Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2021:3675-1
Rating:	important
References:	bsc#1065729 bsc#1085030 bsc#1089118 bsc#1094840 bsc#1133021 bsc#1152472 bsc#1152489 bsc#1154353 bsc#1156395 bsc#1157177 bsc#1167773 bsc#1172073 bsc#1173604 bsc#1176447 bsc#1176774 bsc#1176914 bsc#1176940 bsc#1178134 bsc#1180100 bsc#1180749 bsc#1181147 bsc#1184673 bsc#1185762 bsc#1186063 bsc#1186109 bsc#1187167 bsc#1188563 bsc#1188601 bsc#1189841 bsc#1190006 bsc#1190067 bsc#1190349 bsc#1190351 bsc#1190479 bsc#1190620 bsc#1190642 bsc#1190795 bsc#1190801 bsc#1190941 bsc#1191229 bsc#1191240 bsc#1191241 bsc#1191315 bsc#1191317 bsc#1191349 bsc#1191384 bsc#1191449 bsc#1191450 bsc#1191451 bsc#1191452 bsc#1191455 bsc#1191456 bsc#1191628 bsc#1191645 bsc#1191663 bsc#1191731 bsc#1191800 bsc#1191851 bsc#1191867 bsc#1191934 bsc#1191958 bsc#1191980 bsc#1192040 bsc#1192041 bsc#1192074 bsc#1192107 bsc#1192145 bsc#1192229 bsc#1192267 bsc#1192288 bsc#1192549
Cross-References:	CVE-2021-33033 CVE-2021-34866 CVE-2021-3542 CVE-2021-3655 CVE-2021-3715 CVE-2021-37159 CVE-2021-3760 CVE-2021-3772 CVE-2021-3896 CVE-2021-41864 CVE-2021-42008 CVE-2021-42252 CVE-2021-42739 CVE-2021-43056 CVE-2021-43389
CVSS scores:	CVE-2021-33033 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-33033 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-34866 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-34866 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-34866 ( NVD ): 8.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVE-2021-3542 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-3655 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2021-3655 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-3715 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3715 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-37159 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-37159 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3760 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3760 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3772 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-3772 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2021-3896 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-41864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-41864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-42008 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-42008 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-42252 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-42252 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-42739 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-42739 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-43056 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-43056 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-43389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-43389 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Basesystem Module 15-SP3 Development Tools Module 15-SP3 Legacy Module 15-SP3 openSUSE Leap 15.3 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Live Patching 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Real Time 15 SP3 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Workstation Extension 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.2 SUSE Manager Server 4.2

An update that solves 15 vulnerabilities and has 56 security fixes can now be installed.

Description:

The following security bugs were fixed:

CVE-2021-3542: Fixed heap buffer overflow in firedtv driver (bsc#1186063).
CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets, which may have allowed the kernel to read uninitialized memory (bsc#1188563).
CVE-2021-3715: Fixed a use-after-free in route4_change() in net/sched/cls_route.c (bsc#1190349).
CVE-2021-3760: Fixed a use-after-free vulnerability with the ndev->rf_conn_info object (bsc#1190067).
CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).
CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c (bsc#1191958).
CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled (bsc#1186109).
CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation Vulnerability (bsc#1191645).
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free (bnc#1188601).
CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (bnc#1191317).
CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data function in drivers/net/hamradio/6pack.c. Input from a process that had the CAP_NET_ADMIN capability could have lead to root access (bsc#1191315).
CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could have allowed local attackers to access the Aspeed LPC control interface to overwrite memory in the kernel and potentially execute privileges (bnc#1190479).
CVE-2021-42739: The firewire subsystem had a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled bounds checking (bsc#1184673).
CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on Power8 (bnc#1192107).
CVE-2021-43389: There was an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).

The following non-security bugs were fixed:

acpi/arm64: fix next_platform_timer() section mismatch error (git-fixes).
ACPI: bgrt: Fix CFI violation (git-fixes).
ACPI: fix NULL pointer dereference (git-fixes).
ACPI: NFIT: Use fallback node id when numa info in NFIT table is incorrect (git-fixes).
Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731).
ALSA: hda: avoid write to STATESTS if controller is in reset (git-fixes).
ALSA: hda - Enable headphone mic on Dell Latitude laptops with ALC3254 (git-fixes).
ALSA: hda: intel: Allow repeatedly probing on codec configuration errors (bsc#1190801).
ALSA: hda/realtek: Add quirk for Clevo PC50HS (git-fixes).
ALSA: hda/realtek: Add quirk for Clevo X170KM-G (git-fixes).
ALSA: hda/realtek: Add quirk for TongFang PHxTxX1 (git-fixes).
ALSA: hda/realtek - ALC236 headset MIC recording issue (git-fixes).
ALSA: hda/realtek: Complete partial device name to avoid ambiguity (git-fixes).
ALSA: hda/realtek: Enable 4-speaker output for Dell Precision 5560 laptop (git-fixes).
ALSA: hda/realtek: Fix for quirk to enable speaker output on the Lenovo 13s Gen2 (git-fixes).
ALSA: hda/realtek: Fix mic mute LED for the HP Spectre x360 14 (git-fixes).
ALSA: hda/realtek: Fix the mic type detection issue for ASUS G551JW (git-fixes).
ALSA: hda/realtek: Quirks to enable speaker output for Lenovo Legion 7i 15IMHG05, Yoga 7i 14ITL5/15ITL5, and 13s Gen2 laptops (git-fixes).
ALSA: hda: Reduce udelay() at SKL+ position reporting (git-fixes).
ALSA: hda: Use position buffer for SKL+ again (git-fixes).
ALSA: pcm: Workaround for a wrong offset in SYNC_PTR compat ioctl (git-fixes).
ALSA: seq: Fix a potential UAF by wrong private_free call order (git-fixes).
ALSA: ua101: fix division by zero at probe (git-fixes).
ALSA: uapi: Fix a C++ style comment in asound.h (git-fixes).
ALSA: usb-audio: Add quirk for VF0770 (git-fixes).
ALSA: usb-audio: Provide quirk for Sennheiser GSP670 Headset (git-fixes).
ASoC: atmel: ATMEL drivers do not need HAS_DMA (git-fixes).
ASoC: cs42l42: Correct some register default values (git-fixes).
ASoC: cs42l42: Defer probe if request_threaded_irq() returns EPROBE_DEFER (git-fixes).
ASoC: cs42l42: Do not set defaults for volatile registers (git-fixes).
ASoC: DAPM: Fix missing kctl change notifications (git-fixes).
ASoC: dapm: use component prefix when checking widget names (git-fixes).
ASoC: dt-bindings: cs42l42: Correct description of ts-inv (git-fixes).
ASoC: fsl_spdif: register platform component before registering cpu dai (git-fixes).
ASoC: Intel: bytcr_rt5640: Move "Platform Clock" routes to the maps for the matching in-/output (git-fixes).
ASoC: Intel: Skylake: Fix module configuration for KPB and MIXER (git-fixes).
ASoC: Intel: Skylake: Fix passing loadable flag for module (git-fixes).
ASoC: Intel: sof_sdw: tag SoundWire BEs as non-atomic (git-fixes).
ASoC: mediatek: mt8195: Remove unsued irqs_lock (git-fixes).
ASoC: rockchip: Use generic dmaengine code (git-fixes).
ASoC: SOF: imx: imx8: Bar index is only valid for IRAM and SRAM types (git-fixes).
ASoC: SOF: imx: imx8m: Bar index is only valid for IRAM and SRAM types (git-fixes).
ASoC: SOF: loader: release_firmware() on load failure to avoid batching (git-fixes).
ASoC: SOF: topology: do not power down primary core during topology removal (git-fixes).
ASoC: topology: Fix stub for snd_soc_tplg_component_remove() (git-fixes).
ASoC: wm8960: Fix clock configuration on slave mode (git-fixes).
ata: ahci_platform: fix null-ptr-deref in ahci_platform_enable_regulators() (git-fixes).
ata: sata_dwc_460ex: No need to call phy_exit() befre phy_init() (git-fixes).
ata: sata_mv: Fix the error handling of mv_chip_id() (git-fixes).
ath10k: fix control-message timeout (git-fixes).
ath10k: fix division by zero in send path (git-fixes).
ath10k: fix max antenna gain unit (git-fixes).
ath10k: Fix missing frame timestamp for beacon/probe-resp (git-fixes).
ath10k: sdio: Add missing BH locking around napi_schdule() (git-fixes).
ath6kl: fix control-message timeout (git-fixes).
ath6kl: fix division by zero in send path (git-fixes).
ath9k: Fix potential interrupt storm on queue reset (git-fixes).
audit: fix possible null-pointer dereference in audit_filter_rules (git-fixes).
b43: fix a lower bounds test (git-fixes).
b43legacy: fix a lower bounds test (git-fixes).
bfq: Remove merged request already in bfq_requests_merged() (bsc#1191456).
blk: Fix lock inversion between ioc lock and bfqd lock (bsc#1191456).
blktrace: Fix uaf in blk_trace access after removing by sysfs (bsc#1191452).
block: bfq: fix bfq_set_next_ioprio_data() (bsc#1191451).
Bluetooth: btmtkuart: fix a memleak in mtk_hci_wmt_sync (git-fixes).
Bluetooth: fix init and cleanup of sco_conn.timeout_work (git-fixes).
bnxt_en: Fix TX timeout when TX ring size is set to the smallest (git-fixes).
bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (jsc#SLE-16649).
bpf: Add bpf_patch_call_args prototype to include/linux/bpf.h (git-fixes).
bpf: Fix a typo of reuseport map in bpf.h (git-fixes).
bpf: Fix OOB read when printing XDP link fdinfo (git-fixes).
bpf: Fix up bpf_skb_adjust_room helper's skb csum setting (git-fixes).
can: dev: can_restart: fix use after free bug (git-fixes).
can: peak_pci: peak_pci_remove(): fix UAF (git-fixes).
can: peak_usb: fix use after free bugs (git-fixes).
can: peak_usb: pcan_usb_fd_decode_status(): fix back to ERROR_ACTIVE state notification (git-fixes).
can: rcar_can: fix suspend/resume (git-fixes).
can: ti_hecc: ti_hecc_probe(): add missed clk_disable_unprepare() in error path (git-fixes).
can: xilinx_can: handle failure cases of pm_runtime_get_sync (git-fixes).
cb710: avoid NULL pointer subtraction (git-fixes).
ceph: fix handling of "meta" errors (bsc#1192041).
ceph: skip existing superblocks that are blocklisted or shut down when mounting (bsc#1192040).
cfg80211: correct bridge/4addr mode check (git-fixes).
cfg80211: fix management registrations locking (git-fixes).
cfg80211: scan: fix RCU in cfg80211_add_nontrans_list() (git-fixes).
Configure mpi3mr as currently unsupported (jsc#SLE-18120)
cpuidle: pseries: Mark pseries_idle_proble() as __init (jsc#SLE-13614 bsc#1176914 ltc#186394 git-fixes).
driver core: add a min_align_mask field to struct device_dma_parameters (bsc#1191851).
drm/amd/display: Pass PCI deviceid into DC (git-fixes).
drm/amdgpu: correct initial cp_hqd_quantum for gfx9 (git-fixes).
drm/amdgpu/display: add quirk handling for stutter mode (git-fixes).
drm/amdgpu: fix gart.bo pin_count leak (git-fixes).
drm/amdgpu: fix warning for overflow check (git-fixes).
drm/amdgpu/gmc6: fix DMA mask from 44 to 40 bits (git-fixes).
drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read (git-fixes).
drm/i915: Fix syncmap memory leak (bsc#1152489) Backporting notes: * context changes in intel_timeline_fini()
drm/msm: Avoid potential overflow in timeout_to_jiffies() (git-fixes).
drm/msm/dsi: Fix an error code in msm_dsi_modeset_init() (git-fixes).
drm/msm/dsi: fix off by one in dsi_bus_clk_enable error handling (git-fixes).
drm/msm: Fix null pointer dereference on pointer edp (git-fixes).
drm/msm: Fix potential NULL dereference in DPU SSPP (git-fixes).
drm/msm: potential error pointer dereference in init() (git-fixes).
drm/msm: uninitialized variable in msm_gem_import() (git-fixes).
drm/nouveau: avoid a use-after-free when BO init fails (bsc#1152472)
drm/nouveau/debugfs: fix file release memory leak (git-fixes).
drm/nouveau/kms/nv50-: fix file release memory leak (git-fixes).
drm/nouveau/kms/tu102-: delay enabling cursor until after assign_windows (git-fixes).
drm/panel: olimex-lcd-olinuxino: select CRC32 (git-fixes).
drm/panfrost: Make sure MMU context lifetime is not bound to (bsc#1152472)
drm/sun4i: dw-hdmi: Fix HDMI PHY clock setup (git-fixes).
drm/sun4i: Fix macros in sun8i_csc.h (git-fixes).
drm/ttm: stop calling tt_swapin in vm_access (git-fixes).
drm/v3d: fix wait for TMU write combiner flush (git-fixes).
e1000e: Drop patch to avoid regressions until real fix is available (bsc#1191663).
e1000e: Fix packet loss on Tiger Lake and later (git-fixes).
e100: fix buffer overrun in e100_get_regs (git-fixes).
e100: fix length calculation in e100_get_regs_len (git-fixes).
e100: handle eeprom as little endian (git-fixes).
EDAC/amd64: Set proper family type for Family 19h Models 20h-2Fh (bsc#1192288).
ext4: fix reserved space counter leakage (bsc#1191450).
ext4: report correct st_size for encrypted symlinks (bsc#1191449).
firmware/psci: fix application of sizeof to pointer (git-fixes).
fscrypt: add fscrypt_symlink_getattr() for computing st_size (bsc#1191449).
fs, mm: fix race in unlinking swapfile (bsc#1191455).
ftrace: Fix scripts/recordmcount.pl due to new binutils (bsc#1192267).
genirq: Provide IRQCHIP_AFFINITY_PRE_STARTUP (bsc#1152489).
gpio: pca953x: Improve bias setting (git-fixes).
gve: Avoid freeing NULL pointer (git-fixes).
gve: Correct available tx qpl check (git-fixes).
gve: fix gve_get_stats() (git-fixes).
gve: Properly handle errors in gve_assign_qpl (bsc#1176940).
gve: report 64bit tx_bytes counter from gve_handle_report_stats() (bsc#1176940).
HID: apple: Fix logical maximum and usage maximum of Magic Keyboard JIS (git-fixes).
HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes).
HID: u2fzero: ignore incomplete packets without data (git-fixes).
HID: usbhid: free raw_report buffers in usbhid_stop (git-fixes).
HID: wacom: Add new Intuos BT (CTL-4100WL/CTL-6100WL) device IDs (git-fixes).
hso: fix bailout in error case of probe (git-fixes).
hwmon: Fix possible memleak in __hwmon_device_register() (git-fixes).
hwmon: (pmbus/lm25066) Add offset coefficients (git-fixes).
hwmon: (pmbus/lm25066) Let compiler determine outer dimension of lm25066_coeff (git-fixes).
hwrng: mtk - Force runtime pm ops for sleep ops (git-fixes).
i2c: acpi: fix resource leak in reconfiguration device addition (git-fixes).
i40e: Fix ATR queue selection (git-fixes).
i40e: fix endless loop under rtnl (git-fixes).
i40e: Fix freeing of uninitialized misc IRQ vector (git-fixes).
iavf: fix double unlock of crit_lock (git-fixes).
ibmvnic: delay complete() (bsc#1094840 ltc#167098 git-fixes).
ice: Add missing E810 device ids (jsc#SLE-7966 bsc#1157177).
ice: fix getting UDP tunnel entry (jsc#SLE-12878).
ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241).
iio: adc128s052: Fix the error handling path of 'adc128_probe()' (git-fixes).
iio: adc: aspeed: set driver data when adc probe (git-fixes).
iio: dac: ti-dac5571: fix an error code in probe() (git-fixes).
iio: light: opt3001: Fixed timeout error when 0 lux (git-fixes).
iio: mtk-auxadc: fix case IIO_CHAN_INFO_PROCESSED (git-fixes).
iio: ssp_sensors: add more range checking in ssp_parse_dataframe() (git-fixes).
iio: ssp_sensors: fix error code in ssp_print_mcu_debug() (git-fixes).
Input: i8042 - Add quirk for Fujitsu Lifebook T725 (bsc#1191980).
Input: snvs_pwrkey - add clk handling (git-fixes).
Input: xpad - add support for another USB ID of Nacon GC-100 (git-fixes).
ionic: do not remove netdev->dev_addr when syncing uc list (bsc#1167773).
ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241).
IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241).
isdn: cpai: check ctr->cnr to avoid array index out of bound (git-fixes).
isdn: mISDN: Fix sleeping function called from invalid context (git-fixes).
iwlwifi: mvm: fix some kerneldoc issues (git-fixes).
iwlwifi: pcie: add configuration of a Wi-Fi adapter on Dell XPS 15 (git-fixes).
ixgbe: Fix NULL pointer dereference in ixgbe_xdp_setup (git-fixes).
kabi: block: Fix kabi of blk_mq_sched_try_insert_merge() (bsc#1191456).
kABI: Fix kABI after 36950f2da1ea (bsc#1191851).
kABI workaround for cfg80211 mgmt_registration_lock changes (git-fixes).
kABI workaround for HD-audio probe retry changes (bsc#1190801).
kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167).
kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167 bsc#1191240 ltc#194716).
kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. Fixes: e98096d5cf85 ("rpm: Abolish scritplet templating (bsc#1189841).")
kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229).
KVM: PPC: Book3S HV: Fix copy_tofrom_guest routines (jsc#SLE-12936 git-fixes).
KVM: PPC: Book3S HV Nested: Reflect guest PMU in-use to L0 when guest SPRs are live (bsc#1156395).
KVM: PPC: Book3S HV Nested: Sanitise H_ENTER_NESTED TM state (bsc#1156395).
KVM: PPC: Book3S HV: Save host FSCR in the P7/8 path (bsc#1065729).
KVM: PPC: Book3S HV: Tolerate treclaim. in fake-suspend mode changing registers (bsc#1156395).
KVM: PPC: Fix clearing never mapped TCEs in realmode (bsc#1156395).
KVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak (bsc#1156395).
KVM: s390: extend kvm_s390_shadow_fault to return entry pointer (bsc#1133021).
KVM: s390: index kvm->arch.idle_mask by vcpu_idx (bsc#1133021).
KVM: s390: split kvm_s390_logical_to_effective (bsc#1133021).
KVM: s390: VSIE: correctly handle MVPG when in VSIE (bsc#1133021).
lan78xx: select CRC32 (git-fixes).
libata: Add ATA_HORKAGE_NO_NCQ_ON_ATI for Samsung 860 and 870 SSD (git-fixes).
libertas: Fix possible memory leak in probe and disconnect (git-fixes).
libertas_tf: Fix possible memory leak in probe and disconnect (git-fixes).
mac80211: check return value of rhashtable_init (git-fixes).
mac80211: Drop frames from invalid MAC address in ad-hoc mode (git-fixes).
media: cedrus: Fix SUNXI tile size calculation (git-fixes).
media: cx23885: Fix snd_card_free call on null card pointer (git-fixes).
media: cxd2880-spi: Fix a null pointer dereference on error handling path (git-fixes).
media: dvb-frontends: mn88443x: Handle errors of clk_prepare_enable() (git-fixes).
media: dvb-usb: fix ununit-value in az6027_rc_query (git-fixes).
media: em28xx: add missing em28xx_close_extension (git-fixes).
media: em28xx: Do not use ops->suspend if it is NULL (git-fixes).
media: i2c: ths8200 needs V4L2_ASYNC (git-fixes).
media: ite-cir: IR receiver stop working after receive overflow (git-fixes).
media: mtk-vpu: Fix a resource leak in the error handling path of 'mtk_vpu_probe()' (git-fixes).
media: mxl111sf: change mutex_init() location (git-fixes).
media: radio-wl1273: Avoid card name truncation (git-fixes).
media: si470x: Avoid card name truncation (git-fixes).
media: staging/intel-ipu3: css: Fix wrong size comparison imgu_css_fw_init (git-fixes).
media: TDA1997x: handle short reads of hdmi info frame (git-fixes).
media: tm6000: Avoid card name truncation (git-fixes).
media: v4l2-ioctl: Fix check_ext_ctrls (git-fixes).
media: v4l2-ioctl: S_CTRL output the right value (git-fixes).
mei: me: add Ice Lake-N device id (git-fixes).
memory: fsl_ifc: fix leak of irq and nand_irq in fsl_ifc_ctrl_probe (git-fixes).
memstick: avoid out-of-range warning (git-fixes).
memstick: jmb38x_ms: use appropriate free function in jmb38x_ms_alloc_host() (git-fixes).
mlx5: count all link events (git-fixes).
mlxsw: thermal: Fix out-of-bounds memory accesses (git-fixes).
mmc: dw_mmc: exynos: fix the finding clock sample value (git-fixes).
mmc: meson-gx: do not use memcpy_to/fromio for dram-access-quirk (git-fixes).
mmc: mxs-mmc: disable regulator on error and in the remove function (git-fixes).
mmc: sdhci: Map more voltage level to SDHCI_POWER_330 (git-fixes).
mmc: sdhci-omap: Fix NULL pointer exception if regulator is not configured (git-fixes).
mmc: vub300: fix control-message timeouts (git-fixes).
mt76: mt7615: fix endianness warning in mt7615_mac_write_txwi (git-fixes).
mt76: mt76x02: fix endianness warnings in mt76x02_mac.c (git-fixes).
mt76: mt7915: fix muar_idx in mt7915_mcu_alloc_sta_req() (git-fixes).
mt76: mt7915: fix possible infinite loop release semaphore (git-fixes).
mt76: mt7915: fix sta_rec_wtbl tag len (git-fixes).
mwifiex: fix division by zero in fw download path (git-fixes).
mwifiex: Send DELBA requests according to spec (git-fixes).
net/af_unix: fix a data-race in unix_dgram_poll (bsc#1154353).
net: batman-adv: fix error handling (git-fixes).
net: bridge: use nla_total_size_64bit() in br_get_linkxstats_size() (git-fixes).
net: can: ems_usb: fix use-after-free in ems_usb_disconnect() (git-fixes).
net: cdc_eem: fix tx fixup skb leak (git-fixes).
net: cdc_ncm: correct overhead in delayed_ndp_size (git-fixes).
netfilter: conntrack: collect all entries in one cycle (bsc#1173604).
netfilter: Drop fragmented ndisc packets assembled in netfilter (git-fixes).
netfilter: xt_IDLETIMER: fix panic that occurs when timer_type has garbage value (bsc#1176447).
net: hns3: check queue id range before using (jsc#SLE-14777).
net: hns3: fix vf reset workqueue cannot exit (bsc#1154353).
net: hso: add failure handler for add_net_device (git-fixes).
net: hso: fix NULL-deref on disconnect regression (git-fixes).
net: hso: fix null-ptr-deref during tty device unregistration (git-fixes).
net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241).
net: lan78xx: fix division by zero in send path (git-fixes).
net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191800).
net/mlx4_en: Do not allow aRFS for encapsulated packets (git-fixes).
net/mlx4_en: Resolve bad operstate value (git-fixes).
net/mlx5e: IPSEC RX, enable checksum complete (jsc#SLE-15172).
net/mlx5e: Mutually exclude RX-FCS and RX-port-timestamp (git-fixes).
net/mlx5e: RX, Avoid possible data corruption when relaxed ordering and LRO combined (jsc#SLE-15172).
net/mlx5: E-Switch, Fix double allocation of acl flow counter (jsc#SLE-15172).
net/mlx5: Fix unpublish devlink parameters (jsc#SLE-8464).
net/mlx5: FWTrace, cancel work on alloc pd error flow (git-fixes).
net/sched: ets: fix crash when flipping from 'strict' to 'quantum' (bsc#1176774).
net: usb: Fix uninit-was-stored issue in asix_read_phy_addr() (git-fixes).
NFC: digital: fix possible memory leak in digital_in_send_sdd_req() (git-fixes).
NFC: digital: fix possible memory leak in digital_tg_listen_mdaa() (git-fixes).
nfc: fix error handling of nfc_proto_register() (git-fixes).
nfc: port100: fix using -ERRNO as command type mask (git-fixes).
nfs: dir_cookie is a pointer to the cookie in older kernels, not the cookie itself. (bsc#1191628 bsc#1192549).
NFS: Do uncached readdir when we're seeking a cookie in an empty page cache (bsc#1191628).
nvme: add command id quirk for apple controllers (git-fixes).
nvme-fc: avoid race between time out and tear down (bsc#1185762).
nvme-fc: remove freeze/unfreeze around update_nr_hw_queues (bsc#1185762).
nvme-fc: update hardware queues before using them (bsc#1185762).
nvme-pci: Fix abort command id (git-fixes).
nvme-pci: fix error unwind in nvme_map_data (bsc#1191934).
nvme-pci: refactor nvme_unmap_data (bsc#1191934).
nvme-pci: set min_align_mask (bsc#1191851).
ocfs2: fix data corruption after conversion from inline format (bsc#1190795).
pata_legacy: fix a couple uninitialized variable bugs (git-fixes).
PCI: Fix pci_host_bridge struct device release/free handling (git-fixes).
phy: mdio: fix memory leak (git-fixes).
platform/mellanox: mlxreg-io: Fix argument base in kstrtou32() call (git-fixes).
platform/mellanox: mlxreg-io: Fix read access of n-bytes size attributes (git-fixes).
platform/x86: dell-smbios-wmi: Add missing kfree in error-exit from run_smbios_call (git-fixes).
platform/x86: intel_scu_ipc: Fix busy loop expiry time (git-fixes).
platform/x86: thinkpad_acpi: Fix bitwise vs. logical warning (git-fixes).
PM / devfreq: rk3399_dmc: Add missing of_node_put() (git-fixes).
PM / devfreq: rk3399_dmc: Disable devfreq-event device when fails (git-fixes