Security update for the Linux Kernel

Announcement ID: SUSE-SU-2020:0667-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2019-14895 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-14895 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-14895 ( NVD ): 8.0 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-16746 ( SUSE ): 7.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • CVE-2019-16746 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2020-2732 ( SUSE ): 3.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N
  • CVE-2020-2732 ( NVD ): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2020-8428 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2020-8428 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2020-8648 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
  • CVE-2020-8648 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
  • CVE-2020-8992 ( SUSE ): 2.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
  • CVE-2020-8992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Real Time 12 SP5
  • SUSE Linux Enterprise Server 12 SP5

An update that solves six vulnerabilities and has 102 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12-SP5 kernel-RT was updated to 4.12.14 to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-8992: Fixed an issue in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069).
  • CVE-2020-8648: Fixed a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928).
  • CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).
  • CVE-2019-16746: There was an issue in net/wireless/nl80211.c where the kernel did not check the length of variable elements in a beacon head, leading to a buffer overflow (bsc#1152107).
  • CVE-2020-8428: There was a use-after-free bug in fs/namei.c, which allowed local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9 (bsc#1162109).
  • CVE-2019-14895: Fixed a heap-based buffer overflow in Marvell WiFi chip driver which could have led to denial of service or possibly execute arbitrary code (bsc#1157042).

The following non-security bugs were fixed:

  • 6pack,mkiss: fix possible deadlock (bsc#1051510).
  • ACPI / APEI: Switch estatus pool to use vmalloc memory (bsc#1051510).
  • ACPI: fix acpi_find_child_device() invocation in acpi_preset_companion() (bsc#1051510).
  • ACPI: PM: Avoid attaching ACPI PM domain to certain devices (bsc#1051510).
  • ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510).
  • ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards (bsc#1051510).
  • ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557).
  • ACPI / watchdog: Fix init failure with overlapping register regions (bsc#1162557).
  • ACPI / watchdog: Set default timeout in probe (bsc#1162557).
  • af_packet: set defaule value for tmo (bsc#1051510).
  • ALSA: control: remove useless assignment in .info callback of PCM chmap element (git-fixes).
  • ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666).
  • ALSA: hda: Add Clevo W65_67SB the power_save blacklist (git-fixes).
  • ALSA: hda - Add docking station support for Lenovo Thinkpad T420s (git-fixes).
  • ALSA: hda: Add JasperLake PCI ID and codec vid (bsc#1111666).
  • ALSA: hda/analog - Minor optimization for SPDIF mux connections (git-fixes).
  • ALSA: hda: Clear RIRB status before reading WP (bsc#1111666).
  • ALSA: hda - constify and cleanup static NodeID tables (bsc#1111666).
  • ALSA: hda: constify copied structure (bsc#1111666).
  • ALSA: hda: Constify snd_kcontrol_new items (bsc#1111666).
  • ALSA: hda: Constify snd_pci_quirk tables (bsc#1111666).
  • ALSA: hda: correct kernel-doc parameter descriptions (bsc#1111666).
  • ALSA: hda/hdmi - add retry logic to parse_intel_hdmi() (git-fixes).
  • ALSA: hda: hdmi - add Tigerlake support (bsc#1111666).
  • ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks (bsc#1111666).
  • ALSA: hda: hdmi - fix pin setup on Tigerlake (bsc#1111666).
  • ALSA: hda: More constifications (bsc#1111666).
  • ALSA: hda: patch_hdmi: remove warnings with empty body (bsc#1111666).
  • ALSA: hda: patch_realtek: fix empty macro usage in if block (bsc#1111666).
  • ALSA: hda/realtek - Add Headset Mic supported for HP cPC (bsc#1111666).
  • ALSA: hda/realtek - Apply mic mute LED quirk for Dell E7xx laptops, too (bsc#1111666).
  • ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported (bsc#1111666).
  • ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes).
  • ALSA: hda/realtek - More constifications (bsc#1111666).
  • ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666).
  • ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs (git-fixes).
  • ALSA: seq: Avoid concurrent access to queue flags (git-fixes).
  • ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes).
  • ALSA: sh: Fix compile warning wrt const (git-fixes).
  • ALSA: sh: Fix unused variable warnings (bsc#1111666).
  • ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes).
  • ALSA: usb-audio: Fix endianess in descriptor validation (bsc#1111666).
  • arm64: Revert support for execute-only user mappings (bsc#1160218).
  • ASoC: cs4349: Use PM ops 'cs4349_runtime_pm' (bsc#1051510).
  • ASoC: msm8916-wcd-analog: Fix selected events for MIC BIAS External1 (bsc#1051510).
  • ASoC: sun8i-codec: Fix setting DAI data format (git-fixes).
  • ata: ahci: Add shutdown to freeze hardware resources of ahci (bsc#1164388).
  • ath10k: Correct the DMA direction for management tx buffers (bsc#1111666).
  • ath10k: pci: Fix comment on ath10k_pci_dump_memory_sram (bsc#1111666).
  • ath10k: pci: Only dump ATH10K_MEM_REGION_TYPE_IOREG when safe (bsc#1111666).
  • ath9k: fix storage endpoint lookup (git-fixes).
  • batman-adv: Fix DAT candidate selection on little endian systems (bsc#1051510).
  • bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front() (bsc#1163762).
  • bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front() (bsc#1163762).
  • bcache: add code comments for state->pool in __btree_sort() (bsc#1163762).
  • bcache: add code comments for state->pool in __btree_sort() (bsc#1163762).
  • bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).
  • bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762).
  • bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).
  • bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762).
  • bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).
  • bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762).
  • bcache: add more accurate error messages in read_super() (bsc#1163762).
  • bcache: add more accurate error messages in read_super() (bsc#1163762).
  • bcache: add readahead cache policy options via sysfs interface (bsc#1163762).
  • bcache: add readahead cache policy options via sysfs interface (bsc#1163762).
  • bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).
  • bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762).
  • bcache: avoid unnecessary btree nodes flushing in btree_flush_write() (bsc#1163762).
  • bcache: avoid unnecessary btree nodes flushing in btree_flush_write() (bsc#1163762).
  • bcache: check return value of prio_read() (bsc#1163762).
  • bcache: check return value of prio_read() (bsc#1163762).
  • bcache: deleted code comments for dead code in bch_data_insert_keys() (bsc#1163762).
  • bcache: deleted code comments for dead code in bch_data_insert_keys() (bsc#1163762).
  • bcache: do not export symbols (bsc#1163762).
  • bcache: do not export symbols (bsc#1163762).
  • bcache: explicity type cast in bset_bkey_last() (bsc#1163762).
  • bcache: explicity type cast in bset_bkey_last() (bsc#1163762).
  • bcache: fix a lost wake-up problem caused by mca_cannibalize_lock (bsc#1163762).
  • bcache: fix a lost wake-up problem caused by mca_cannibalize_lock (bsc#1163762).
  • bcache: Fix an error code in bch_dump_read() (bsc#1163762).
  • bcache: Fix an error code in bch_dump_read() (bsc#1163762).
  • bcache: fix deadlock in bcache_allocator (bsc#1163762).
  • bcache: fix deadlock in bcache_allocator (bsc#1163762).
  • bcache: fix incorrect data type usage in btree_flush_write() (bsc#1163762).
  • bcache: fix incorrect data type usage in btree_flush_write() (bsc#1163762).
  • bcache: fix memory corruption in bch_cache_accounting_clear() (bsc#1163762).
  • bcache: fix memory corruption in bch_cache_accounting_clear() (bsc#1163762).
  • bcache: fix static checker warning in bcache_device_free() (bsc#1163762).
  • bcache: fix static checker warning in bcache_device_free() (bsc#1163762).
  • bcache: ignore pending signals when creating gc and allocator thread (bsc#1163762, bsc#1112504).
  • bcache: ignore pending signals when creating gc and allocator thread (bsc#1163762, bsc#1112504).
  • bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).
  • bcache: print written and keys in trace_bcache_btree_write (bsc#1163762).
  • bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan() (bsc#1163762).
  • bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan() (bsc#1163762).
  • bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762).
  • bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762).
  • bcache: remove macro nr_to_fifo_front() (bsc#1163762).
  • bcache: remove macro nr_to_fifo_front() (bsc#1163762).
  • bcache: remove member accessed from struct btree (bsc#1163762).
  • bcache: remove member accessed from struct btree (bsc#1163762).
  • bcache: remove the extra cflags for request.o (bsc#1163762).
  • bcache: remove the extra cflags for request.o (bsc#1163762).
  • bcache: Revert "bcache: shrink btree node cache after bch_btree_check()" (bsc#1163762, bsc#1112504).
  • bcache: Revert "bcache: shrink btree node cache after bch_btree_check()" (bsc#1163762, bsc#1112504).
  • bcma: remove set but not used variable 'sizel' (git-fixes).
  • blk-mq: avoid sysfs buffer overflow with too many CPU cores (bsc#1163840).
  • blk-mq: make sure that line break can be printed (bsc#1164098).
  • Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510).
  • bonding: fix potential NULL deref in bond_update_slave_arr (bsc#1051510).
  • bonding: fix unexpected IFF_BONDING bit unset (bsc#1051510).
  • brcmfmac: fix interface sanity check (git-fixes).
  • brcmfmac: Fix memory leak in brcmf_p2p_create_p2pdev() (bsc#1111666).
  • brcmfmac: Fix memory leak in brcmf_usbdev_qinit (git-fixes).
  • brcmfmac: Fix use after free in brcmf_sdio_readframes() (git-fixes).
  • brcmfmac: sdio: Fix OOB interrupt initialization on brcm43362 (bsc#1111666).
  • btrfs: abort transaction after failed inode updates in create_subvol (bsc#1161936).
  • btrfs: dev-replace: remove warning for unknown return codes when finished (dependency for bsc#1162067).
  • btrfs: do not call synchronize_srcu() in inode_tree_del (bsc#1161934).
  • btrfs: do not double lock the subvol_sem for rename exchange (bsc#1162943).
  • btrfs: fix btrfs_write_inode vs delayed iput deadlock (bsc#1154243).
  • btrfs: fix infinite loop during fsync after rename operations (bsc#1163383).
  • btrfs: fix missing data checksums after replaying a log tree (bsc#1161931).
  • btrfs: fix race between adding and putting tree mod seq elements and nodes (bsc#1163384).
  • btrfs: handle ENOENT in btrfs_uuid_tree_iterate (bsc#1161937).
  • btrfs: make tree checker detect checksum items with overlapping ranges (bsc#1161931).
  • btrfs: record all roots for rename exchange on a subvol (bsc#1161933).
  • btrfs: scrub: Require mandatory block group RO for dev-replace (bsc#1162067).
  • btrfs: send, skip backreference walking for extents with many references (bsc#1162139).
  • btrfs: skip log replay on orphaned roots (bsc#1161935).
  • can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs (bsc#1051510).
  • can, slip: Protect tty->disc_data in write_wakeup and close with RCU (bsc#1051510).
  • cdrom: respect device capabilities during opening action (boo#1164632).
  • cfg80211: check for set_wiphy_params (bsc#1051510).
  • cfg80211: fix deadlocks in autodisconnect work (bsc#1111666).
  • cfg80211: fix memory leak in cfg80211_cqm_rssi_update (bsc#1111666).
  • chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849).
  • cifs: fix mount option display for sec=krb5i (bsc#1161907).
  • clk: Do not try to enable critical clocks if prepare failed (bsc#1051510).
  • clk: mmp2: Fix the order of timer mux parents (bsc#1051510).
  • clk: qcom: rcg2: Do not crash if our parent can't be found; return an error (bsc#1051510).
  • clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510).
  • clk: sunxi: sun9i-mmc: Implement reset callback for reset controls (bsc#1051510).
  • clk: tegra: Mark fuse clock as critical (bsc#1051510).
  • clocksource/drivers/bcm2835_timer: Fix memory leak of timer (bsc#1051510).
  • clocksource: Prevent double add_timer_on() for watchdog_timer (bsc#1051510).
  • closures: fix a race on wakeup from closure_sync (bsc#1163762).
  • closures: fix a race on wakeup from closure_sync (bsc#1163762).
  • crypto: af_alg - Use bh_lock_sock in sk_destruct (bsc#1051510).
  • crypto: api - Check spawn->alg under lock in crypto_drop_spawn (bsc#1051510).
  • crypto: api - Fix race condition in crypto_spawn_alg (bsc#1051510).
  • crypto: atmel-sha - fix error handling when setting hmac key (bsc#1051510).
  • crypto: caam/qi2 - fix typo in algorithm's driver name (bsc#1111666).
  • crypto: chelsio - fix writing tfm flags to wrong place (bsc#1051510).
  • crypto: pcrypt - Do not clear MAY_SLEEP flag in original request (bsc#1051510).
  • crypto: picoxcell - adjust the position of tasklet_init and fix missed tasklet_kill (bsc#1051510).
  • crypto: reexport crypto_shoot_alg() (bsc#1051510, kABI fix).
  • dmaengine: coh901318: Fix a double-lock bug (bsc#1051510).
  • dmaengine: coh901318: Remove unused variable (bsc#1051510).
  • dmaengine: Fix access to uninitialized dma_slave_caps (bsc#1051510).
  • dma-mapping: fix return type of dma_set_max_seg_size() (bsc#1051510).
  • Documentation: Document arm64 kpti control (bsc#1162623).
  • drivers/base/memory.c: cache blocks in radix tree to accelerate lookup (bsc#1159955 ltc#182993).
  • drivers/base/memory.c: do not access uninitialized memmaps in soft_offline_page_store() (bsc#1051510).
  • drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero (bsc#1111666).
  • drm/amdgpu: add function parameter description in 'amdgpu_device_set_cg_state' (bsc#1111666).
  • drm/amdgpu: add function parameter description in 'amdgpu_gart_bind' (bsc#1051510).
  • drm/amdgpu: fix ring test failure issue during s3 in vce 3.0 (V2) (bsc#1111666).
  • drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510).
  • drm/amdgpu: remove always false comparison in 'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510).
  • drm/amdgpu: remove set but not used variable 'amdgpu_connector' (bsc#1051510).
  • drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510).
  • drm/amdgpu: remove set but not used variable 'dig_connector' (bsc#1051510).
  • drm/amdgpu: remove set but not used variable 'invalid' (bsc#1111666).
  • drm/amdgpu: remove set but not used variable 'mc_shared_chmap' (bsc#1051510).
  • drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from 'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510).
  • drm/amdgpu/{uvd,vcn}: fetch ring's read_ptr after alloc (bsc#1111666).
  • drm/amd/powerplay: remove set but not used variable 'us_mvdd' (bsc#1111666).
  • drm: bridge: dw-hdmi: constify copied structure (bsc#1051510).
  • drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() (bsc#1111666).
  • drm/i915: Handle vm_mmap error during I915_GEM_MMAP ioctl with WC set (bsc#1111666).
  • drm/i915: Make sure cdclk is high enough for DP audio on VLV/CHV (bsc#1111666).
  • drm/i915/perf: add missing delay for OA muxes configuration (bsc#1111666).
  • drm/i915: Sanity check mmap length against object size (bsc#1111666).
  • drm: msm: mdp4: Adjust indentation in mdp4_dsi_encoder_enable (bsc#1111666).
  • drm/mst: Fix MST sideband up-reply failure handling (bsc#1051510).
  • drm/nouveau/bar/gf100: ensure BAR is mapped (bsc#1111666).
  • drm/nouveau/bar/nv50: check bar1 vmm return value (bsc#1111666).
  • drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler (bsc#1051510).
  • drm/nouveau/mmu: qualify vmm during dtor (bsc#1111666).
  • drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() (bsc#1051510).
  • drm/rect: Avoid division by zero (bsc#1111666).
  • drm/rect: update kerneldoc for drm_rect_clip_scaled() (bsc#1111666).
  • drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510).
  • drm/sun4i: tcon: Set min division of TCON0_DCLK to 1 (bsc#1111666).
  • drm/sun4i: tcon: Set RGB DCLK min. divider based on hardware model (bsc#1111666).
  • drm/ttm: ttm_tt_init_fields() can be static (bsc#1111666).
  • drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (bsc#1051510).
  • Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632).
  • enic: prevent waking up stopped tx queues over watchdog reset (bsc#1133147).
  • ext2: check err when partial != NULL (bsc#1163859).
  • ext4: check for directory entries too close to block end (bsc#1163861).
  • ext4: fix a bug in ext4_wait_for_tail_page_commit (bsc#1163841).
  • ext4: fix checksum errors with indexed dirs (bsc#1160979).
  • ext4: fix deadlock allocating crypto bounce page from mempool (bsc#1163842).
  • ext4: fix mount failure with quota configured as module (bsc#1164471).
  • ext4: fix mount failure with quota configured as module (bsc#1164471).
  • ext4: Fix mount failure with quota configured as module (bsc#1164471).
  • ext4: improve explanation of a mount failure caused by a misconfigured kernel (bsc#1163843).
  • ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853).
  • firestream: fix memory leaks (bsc#1051510).
  • fix autofs regression caused by follow_managed() changes (bsc#1159271).
  • fix dget_parent() fastpath race (bsc#1159271).
  • fscrypt: do not set policy for a dead directory (bsc#1163846).
  • fs/namei.c: fix missing barriers when checking positivity (bsc#1159271).
  • fs/namei.c: pull positivity check into follow_managed() (bsc#1159271).
  • fs/open.c: allow opening only regular files during execve() (bsc#1163845).
  • ftrace: Add comment to why rcu_dereference_sched() is open coded (git-fixes).
  • ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes).
  • genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392).
  • gtp: avoid zero size hashtable (networking-stable-20_01_01).
  • gtp: do not allow adding duplicate tid and ms_addr pdp context (networking-stable-20_01_01).
  • gtp: fix an use-after-free in ipv4_pdp_find() (networking-stable-20_01_01).
  • gtp: fix wrong condition in gtp_genl_dump_pdp() (networking-stable-20_01_01).
  • hotplug/drc-info: Add code to search ibm,drc-info property (bsc#1157480 ltc#181028).
  • hv_netvsc: Fix offset usage in netvsc_send_table() (bsc#1164598).
  • hv_netvsc: Fix send_table offset in case of a host bug (bsc#1164598).
  • hv_netvsc: Fix tx_table init in rndis_set_subchannel() (bsc#1164598).
  • hv_netvsc: Fix unwanted rx_table reset (bsc#1164598).
  • hwmon: (adt7475) Make volt2reg return same reg as reg2volt input (bsc#1051510).
  • hwmon: (core) Do not use device managed functions for memory allocations (bsc#1051510).
  • hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs (bsc#1163206).
  • hwmon: (nct7802) Fix voltage limits to wrong registers (bsc#1051510).
  • hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions (bsc#1051510).
  • i2c: imx: do not print error message on probe defer (bsc#1051510).
  • iio: adc: max9611: Fix too short conversion time delay (bsc#1051510).
  • init: add arch_call_rest_init to allow stack switching (jsc#SLE-11179).
  • Input: aiptek - fix endpoint sanity check (bsc#1051510).
  • Input: gtco - fix endpoint sanity check (bsc#1051510).
  • Input: keyspan-remote - fix control-message timeouts (bsc#1051510).
  • Input: pegasus_notetaker - fix endpoint sanity check (bsc#1051510).
  • Input: pm8xxx-vib - fix handling of separate enable register (bsc#1051510).
  • Input: rmi_f54 - read from FIFO in 32 byte blocks (bsc#1051510).
  • Input: sun4i-ts - add a check for devm_thermal_zone_of_sensor_register (bsc#1051510).
  • Input: sur40 - fix interface sanity checks (bsc#1051510).
  • Input: synaptics-rmi4 - simplify data read in rmi_f54_work (bsc#1051510).
  • iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162617).
  • iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA (bsc#1164314).
  • iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() (bsc#1164115).
  • iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop (git-fixes).
  • iwlwifi: clear persistence bit according to device family (bsc#1111666).
  • iwlwifi: do not throw error when trying to remove IGTK (bsc#1051510).
  • iwlwifi: mvm: fix NVM check for 3168 devices (bsc#1051510).
  • iwlwifi: trans: Clear persistence bit when starting the FW (bsc#1111666).
  • jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal (bsc#1163862).
  • jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer (bsc#1163836).
  • jbd2: Fix possible overflow in jbd2_log_space_left() (bsc#1163860).
  • jbd2: make sure ESHUTDOWN to be recorded in the journal superblock (bsc#1163863).
  • jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() (bsc#1163880).
  • jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record (bsc#1163852).
  • kabi/severities: Whitelist rpaphp_get_drc_props (bsc#1157480 ltc#181028).
  • kABI workaround for can/skb.h inclusion (bsc#1051510).
  • kconfig: fix broken dependency in randconfig-generated .config (bsc#1051510).
  • kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure flavor (boo#1161360).
  • KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers (bsc#1133021).
  • KVM: fix spectrev1 gadgets (bsc#1164705).
  • KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840).
  • KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840).
  • KVM: PPC: Book3S PR: Free shared page if mmu initialization fails (bsc#1061840).
  • KVM: SVM: Override default MMIO mask if memory encryption is enabled (bsc#1162618).
  • KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (bsc#1164734).
  • KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks (bsc#1164728).
  • KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks (bsc#1164729).
  • KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks (bsc#1164712).
  • KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks (bsc#1164730).
  • KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (bsc#1164733).
  • KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164731).
  • KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (bsc#1164732).
  • KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735).
  • KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (bsc#1164705).
  • KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (bsc#1164727).
  • lcoking/rwsem: Add missing ACQUIRE to read_slowpath sleep loop (bsc#1050549).
  • lib: crc64: include <linux/crc64.h> for 'crc64_be' (bsc#1163762).
  • lib: crc64: include <linux/crc64.h> for 'crc64_be' (bsc#1163762).
  • libnvdimm: Fix devm_nsio_enable() kabi (bsc#1153535).
  • libnvdimm/namespace: Differentiate between probe mapping and runtime mapping (bsc#1153535).
  • libnvdimm/pfn: Account for PAGE_SIZE > info-block-size in nd_pfn_init() (bsc#1127682 bsc#1153535 ltc#175033 ltc#181834).
  • lib/scatterlist.c: adjust indentation in __sg_alloc_table (bsc#1051510).
  • lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() (bsc#1051510).
  • livepatch/samples/selftest: Use klp_shadow_alloc() API correctly (bsc#1071995).
  • livepatch/selftest: Clean up shadow variable names and type (bsc#1071995).
  • livepatch: Simplify stack trace retrieval (jsc#SLE-11179).
  • locking/rwsem: Prevent decrement of reader count before increment (bsc#1050549).
  • mac80211: Do not send Layer 2 Update frame before authorization (bsc#1051510).
  • mac80211: fix ieee80211_txq_setup_flows() failure path (bsc#1111666).
  • mac80211: Fix TKIP replay protection immediately after key setup (bsc#1051510).
  • mac80211: mesh: restrict airtime metric to peered established plinks (bsc#1051510).
  • macvlan: do not assume mac_header is set in macvlan_broadcast() (bsc#1051510).
  • macvlan: use skb_reset_mac_header() in macvlan_queue_xmit() (bsc#1051510).
  • md/raid0: Fix buffer overflow at debug print (bsc#1164051).
  • media: af9005: uninitialized variable printked (bsc#1051510).
  • media: cec: CEC 2.0-only bcast messages were ignored (git-fixes).
  • media: digitv: do not continue if remote control state can't be read (bsc#1051510).
  • media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (bsc#1051510).
  • media: exynos4-is: fix wrong mdev and v4l2 dev order in error path (git-fixes).
  • media: gspca: zero usb_buf (bsc#1051510).
  • media: iguanair: fix endpoint sanity check (bsc#1051510).
  • media: ov6650: Fix crop rectangle alignment not passed back (git-fixes).
  • media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes).
  • media: pulse8-cec: fix lost cec_transmit_attempt_done() call.
  • media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (bsc#1051510).
  • media/v4l2-core: set pages dirty upon releasing DMA buffers (bsc#1051510).
  • media: v4l2-ioctl.c: zero reserved fields for S/TRY_FMT (bsc#1051510).
  • media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments (bsc#1051510).
  • mfd: da9062: Fix watchdog compatible string (bsc#1051510).
  • mfd: dln2: More sanity checking for endpoints (bsc#1051510).
  • mfd: rn5t618: Mark ADC control register volatile (bsc#1051510).
  • mmc: sdhci: fix minimum clock rate for v3 controller (bsc#1051510).
  • mmc: spi: Toggle SPI polarity, do not hardcode it (bsc#1051510).
  • mmc: tegra: fix SDR50 tuning override (bsc#1051510).
  • mm: memory_hotplug: use put_device() if device_register fail (bsc#1159955 ltc#182993).
  • mod_devicetable: fix PHY module format (networking-stable-19_12_28).
  • mtd: fix mtd_oobavail() incoherent returned value (bsc#1051510).
  • mwifiex: delete unused mwifiex_get_intf_num() (bsc#1111666).
  • mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame() (git-fixes).
  • mwifiex: update set_mac_address logic (bsc#1111666).
  • namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1163851).
  • net: add sendmsg_locked and sendpage_locked to af_inet6 (bsc#1144162).
  • net: dst: Force 4-byte alignment of dst_metrics (networking-stable-19_12_28).
  • net: ena: fix napi handler misbehavior when the napi budget is zero (networking-stable-20_01_01).
  • net: hisilicon: Fix a BUG trigered by wrong bytes_compl (networking-stable-19_12_28).
  • net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() (networking-stable-19_12_28).
  • net: qlogic: Fix error paths in ql_alloc_large_buffers() (networking-stable-19_12_28).
  • net: sched: correct flower port blocking (git-fixes).
  • net: usb: lan78xx: Fix suspend/resume PHY register access error (networking-stable-19_12_28).
  • new helper: lookup_positive_unlocked() (bsc#1159271).
  • NFC: pn544: Adjust indentation in pn544_hci_check_presence (git-fixes).
  • nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info (bsc#1163774).
  • orinoco_usb: fix interface sanity check (git-fixes).
  • PCI: Add DMA alias quirk for Intel VCA NTB (bsc#1051510).
  • PCI: Do not disable bridge BARs when assigning bus resources (bsc#1051510).
  • PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes).
  • PCI: rpaphp: Add drc-info support for hotplug slot registration (bsc#1157480 ltc#181028).
  • PCI: rpaphp: Annotate and correctly byte swap DRC properties (bsc#1157480 ltc#181028).
  • PCI: rpaphp: Avoid a sometimes-uninitialized warning (bsc#1157480 ltc#181028).
  • PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info (bsc#1157480 ltc#181028).
  • PCI: rpaphp: Do not rely on firmware feature to imply drc-info support (bsc#1157480 ltc#181028).
  • PCI: rpaphp: Fix up pointer to first drc-info entry (bsc#1157480 ltc#181028).
  • PCI/switchtec: Fix vep_vector_number ioread width (bsc#1051510).
  • percpu: Separate decrypted varaibles anytime encryption can be enabled (bsc#1114279).
  • perf/x86/intel: Fix inaccurate period in context switch for auto-reload (bsc#1164315).
  • phy: qualcomm: Adjust indentation in read_poll_timeout (bsc#1051510).
  • pinctrl: cherryview: Fix irq_valid_mask calculation (bsc#1111666).
  • pinctrl: qcom: ssbi-gpio: fix gpio-hog related boot issues (bsc#1051510).
  • pinctrl: sh-pfc: r8a7778: Fix duplicate SDSELF_B and SD1_CLK_B (bsc#1051510).
  • powerpc: avoid adjusting memory_limit for capture kernel memory reservation (bsc#1140025 ltc#176086).
  • powerpc: Enable support for ibm,drc-info devtree property (bsc#1157480 ltc#181028).
  • powerpc/mm: Remove kvm radix prefetch workaround for Power9 DD2.2 (bsc#1061840).
  • powerpc/papr_scm: Do not enable direct map for a region by default (bsc#1129551).
  • powerpc/pa