Security update for the Linux Kernel

Announcement ID: SUSE-SU-2019:2952-1
Rating: important
References:
Cross-References:
CVSS scores:
  • CVE-2018-12207 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2018-12207 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
  • CVE-2019-10220 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • CVE-2019-10220 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • CVE-2019-16232 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-16232 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-16233 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-16233 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-16234 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
  • CVE-2019-16234 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-16995 ( SUSE ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-16995 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2019-17056 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
  • CVE-2019-17133 ( SUSE ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-17133 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • CVE-2019-17666 ( SUSE ): 5.4 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
  • CVE-2019-17666 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • Public Cloud Module 15-SP1
  • SUSE Linux Enterprise High Performance Computing 15 SP1
  • SUSE Linux Enterprise Server 15 SP1
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1
  • SUSE Manager Proxy 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Server 4.0

An update that solves 10 vulnerabilities and has 111 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 15-SP1 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.

The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as More information can be found on https://www.suse.com/support/kb/doc/?id=7023735

  • CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described "Microarchitectural Data Sampling" attack.

The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).

The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251

  • CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685).

  • CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457).

  • CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).

  • CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372).

  • CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465).

  • CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452).

  • CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158).

  • CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).

The following non-security bugs were fixed:

  • 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510).
  • Add kernel module compression support (bsc#1135854)
  • acpi / CPPC: do not require the _PSD method (bsc#1051510).
  • acpi / processor: do not print errors for processorIDs == 0xff (bsc#1051510).
  • acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510).
  • act_mirred: Fix mirred_init_module error handling (bsc#1051510).
  • alsa: bebob: Fix prototype of helper function to return negative value (bsc#1051510).
  • alsa: firewire-motu: add support for MOTU 4pre (bsc#1111666).
  • alsa: hda - Add a quirk model for fixing Huawei Matebook X right speaker (bsc#1051510).
  • alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510).
  • alsa: hda - Apply AMD controller workaround for Raven platform (bsc#1051510).
  • alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510).
  • alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510).
  • alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510).
  • alsa: hda - Force runtime PM on Nvidia HDMI codecs (bsc#1051510).
  • alsa: hda - Inform too slow responses (bsc#1051510).
  • alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510).
  • alsa: hda/hdmi - Do not report spurious jack state changes (bsc#1051510).
  • alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510).
  • alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
  • alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
  • alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510).
  • alsa: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510).
  • alsa: hda/realtek - Enable headset mic on Asus MJ401TA (bsc#1051510).
  • alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
  • alsa: hda/realtek - Fix alienware headset mic (bsc#1051510).
  • alsa: hda/realtek - pci quirk for Medion E4254 (bsc#1051510).
  • alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510).
  • alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510).
  • alsa: hda: Add Elkhart Lake pci ID (bsc#1051510).
  • alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510).
  • alsa: hda: Add support of Zhaoxin controller (bsc#1051510).
  • alsa: hda: Flush interrupts on disabling (bsc#1051510).
  • alsa: hda: Set fifo_size for both playback and capture streams (bsc#1051510).
  • alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510).
  • alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510).
  • alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
  • alsa: usb-audio: Add DSD support for EVGA NU Audio (bsc#1051510).
  • alsa: usb-audio: Add DSD support for Gustard U16/X26 USB Interface (bsc#1051510).
  • alsa: usb-audio: Add Hiby device family to quirks for native DSD support (bsc#1051510).
  • alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510).
  • alsa: usb-audio: Clean up check_input_term() (bsc#1051510).
  • alsa: usb-audio: DSD auto-detection for Playback Designs (bsc#1051510).
  • alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510).
  • alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1111666).
  • alsa: usb-audio: Fix copy&paste error in the validator (bsc#1111666).
  • alsa: usb-audio: Fix possible NULL dereference at create_yamaha_midi_quirk() (bsc#1051510).
  • alsa: usb-audio: More validations of descriptor units (bsc#1051510).
  • alsa: usb-audio: Remove superfluous bLength checks (bsc#1051510).
  • alsa: usb-audio: Simplify parse_audio_unit() (bsc#1051510).
  • alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510).
  • alsa: usb-audio: Unify audioformat release code (bsc#1051510).
  • alsa: usb-audio: Unify the release of usb_mixer_elem_info objects (bsc#1051510).
  • alsa: usb-audio: Update DSD support quirks for Oppo and Rotel (bsc#1051510).
  • alsa: usb-audio: fix PCM device order (bsc#1051510).
  • alsa: usb-audio: remove some dead code (bsc#1051510).
  • appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  • arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).
  • arm64/cpufeature: Convert hook_lock to raw_spin_lock_t in cpu_enable_ssbs() (jsc#ECO-561).
  • arm64: Add decoding macros for CP15_32 and CP15_64 traps (jsc#ECO-561).
  • arm64: Add part number for Neoverse N1 (jsc#ECO-561).
  • arm64: Add silicon-errata.txt entry for ARM erratum 1188873 (jsc#ECO-561).
  • arm64: Apply ARM64_ERRATUM_1188873 to Neoverse-N1 (jsc#ECO-561).
  • arm64: Fake the IminLine size on systems affected by Neoverse-N1 #1542419 (jsc#ECO-561,jsc#SLE-10671).
  • arm64: Fix mismatched cache line size detection (jsc#ECO-561,jsc#SLE-10671).
  • arm64: Fix silly typo in comment (jsc#ECO-561).
  • arm64: Force SSBS on context switch (jsc#ECO-561).
  • arm64: Introduce sysreg_clear_set() (jsc#ECO-561).
  • arm64: Make ARM64_ERRATUM_1188873 depend on COMPAT (jsc#ECO-561).
  • arm64: Restrict ARM64_ERRATUM_1188873 mitigation to AArch32 (jsc#ECO-561).
  • arm64: arch_timer: avoid unused function warning (jsc#ECO-561).
  • arm64: compat: Add CNTFRQ trap handler (jsc#ECO-561).
  • arm64: compat: Add CNTVCT trap handler (jsc#ECO-561).
  • arm64: compat: Add condition code checks and IT advance (jsc#ECO-561).
  • arm64: compat: Add cp15_32 and cp15_64 handler arrays (jsc#ECO-561).
  • arm64: compat: Add separate CP15 trapping hook (jsc#ECO-561).
  • arm64: compat: Workaround Neoverse-N1 #1542419 for compat user-space (jsc#ECO-561,jsc#SLE-10671).
  • arm64: cpu: Move errata and feature enable callbacks closer to callers (jsc#ECO-561).
  • arm64: cpu_errata: Remove ARM64_MISMATCHED_CACHE_LINE_SIZE (jsc#ECO-561,jsc#SLE-10671).
  • arm64: cpufeature: Fix handling of CTR_EL0.IDC field (jsc#ECO-561,jsc#SLE-10671).
  • arm64: cpufeature: Trap CTR_EL0 access only where it is necessary (jsc#ECO-561,jsc#SLE-10671).
  • arm64: cpufeature: ctr: Fix cpu capability check for late CPUs (jsc#ECO-561,jsc#SLE-10671).
  • arm64: entry: Allow handling of undefined instructions from EL1 (jsc#ECO-561).
  • arm64: errata: Hide CTR_EL0.DIC on systems affected by Neoverse-N1 #1542419 (jsc#ECO-561,jsc#SLE-10671).
  • arm64: fix SSBS sanitization (jsc#ECO-561).
  • arm64: force_signal_inject: WARN if called from kernel context (jsc#ECO-561).
  • arm64: kill change_cpacr() (jsc#ECO-561).
  • arm64: kill config_sctlr_el1() (jsc#ECO-561).
  • arm64: kvm: Add invalidate_icache_range helper (jsc#ECO-561,jsc#SLE-10671).
  • arm64: kvm: PTE/PMD S2 XN bit definition (jsc#ECO-561,jsc#SLE-10671).
  • arm64: move SCTLR_EL{1,2} assertions to <asm/sysreg.h> (jsc#ECO-561).
  • arm64: ssbd: Drop #ifdefs for PR_SPEC_STORE_BYPASS (jsc#ECO-561).
  • arm: kvm: Add optimized PIPT icache flushing (jsc#ECO-561,jsc#SLE-10671).
  • asoc: Define a set of DAPM pre/post-up events (bsc#1051510).
  • asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510).
  • asoc: Intel: NHLT: Fix debug print format (bsc#1051510).
  • asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510).
  • asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
  • asoc: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).
  • asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510).
  • auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510).
  • ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  • blk-wbt: abstract out end IO completion handler (bsc#1135873).
  • blk-wbt: fix has-sleeper queueing check (bsc#1135873).
  • blk-wbt: improve waking of tasks (bsc#1135873).
  • blk-wbt: move disable check into get_limit() (bsc#1135873).
  • blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873).
  • block: add io timeout to sysfs (bsc#1148410).
  • block: add io timeout to sysfs (bsc#1148410).
  • block: do not show io_timeout if driver has no timeout handler (bsc#1148410).
  • block: do not show io_timeout if driver has no timeout handler (bsc#1148410).
  • bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510).
  • bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ).
  • bnxt_en: Add pci IDs for 57500 series NPAR devices (bsc#1153607).
  • boot: Sign non-x86 kernels when possible (boo#1134303)
  • bpf: fix use after free in prog symbol exposure (bsc#1083647).
  • brcmfmac: sdio: Disable auto-tuning around commands expected to fail (bsc#1111666).
  • brcmfmac: sdio: Do not tune while the card is off (bsc#1111666).
  • bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15).
  • btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651).
  • btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607).
  • btrfs: bail out gracefully rather than BUG_ON (bsc#1153646).
  • btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).
  • btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713).
  • btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).
  • btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651).
  • btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
  • btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).
  • can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510).
  • can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510).
  • cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15).
  • cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510).
  • ceph: fix directories inode i_blkbits initialization (bsc#1153717).
  • ceph: reconnect connection if session hang in opening state (bsc#1153718).
  • ceph: update the mtime when truncating up (bsc#1153719).
  • cfg80211: Purge frame registrations on iftype change (bsc#1051510).
  • cfg80211: add and use strongly typed element iteration macros (bsc#1051510).
  • clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510).
  • clk: qoriq: Fix -Wunused-const-variable (bsc#1051510).
  • clk: sirf: Do not reference clk_init_data after registration (bsc#1051510).
  • clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510).
  • config: arm64: enable erratum 1418040 and 1542419
  • crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737).
  • crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
  • crypto: af_alg - consolidation of duplicate code (bsc#1154737).
  • crypto: af_alg - fix race accessing cipher request (bsc#1154737).
  • crypto: af_alg - remove locking in async callback (bsc#1154737).
  • crypto: af_alg - update correct dst SGL entry (bsc#1051510).
  • crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
  • crypto: algif - return error code when no data was processed (bsc#1154737).
  • crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
  • crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
  • crypto: algif_aead - overhaul memory management (bsc#1154737).
  • crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
  • crypto: algif_skcipher - overhaul memory management (bsc#1154737).
  • crypto: talitos - fix missing break in switch statement (bsc#1142635).
  • cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).
  • cxgb4: do not dma memory off of the stack (bsc#1152790).
  • cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129).
  • cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129).
  • cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513).
  • cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129).
  • cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05).
  • dasd_fba: Display '00000000' for zero page when dumping sense (bsc#1123080).
  • drm/amd/display: Restore backlight brightness after system resume (bsc#1112178)
  • drm/amd/display: fix issue where 252-255 values are clipped (bsc#1111666).
  • drm/amd/display: reprogram VM config when system resume (bsc#1111666).
  • drm/amd/display: support spdif (bsc#1111666).
  • drm/amd/dm: Understand why attaching path/tile properties are needed (bsc#1111666).
  • drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510).
  • drm/amd/pp: Fix truncated clock value when set watermark (bsc#1111666).
  • drm/amdgpu/gfx9: Update gfx9 golden settings (bsc#1111666).
  • drm/amdgpu/si: fix ASIC tests (git-fixes).
  • drm/amdgpu: Check for valid number of registers to read (bsc#1051510).
  • drm/amdgpu: Fix KFD-related kernel oops on Hawaii (bsc#1111666).
  • drm/amdgpu: Update gc_9_0 golden settings (bsc#1111666).
  • drm/amdkfd: Add missing Polaris10 ID (bsc#1111666).
  • drm/ast: Fixed reboot test may cause system hanged (bsc#1051510).
  • drm/atomic_helper: Allow DPMS On<->Off changes for unregistered connectors (bsc#1111666).
  • drm/atomic_helper: Disallow new modesets on unregistered connectors (bsc#1111666).
  • drm/atomic_helper: Stop modesets on unregistered connectors harder (bsc#1111666).
  • drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510).
  • drm/bridge: tfp410: fix memleak in get_modes() (bsc#1111666).
  • drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
  • drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
  • drm/i915/cmdparser: Ignore Length operands during (bsc#1135967)
  • drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
  • drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
  • drm/i915/gvt: update vgpu workload head pointer correctly (bsc#1112178)
  • drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
  • drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
  • drm/i915: Allow parsing of unsized batches (bsc#1135967)
  • drm/i915: Cleanup gt powerstate from gem (bsc#1111666).
  • drm/i915: Disable Secure Batches for gen6+ (bsc#1135967)
  • drm/i915: Fix intel_dp_mst_best_encoder() (bsc#1111666).
  • drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
  • drm/i915: Remove Master tables from cmdparser (bsc#1135967)
  • drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
  • drm/i915: Restore sane defaults for KMS on GEM error load (bsc#1111666).
  • drm/i915: Support ro ppgtt mapped cmdparser shadow (bsc#1135967)
  • drm/mediatek: set DMA max segment size (bsc#1111666).
  • drm/msm/dsi: Fix return value check for clk_get_parent (bsc#1111666).
  • drm/msm/dsi: Implement reset correctly (bsc#1051510).
  • drm/nouveau/disp/nv50-: fix center/aspect-corrected scaling (bsc#1111666).
  • drm/nouveau/kms/nv50-: Do not create MSTMs for eDP connectors (bsc#1112178)
  • drm/nouveau/volt: Fix for some cards having 0 maximum voltage (bsc#1111666).
  • drm/omap: fix max fclk divider for omap36xx (bsc#1111666).
  • drm/panel: check failure cases in the probe func (bsc#1111666).
  • drm/panel: make drm_panel.h self-contained (bsc#1111666).
  • drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510).
  • drm/radeon: Bail earlier when radeon.cik_/si_support=0 is passed (bsc#1111666).
  • drm/radeon: Fix EEH during kexec (bsc#1051510).
  • drm/rockchip: Check for fast link training before enabling psr (bsc#1111666).
  • drm/stm: attach gem fence to atomic state (bsc#1111666).
  • drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510).
  • drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510).
  • drm: Flush output polling on shutdown (bsc#1051510).
  • drm: add __user attribute to ptr_to_compat() (bsc#1111666).
  • drm: panel-orientation-quirks: Add extra quirk table entry for GPD MicroPC (bsc#1111666).
  • drm: rcar-du: lvds: Fix bridge_to_rcar_lvds (bsc#1111666).
  • e1000e: add workaround for possible stalled packet (bsc#1051510).
  • efi/arm: Show SMBIOS bank/device location in CPER and GHES error logs (bsc#1152033).
  • efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510).
  • efi: cper: print AER info of pcie fatal error (bsc#1051510).
  • efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510).
  • firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes).
  • gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bsc#1051510).
  • hid: apple: Fix stuck function keys when using FN (bsc#1051510).
  • hid: fix error message in hid_open_report() (bsc#1051510).
  • hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510).
  • hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
  • hid: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510).
  • hid: prodikeys: Fix general protection fault during probe (bsc#1051510).
  • hid: sony: Fix memory corruption issue on cleanup (bsc#1051510).
  • hso: fix NULL-deref on tty open (bsc#1051510).
  • hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510).
  • hwrng: core - do not wait on add_early_randomness() (git-fixes).
  • hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
  • i2c: riic: Clear NACK in tend isr (bsc#1051510).
  • ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108)
  • ib/core: Add mitigation for Spectre V1 (bsc#1155671)
  • ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449).
  • ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205).
  • ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205).
  • ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305).
  • ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510).
  • ieee802154: ca8210: prevent memory leak (bsc#1051510).
  • ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510).
  • iio: adc: ad799x: fix probe error handling (bsc#1051510).
  • iio: light: opt3001: fix mutex unlock race (bsc#1051510).
  • ima: always return negative code for error (bsc#1051510).
  • input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510).
  • input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
  • integrity: prevent deadlock during digsig verification (bsc#1090631).
  • iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799).
  • iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608).
  • iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799).
  • iommu/amd: Remove domain->updated (bsc#1154610).
  • iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611).
  • ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510)