Security update for the Linux Kernel

Announcement ID: SUSE-SU-2018:3589-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2017-16533 ( SUSE ): 4.6 CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2017-16533 ( NVD ): 6.6 CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2017-18224 ( NVD ): 4.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-18386 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-18386 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
  • CVE-2018-18445 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • CVE-2018-18445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • CVE-2018-18445 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • Basesystem Module 15
  • Development Tools Module 15
  • Legacy Module 15
  • SUSE Linux Enterprise Desktop 15
  • SUSE Linux Enterprise High Availability Extension 15
  • SUSE Linux Enterprise High Performance Computing 15
  • SUSE Linux Enterprise Live Patching 15
  • SUSE Linux Enterprise Server 15
  • SUSE Linux Enterprise Server for SAP Applications 15
  • SUSE Linux Enterprise Workstation Extension 15

An update that solves four vulnerabilities and has 102 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
  • CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
  • CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
  • CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).

The following non-security bugs were fixed:

  • acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
  • acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
  • alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
  • arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
  • arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
  • arm: exynos: Clear global variable on init error path (bsc#1051510).
  • arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
  • arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).
  • arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).
  • ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
  • ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
  • ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
  • ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
  • ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
  • ASoC: wm8804: Add ACPI support (bsc#1051510).
  • Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
  • Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
  • Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
  • cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
  • Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)
  • Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
  • EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
  • EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
  • EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
  • EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
  • HID: add support for Apple Magic Keyboards (bsc#1051510).
  • HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
  • HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
  • HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
  • HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
  • input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
  • input: atakbd - fix Atari keymap (bsc#1051510).
  • kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).
  • kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
  • kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
  • kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).
  • kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
  • kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
  • kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).
  • kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).
  • kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).
  • kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
  • kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).
  • kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).
  • kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).
  • kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).
  • kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
  • kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).
  • kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
  • kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
  • kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).
  • kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
  • nfc: trf7970a: fix check of clock frequencies, use && instead of || (bsc#1051510).
  • nfs: Avoid quadratic search when freeing delegations (bsc#1084760).
  • pci: Reprogram bridge prefetch registers on resume (bsc#1051510).
  • pci: dwc: Fix scheduling while atomic issues (git-fixes).
  • pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
  • pm / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
  • pm / core: Clear the direct_complete flag on errors (bsc#1051510).
  • pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
  • rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).
  • Revert "Limit kernel-source build to architectures for which we build binaries" This reverts commit d6435125446d740016904abe30a60611549ae812.
  • Revert "cdc-acm: implement put_char() and flush_chars()" (bsc#1051510).
  • Revert "drm/amdgpu: Add an ATPX quirk for hybrid laptop" (bsc#1051510).
  • Revert "drm/i915/gvt: set max priority for gvt context" (bsc#1051510).
  • Revert "gpio: set up initial state from .get_direction()" (bsc#1051510).
  • Revert "iommu/io-pgtable: Avoid redundant TLB syncs" (bsc#1106237).
  • Revert "mwifiex: fix incorrect ht capability problem" (bsc#1051510).
  • Revert "mwifiex: handle race during mwifiex_usb_disconnect" (bsc#1051510).
  • Revert "pinctrl: sunxi: Do not enforce bias disable (for now)" (bsc#1051510).
  • Revert "slab: __GFP_ZERO is incompatible with a constructor" (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.
  • Revert "ubifs: xattr: Do not operate on deleted inodes" (bsc#1051510).
  • Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
  • usb: Add quirk to support DJI CineSSD (bsc#1051510).
  • usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
  • usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).
  • usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).
  • usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
  • usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
  • usb: yurex: Check for truncation in yurex_read() (bsc#1051510).
  • usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
  • Use upstream version of pci-hyperv patch (35a88a1)
  • acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
  • aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
  • apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
  • apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).
  • apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
  • apparmor: fix mediation of prlimit (bsc#1051510).
  • apparmor: fix memory leak when deduping profile load (bsc#1051510).
  • apparmor: fix ptrace read check (bsc#1051510).
  • asix: Check for supported Wake-on-LAN modes (bsc#1051510).
  • ath10k: fix kernel panic issue during pci probe (bsc#1051510).
  • ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
  • ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
  • ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
  • audit: fix use-after-free in audit_add_watch (bsc#1051510).
  • batman-adv: Avoid probe ELP information leak (bsc#1051510).
  • batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
  • batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
  • batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).
  • batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
  • batman-adv: Prevent duplicated global TT entry (bsc#1051510).
  • batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
  • batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
  • batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
  • batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
  • batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
  • bdi: Fix another oops in wb_workfn() (bsc#1112746).
  • bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
  • be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
  • be2net: remove unused old AIC info (bsc#1086288).
  • be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
  • blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
  • blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
  • block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
  • block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
  • block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
  • bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
  • bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
  • bpf/verifier: disallow pointer subtraction (bsc#1083647).
  • bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
  • btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
  • btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
  • cdc-acm: fix race between reset and control messaging (bsc#1051510).
  • ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
  • cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
  • cifs: Fix use after free of a mid_q_entry (bsc#1112903).
  • cifs: fix memory leak in SMB2_open() (bsc#1112894).
  • cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
  • clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).
  • clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).
  • clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).
  • clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
  • clk: x86: add "ether_clk" alias for Bay Trail / Cherry Trail (bsc#1051510).
  • clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
  • clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
  • coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
  • cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
  • cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).
  • crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
  • crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).
  • crypto: ccp - add timeout support in the SEV command (bsc#1106838).
  • crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
  • crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
  • crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
  • cxgb4: fix abort_req_rss6 struct (bsc#1046540).
  • cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
  • dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
  • debugobjects: Make stack check warning more informative (bsc#1051510).
  • declance: Fix continuation with the adapter identification message (bsc#1051510).
  • dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
  • drivers/base: stop new probing during shutdown (bsc#1051510).
  • drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
  • drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
  • drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
  • drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
  • drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
  • drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
  • drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
  • drm/amdgpu: add new polaris pci id (bsc#1051510).
  • drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
  • drm/amdgpu: revert "fix deadlock of reservation between cs and gpu reset v2" (bsc#1051510).
  • drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
  • drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
  • drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
  • drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)
  • drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
  • drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).
  • drm/nouveau/disp: fix DP disable race (bsc#1051510).
  • drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).
  • drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).
  • drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).
  • drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
  • drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
  • drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
  • drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
  • drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
  • drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
  • drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
  • e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
  • e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
  • eeprom: at24: change nvmem stride to 1 (bsc#1051510).
  • eeprom: at24: check at24_read/write arguments (bsc#1051510).
  • eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
  • efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).
  • enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
  • enic: handle mtu change for vf properly (bsc#1051510).
  • enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
  • ethtool: Remove trailing semicolon for static inline (bsc#1051510).
  • ethtool: fix a privilege escalation bug (bsc#1076830).
  • evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
  • ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
  • ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
  • ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
  • ext4: check for NUL characters in extended attribute's name (bsc#1112732).
  • ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
  • ext4: do not mark mmp buffer head dirty (bsc#1112743).
  • ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
  • ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
  • ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
  • ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
  • ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
  • ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
  • fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
  • firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).
  • firmware: raspberrypi: Register hwmon driver (bsc#1108468).
  • floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
  • fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
  • fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
  • gpio: Fix crash due to registration race (bsc#1051510).
  • gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
  • gpio: mb86s70: Revert "Return error if requesting an already assigned gpio" (bsc#1051510).
  • gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
  • gpiolib: Free the last requested descriptor (bsc#1051510).
  • hfs: prevent crash on exit from failed search (bsc#1051510).
  • hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
  • hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
  • hv: avoid crash in vmbus sysfs files (bnc#1108377).
  • hv_netvsc: fix schedule in RCU context ().
  • hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
  • hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
  • hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
  • hwmon: Add support for RPi voltage sensor (bsc#1108468).
  • hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
  • hypfs_kill_super(): deal with failed allocations (bsc#1051510).
  • i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
  • i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
  • intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
  • iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).
  • iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
  • iommu/vt-d: Add definitions for PFSID (bsc#1106237).
  • iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
  • iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
  • ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
  • ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
  • irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
  • iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
  • iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
  • iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
  • iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
  • iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
  • iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
  • iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
  • iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
  • jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
  • kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
  • kabi protect enum mem_type (bsc#1099125).
  • kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
  • kprobes/x86: Fix %p uses in error messages (bsc#1110006).
  • kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).
  • ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
  • kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
  • kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
  • kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
  • kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
  • kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
  • kvmclock: fix TSC calibration for nested guests (bsc#1110006).
  • lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).
  • lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
  • lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
  • libertas: call into generic suspend code before turning off power (bsc#1051510).
  • liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).
  • liquidio: fix kernel panic in VF driver (bsc#1067126).
  • loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
  • loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
  • loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
  • mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
  • mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
  • mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
  • mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
  • mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
  • mac80211: fix a race between restart and CSA flows (bsc#1051510).
  • mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).
  • mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
  • mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
  • mac80211: shorten the IBSS debug messages (bsc#1051510).
  • mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
  • mac80211_hwsim: require at least one channel (bsc#1051510).
  • mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
  • media: af9035: prevent buffer overflow on write (bsc#1051510).
  • media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).
  • media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
  • media: helene: fix xtal frequency setting at power on (bsc#1051510).
  • media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).
  • media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).
  • media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).
  • media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
  • media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
  • media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).
  • mm/migrate: Use spin_trylock() while resetting rate limit ().
  • mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
  • mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
  • mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
  • mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
  • mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
  • net: add support for Cavium PTP coprocessor (bsc#1110096).
  • net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).
  • net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
  • net: thunder: change q_len's type to handle max ring size (bsc#1110096).
  • net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).
  • net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
  • net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
  • net: thunderx: add multicast filter management support (bsc#1110096).
  • net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).
  • net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).
  • net: thunderx: add timestamping support (bsc#1110096).
  • net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).
  • net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
  • net: thunderx: fix double free error (bsc#1110096).
  • net: thunderx: move filter register related macro into proper place (bsc#1110096).
  • net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).
  • net: thunderx: remove a couple of redundant assignments (bsc#1110096).
  • net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
  • nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).
  • objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
  • orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
  • orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
  • orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
  • orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
  • ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
  • ovl: fix format of setxattr debug (git-fixes).
  • perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
  • perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).
  • perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
  • perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).
  • perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).
  • perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
  • perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).
  • perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
  • perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).
  • perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).
  • perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).
  • perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).
  • perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).
  • perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).
  • powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).
  • powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
  • powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
  • powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
  • powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
  • powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
  • powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
  • powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
  • powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).
  • powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
  • printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
  • printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
  • proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
  • ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).
  • qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
  • qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).
  • qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).
  • qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).
  • qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).
  • qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).
  • qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
  • qed: Wait for ready indication before rereading the shmem (bsc#1050536).
  • qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
  • qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
  • qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
  • qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
  • r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
  • rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
  • rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
  • reiserfs: add check to detect corrupted directory entry (bsc#1109818).
  • reiserfs: do not panic on bad directory entries (bsc#1109818).
  • rename a hv patch to reduce conflicts in -AZURE
  • reorder a qedi patch to allow further work in this branch
  • rpc_pipefs: fix double-dput() (bsc#1051510).
  • rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
  • sched/numa: Limit the conditions where scan period is reset ().
  • scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
  • scsi: ipr: Eliminate duplicate barriers ().
  • scsi: ipr: Use dma_pool_zalloc() ().
  • scsi: ipr: fix incorrect indentation of assignment statement ().
  • scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
  • scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
  • scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
  • scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
  • scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
  • scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
  • scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
  • scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
  • scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
  • scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
  • scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
  • scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
  • scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
  • scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
  • scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
  • scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
  • selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).
  • selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
  • serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
  • serial: cpm_uart: return immediately from console poll (bsc#1051510).
  • serial: imx: restore handshaking irq for imx1 (bsc#1051510).
  • series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).
  • signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
  • smb2: fix missing files in root share directory listing (bsc#1112907).
  • smb3: fill in statfs fsid and correct namelen (bsc#1112905).
  • smb3: fix reset of bytes read and written stats (bsc#1112906).
  • smb3: on reconnect set PreviousSessionId field (bsc#1112899).
  • soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).
  • soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
  • sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
  • soreuseport: initialise timewait reuseport field (bsc#1051510).
  • sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
  • sound: enable interrupt after dma buffer initialization (bsc#1051510).
  • spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
  • spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
  • spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).
  • spi: sh-m