-2020-8695: Fixed an insufficient access control in the Linux kernel driver for some Intel(R) Processors which might have allowed an authenticated user to potentially enable information disclosure via local access (bsc#1170415 bsc#1170446)
  • CVE-2020-28368: Fixed Intel RAPL sidechannel attack aka PLATYPUS attack (XSA-351 bsc#1178591).
  • CVE-2020-29369: Fixed a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe (bnc#1173504 bsc#1179432).

The following non-security bugs were fixed:

  • 9P: Cast to loff_t before multiplying (git-fixes).
  • ACPI: button: Add DMI quirk for Medion Akoya E2228T (git-fixes).
  • ACPICA: Add NHLT table signature (bsc#1176200).
  • ACPI: dock: fix enum-conversion warning (git-fixes).
  • ACPI / extlog: Check for RDMSR failure (git-fixes).
  • ACPI: GED: fix -Wformat (git-fixes).
  • ACPI: NFIT: Fix comparison to '-ENXIO' (git-fixes).
  • ACPI: video: use ACPI backlight for HP 635 Notebook (git-fixes).
  • Add bug reference to two hv_netvsc patches (bsc#1178853).
  • ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
  • ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).
  • ALSA: fix kernel-doc markups (git-fixes).
  • ALSA: hda: fix jack detection with Realtek codecs when in D3 (git-fixes).
  • ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link() (git-fixes).
  • ALSA: hda/realtek: Add some Clove SSID in the ALC293(ALC1220) (git-fixes).
  • ALSA: hda/realtek - Add supported for Lenovo ThinkPad Headset Button (git-fixes).
  • ALSA: hda/realtek - Add supported mute Led for HP (git-fixes).
  • ALSA: hda/realtek - Enable headphone for ASUS TM420 (git-fixes).
  • ALSA: hda/realtek - Fixed HP headset Mic can't be detected (git-fixes).
  • ALSA: hda/realtek - HP Headset Mic can't detect after boot (git-fixes).
  • ALSA: hda: Reinstate runtime_allow() for all hda controllers (git-fixes).
  • ALSA: mixart: Fix mutex deadlock (git-fixes).
  • ALSA: usb-audio: Add delay quirk for all Logitech USB devices (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for MODX (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (git-fixes).
  • ALSA: usb-audio: Add implicit feedback quirk for Zoom UAC-2 (git-fixes).
  • ALSA: usb-audio: add usb vendor id as DSD-capable for Khadas devices (git-fixes).
  • arm64: bpf: Fix branch offset in JIT (git-fixes).
  • arm64: dts: allwinner: a64: bananapi-m64: Enable RGMII RX/TX delay on PHY (git-fixes).
  • arm64: dts: allwinner: a64: OrangePi Win: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: a64: Pine64 Plus: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: beelink-gs1: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi PC2: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: h5: OrangePi Prime: Fix ethernet node (git-fixes).
  • arm64: dts: allwinner: Pine H64: Enable both RGMII RX/TX delay (git-fixes).
  • arm64: dts: fsl: DPAA FMan DMA operations are coherent (git-fixes).
  • arm64: dts: imx8mm: fix voltage for 1.6GHz CPU operating point (git-fixes).
  • arm64: dts: imx8mq: Add missing interrupts to GPC (git-fixes).
  • arm64: dts: imx8mq: Fix TMU interrupt property (git-fixes).
  • arm64: dts: zynqmp: Remove additional compatible string for i2c IPs (git-fixes).
  • arm64: kprobe: add checks for ARMv8.3-PAuth combined instructions (git-fixes).
  • arm64: Run ARCH_WORKAROUND_1 enabling code on all CPUs (git-fixes).
  • arm64: Run ARCH_WORKAROUND_2 enabling code on all CPUs (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra186 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra194 SDMMC nodes (git-fixes).
  • arm64: tegra: Add missing timeout clock to Tegra210 SDMMC (git-fixes).
  • arm64: vdso: Add '-Bsymbolic' to ldflags (git-fixes).
  • arm64: vdso: Add --eh-frame-hdr to ldflags (git-fixes).
  • ASoC: codecs: wcd9335: Set digital gain range correctly (git-fixes).
  • ASoC: cs42l51: manage mclk shutdown delay (git-fixes).
  • ASoC: Intel: kbl_rt5663_max98927: Fix kabylake_ssp_fixup function (git-fixes).
  • ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
  • ASoC: qcom: sdm845: set driver name correctly (git-fixes).
  • ath10k: fix VHT NSS calculation when STBC is enabled (git-fixes).
  • ath10k: start recovery process when payload length exceeds max htc length for sdio (git-fixes).
  • batman-adv: set .owner to THIS_MODULE (git-fixes).
  • bnxt_en: Avoid sending firmware messages when AER error is detected (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Check abort error state in bnxt_open_nic() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Fix NULL ptr dereference crash in bnxt_fw_reset_task() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Fix regression in workqueue cleanup logic in bnxt_remove_one() (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: Invoke cancel_delayed_work_sync() for PFs also (jsc#SLE-8371 bsc#1153274).
  • bnxt_en: return proper error codes in bnxt_show_temp (git-fixes).
  • bnxt_en: Send HWRM_FUNC_RESET fw command unconditionally (jsc#SLE-8371 bsc#1153274).
  • bpf: Do not rely on GCC attribute((optimize)) to disable GCSE (bsc#1155518).
  • bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1155518).
  • bpf: Zero-fill re-used per-cpu map element (bsc#1155518).
  • btrfs: Account for merged patches upstream Move below patches to sorted section.
  • btrfs: cleanup cow block on error (bsc#1178584).
  • btrfs: fix bytes_may_use underflow in prealloc error condtition (bsc#1179217).
  • btrfs: fix metadata reservation for fallocate that leads to transaction aborts (bsc#1179217).
  • btrfs: fix relocation failure due to race with fallocate (bsc#1179217).
  • btrfs: remove item_size member of struct btrfs_clone_extent_info (bsc#1179217).
  • btrfs: rename btrfs_insert_clone_extent() to a more generic name (bsc#1179217).
  • btrfs: rename btrfs_punch_hole_range() to a more generic name (bsc#1179217).
  • btrfs: rename struct btrfs_clone_extent_info to a more generic name (bsc#1179217).
  • btrfs: reschedule if necessary when logging directory items (bsc#1178585).
  • btrfs: send, orphanize first all conflicting inodes when processing references (bsc#1178579).
  • btrfs: send, recompute reference path after orphanization of a directory (bsc#1178581).
  • can: af_can: prevent potential access of uninitialized member in canfd_rcv() (git-fixes).
  • can: af_can: prevent potential access of uninitialized member in can_rcv() (git-fixes).
  • can: can_create_echo_skb(): fix echo skb generation: always use skb_clone() (git-fixes).
  • can: dev: __can_get_echo_skb(): fix real payload length return value for RTR frames (git-fixes).
  • can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context (git-fixes).
  • can: dev: can_restart(): post buffer from the right context (git-fixes).
  • can: flexcan: flexcan_remove(): disable wakeup completely (git-fixes).
  • can: flexcan: flexcan_setup_stop_mode(): add missing "req_bit" to stop mode property comment (git-fixes).
  • can: flexcan: remove FLEXCAN_QUIRK_DISABLE_MECR quirk for LS1021A (git-fixes).
  • can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
  • can: kvaser_usb: kvaser_usb_hydra: Fix KCAN bittiming limits (git-fixes).
  • can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
  • can: m_can: m_can_handle_state_change(): fix state change (git-fixes).
  • can: m_can: m_can_stop(): set device to software init mode before closing (git-fixes).
  • can: mcba_usb: mcba_usb_start_xmit(): first fill skb, then pass to can_put_echo_skb() (git-fixes).
  • can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is on (git-fixes).
  • can: peak_usb: add range checking in decode operations (git-fixes).
  • can: peak_usb: fix potential integer overflow on shift of a int (git-fixes).
  • can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping (git-fixes).
  • can: rx-offload: do not call kfree_skb() from IRQ context (git-fixes).
  • ceph: add check_session_state() helper and make it global (bsc#1179012).
  • ceph: check session state after bumping session->s_seq (bsc#1179012).
  • ceph: check the sesion state and return false in case it is closed (bsc#1179012).
  • ceph: downgrade warning from mdsmap decode to debug (bsc#1178653).
  • ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
  • cfg80211: initialize wdev data earlier (git-fixes).
  • cfg80211: regulatory: Fix inconsistent format argument (git-fixes).
  • cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
  • cifs: remove bogus debug code (bsc#1179427).
  • cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
  • clk: define to_clk_regmap() as inline function (git-fixes).
  • Convert trailing spaces and periods in path components (bsc#1179424).
  • cosa: Add missing kfree in error path of cosa_write (git-fixes).
  • dax: fix detection of dax support for non-persistent memory block devices (bsc#1171073).
  • dax: Fix stack overflow when mounting fsdax pmem device (bsc#1171073).
  • Delete patches.suse/fs-select.c-batch-user-writes-in-do_sys_poll.patch (bsc#1179419)
  • devlink: Make sure devlink instance and port are in same net namespace (bsc#1154353).
  • docs: ABI: sysfs-c2port: remove a duplicated entry (git-fixes).
  • Documentation/admin-guide/module-signing.rst: add openssl command option example for CodeSign EKU (bsc#1177353, bsc#1179076).
  • Do not create null.i000.ipa-clones file (bsc#1178330) Kbuild cc-option compiles /dev/null file to test for an option availability. Filter out -fdump-ipa-clones so that null.i000.ipa-clones file is not generated in the process.
  • drbd: code cleanup by using sendpage_ok() to check page for kernel_sendpage() (bsc#1172873).
  • drivers/net/ethernet: remove incorrectly formatted doc (bsc#1177397).
  • drivers: watchdog: rdc321x_wdt: Fix race condition bugs (git-fixes).
  • Drop sysctl files for dropped archs, add ppc64le and arm (bsc#1178838). Also correct the page size on ppc64.
  • EDAC/amd64: Cache secondary Chip Select registers (bsc#1179001).
  • EDAC/amd64: Find Chip Select memory size using Address Mask (bsc#1179001).
  • EDAC/amd64: Gather hardware information early (bsc#1179001).
  • EDAC/amd64: Initialize DIMM info for systems with more than two channels (bsc#1179001).
  • EDAC/amd64: Make struct amd64_family_type global (bsc#1179001).
  • EDAC/amd64: Save max number of controllers to family type (bsc#1179001).
  • EDAC/amd64: Support asymmetric dual-rank DIMMs (bsc#1179001).
  • efi: add missed destroy_workqueue when efisubsys_init fails (git-fixes).
  • efi: efibc: check for efivars write capability (git-fixes).
  • efi: EFI_EARLYCON should depend on EFI (git-fixes).
  • efi/efivars: Set generic ops before loading SSDT (git-fixes).
  • efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).
  • efi/libstub/x86: Work around LLVM ELF quirk build regression (git-fixes).
  • efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
  • efivarfs: fix memory leak in efivarfs_create() (git-fixes).
  • efivarfs: revert "fix memory leak in efivarfs_create()" (git-fixes).
  • efi/x86: Align GUIDs to their size in the mixed mode runtime wrapper (git-fixes).
  • efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
  • efi/x86: Fix the deletion of variables in mixed mode (git-fixes).
  • efi/x86: Free efi_pgd with free_pages() (git-fixes).
  • efi/x86: Handle by-ref arguments covering multiple pages in mixed mode (git-fixes).
  • efi/x86: Ignore the memory attributes table on i386 (git-fixes).
  • efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
  • exfat: fix name_hash computation on big endian systems (git-fixes).
  • exfat: fix overflow issue in exfat_cluster_to_sector() (git-fixes).
  • exfat: fix possible memory leak in exfat_find() (git-fixes).
  • exfat: fix use of uninitialized spinlock on error path (git-fixes).
  • exfat: fix wrong hint_stat initialization in exfat_find_dir_entry() (git-fixes).
  • fbdev, newport_con: Move FONT_EXTRA_WORDS macros into linux/font.h (git-fixes).
  • Fix wrongly set CONFIG_SOUNDWIRE=y (bsc#1179201) CONFIG_SOUNDWIRE was mistakenly set as built-in. Mark it as module.
  • ftrace: Fix recursion check for NMI test (git-fixes).
  • ftrace: Handle tracing when switching between context (git-fixes).
  • futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#1149032).
  • futex: Handle transient "ownerless" rtmutex state correctly (bsc#1149032).
  • gpio: pcie-idio-24: Enable PEX8311 interrupts (git-fixes).
  • gpio: pcie-idio-24: Fix IRQ Enable Register value (git-fixes).
  • gpio: pcie-idio-24: Fix irq mask when masking (git-fixes).
  • HID: logitech-dj: Fix an error in mse_bluetooth_descriptor (git-fixes).
  • HID: logitech-dj: Fix Dinovo Mini when paired with a MX5x00 receiver (git-fixes).
  • HID: logitech-dj: Handle quad/bluetooth keyboards with a builtin trackpad (git-fixes).
  • HID: logitech-hidpp: Add PID for MX Anywhere 2 (git-fixes).
  • hv_balloon: disable warning when floor reached (git-fixes).
  • hv: clocksource: Add notrace attribute to read_hv_sched_clock_*() functions (git-fixes).
  • hv_netvsc: Add XDP support (bsc#1177820).
  • hv_netvsc: Fix XDP refcnt for synthetic and VF NICs (bsc#1177820).
  • hv_netvsc: make recording RSS hash depend on feature flag (bsc#1177820).
  • hv_netvsc: record hardware hash in skb (bsc#1177820).
  • hwmon: (pwm-fan) Fix RPM calculation (git-fixes).
  • hyperv_fb: Update screen_info after removing old framebuffer (bsc#1175306).
  • i2c: mediatek: move dma reset before i2c reset (git-fixes).
  • i2c: sh_mobile: implement atomic transfers (git-fixes).
  • igc: Fix not considering the TX delay for timestamps (bsc#1160634).
  • igc: Fix wrong timestamp latency numbers (bsc#1160634).
  • iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
  • iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).
  • iio: adc: mediatek: fix unset field (git-fixes).
  • iio: light: fix kconfig dependency bug for VCNL4035 (git-fixes).
  • Input: adxl34x - clean up a data type in adxl34x_probe() (git-fixes).
  • Input: resistive-adc-touch - fix kconfig dependency on IIO_BUFFER (git-fixes).
  • intel_idle: Customize IceLake server support (bsc#1178286).
  • ionic: check port ptr before use (bsc#1167773).
  • iwlwifi: mvm: write queue_sync_state only for sync (git-fixes).
  • kABI: revert use_mm name change (MM Functionality, bsc#1178426).
  • kABI workaround for HD-audio (git-fixes).
  • kernel: better document the use_mm/unuse_mm API contract (MM Functionality, bsc#1178426).
  • kernel-{binary,source}.spec.in: do not create loop symlinks (bsc#1179082)
  • kernel-source.spec: Fix build with rpm 4.16 (boo#1179015). RPM_BUILD_ROOT is cleared before %%install. Do the unpack into RPM_BUILD_ROOT in %%install
  • kernel/watchdog: fix watchdog_allowed_mask not used warning (git-fixes).
  • kgdb: Fix spurious true from in_dbg_master() (git-fixes).
  • kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (git-fixes).
  • KVM: arm64: ARM_SMCCC_ARCH_WORKAROUND_1 does not return SMCCC_RET_NOT_REQUIRED (git-fixes).
  • lan743x: fix "BUG: invalid wait context" when setting rx mode (git-fixes).
  • lan743x: fix issue causing intermittent kernel log warnings (git-fixes).
  • lan743x: prevent entire kernel HANG on open, for some platforms (git-fixes).
  • leds: bcm6328, bcm6358: use devres LED registering function (git-fixes).
  • libbpf, hashmap: Fix undefined behavior in hash_bits (bsc#1155518).
  • libceph: use sendpage_ok() in ceph_tcp_sendpage() (bsc#1172873).
  • lib/crc32test: remove extra local_irq_disable/enable (git-fixes).
  • libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
  • lib/strncpy_from_user.c: Mask out bytes after NUL terminator (bsc#1155518).
  • mac80211: always wind down STA state (git-fixes).
  • mac80211: fix use of skb payload instead of header (git-fixes).
  • mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
  • mac80211: minstrel: fix tx status processing corner case (git-fixes).
  • mac80211: minstrel: remove deferred sampling code (git-fixes).
  • media: imx274: fix frame interval handling (git-fixes).
  • media: platform: Improve queue set up flow for bug fixing (git-fixes).
  • media: tw5864: check status of tw5864_frameinterval_get (git-fixes).
  • media: uvcvideo: Fix dereference of out-of-bound list iterator (git-fixes).
  • media: uvcvideo: Fix uvc_ctrl_fixup_xu_info() not having any effect (git-fixes).
  • mei: protect mei_cl_mtu from null dereference (git-fixes).
  • memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (bsc#1177703).
  • mfd: sprd: Add wakeup capability for PMIC IRQ (git-fixes).
  • mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove (git-fixes).
  • mmc: sdhci-of-esdhc: Handle pulse width detection erratum for more SoCs (git-fixes).
  • mmc: sdhci-pci: Prefer SDR25 timing for High Speed mode for BYT-based Intel controllers (git-fixes).
  • mm: fix exec activate_mm vs TLB shootdown and lazy tlb switching race (MM Functionality, bsc#1178426).
  • mm: fix kthread_use_mm() vs TLB invalidate (MM Functionality, bsc#1178426).
  • mm/gup: allow FOLL_FORCE for get_user_pages_fast() (git fixes (mm/gup)).
  • mm/gup: fix gup_fast with dynamic page table folding (bnc#1176586, LTC#188235).
  • mm/ksm: fix NULL pointer dereference when KSM zero page is enabled (git fixes (mm/ksm)).
  • mm, memcg: fix inconsistent oom event behavior (bsc#1178659).
  • mm/memcg: fix refcount error while moving and swapping (bsc#1178686).
  • mm/memcontrol.c: add missed css_put() (bsc#1178661).
  • mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (git fixes (mm/mempolicy)).
  • mm/swapfile.c: fix potential memory leak in sys_swapon (git-fixes).
  • mm: swap: make page_evictable() inline (git fixes (mm/vmscan)).
  • mm: swap: use smp_mb__after_atomic() to order LRU bit set (git fixes (mm/vmscan)).
  • mm, THP, swap: fix allocating cluster for swapfile by mistake (bsc#1178755).
  • modsign: Add codeSigning EKU when generating X.509 key generation config (bsc#1177353, bsc#1179076).
  • net: add WARN_ONCE in kernel_sendpage() for improper zero-copy send (bsc#1172873).
  • net: ena: Capitalize all log strings and improve code readability (bsc#1177397).
  • net: ena: Change license into format to SPDX in all files (bsc#1177397).
  • net: ena: Change log message to net