Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2020:0605-1
Rating:	moderate
References:	bsc#1050244 bsc#1051510 bsc#1051858 bsc#1065600 bsc#1065729 bsc#1071995 bsc#1083647 bsc#1085030 bsc#1086301 bsc#1086313 bsc#1086314 bsc#1104745 bsc#1109837 bsc#1111666 bsc#1112178 bsc#1112374 bsc#1113956 bsc#1114279 bsc#1114685 bsc#1123328 bsc#1144333 bsc#1151927 bsc#1153917 bsc#1154601 bsc#1157155 bsc#1157157 bsc#1157692 bsc#1158013 bsc#1158026 bsc#1158071 bsc#1159028 bsc#1159096 bsc#1159377 bsc#1159394 bsc#1159588 bsc#1159911 bsc#1160147 bsc#1160195 bsc#1160210 bsc#1160211 bsc#1160433 bsc#1160442 bsc#1160469 bsc#1160470 bsc#1160476 bsc#1160560 bsc#1160618 bsc#1160678 bsc#1160755 bsc#1160756 bsc#1160784 bsc#1160787 bsc#1160802 bsc#1160803 bsc#1160804 bsc#1160917 bsc#1160966 bsc#1161087 bsc#1161243 bsc#1161472 bsc#1161514 bsc#1161518 bsc#1161522 bsc#1161523 bsc#1161549 bsc#1161674 bsc#1161875 bsc#1162028
Cross-References:	CVE-2019-14615 CVE-2019-14896 CVE-2019-14897 CVE-2019-16994 CVE-2019-19036 CVE-2019-19045 CVE-2019-19054 CVE-2019-19318 CVE-2019-19927 CVE-2019-19965 CVE-2020-7053
CVSS scores:	CVE-2019-14615 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2019-14615 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVE-2019-14896 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-14896 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-14896 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-14897 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-14897 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-14897 ( NVD ): 6.6 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H CVE-2019-16994 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2019-16994 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-19036 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-19036 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-19045 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2019-19045 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2019-19054 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2019-19054 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-19318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-19318 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2019-19927 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2019-19927 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2019-19965 ( SUSE ): 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2019-19965 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-7053 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVE-2020-7053 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Real Time 12 SP5 SUSE Linux Enterprise Server 12 SP5

An update that solves 11 vulnerabilities and has 57 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP5 real-time kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2019-14615: An information disclosure vulnerability existed due to insufficient control flow in certain data structures for some Intel(R) Processors (bnc#1160195).
CVE-2019-14896: A heap overflow was found in the add_ie_rates() function of the Marvell Wifi Driver (bsc#1157157).
CVE-2019-14897: A stack overflow was found in the lbs_ibss_join_existing() function of the Marvell Wifi Driver (bsc#1157155).
CVE-2019-16994: A memory leak existed in sit_init_net() in net/ipv6/sit.c which might have caused denial of service, aka CID-07f12b26e21a (bnc#1161523).
CVE-2019-19036: An issue discovered in btrfs_root_node in fs/btrfs/ctree.c allowed a NULL pointer dereference because rcu_dereference(root->node) can be zero (bnc#1157692).
CVE-2019-19045: A memory leak in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allowed attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7 (bnc#1161522).
CVE-2019-19054: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allowed attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b (bnc#1161518).
CVE-2019-19318: Mounting a crafted btrfs image twice could have caused a use-after-free (bnc#1158026).
CVE-2019-19927: A slab-out-of-bounds read access could have been caused when mounting a crafted f2fs filesystem image and performing some operations on it, in drivers/gpu/drm/ttm/ttm_page_alloc.c (bnc#1160147).
CVE-2019-19965: There was a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5 (bnc#1159911).
CVE-2020-7053: There was a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c (bnc#1160966).

The following non-security bugs were fixed:

ALSA: hda - Apply sync-write workaround to old Intel platforms, too (bsc#1111666).
ALSA: hda/realtek - Add Bass Speaker and fixed dac for bass speaker (bsc#1111666).
ALSA: hda/realtek - Add new codec supported for ALCS1200A (bsc#1111666).
ALSA: hda/realtek - Add quirk for the bass speaker on Lenovo Yoga X1 7th gen (bsc#1111666).
ALSA: hda/realtek - Enable the bass speaker of ASUS UX431FLC (bsc#1111666).
ALSA: hda/realtek - Set EAPD control to default for ALC222 (bsc#1111666).
ALSA: seq: Fix racy access for queue timer in proc read (bsc#1051510).
ALSA: usb-audio: Apply the sample rate quirk for Bose Companion 5 (bsc#1111666).
ALSA: usb-audio: fix sync-ep altsetting sanity check (bsc#1051510).
ASoC: au8540: use 64-bit arithmetic instead of 32-bit (bsc#1051510).
ASoC: samsung: i2s: Fix prescaler setting for the secondary DAI (bsc#1111666).
Fix partial checked out tree build ... so that bisection does not break.
Fix the locking in dcache_readdir() and friends (bsc#1123328).
HID: hidraw, uhid: Always report EPOLLOUT (bsc#1051510).
HID: hidraw: Fix returning EPOLLOUT from hidraw_poll (bsc#1051510).
HID: uhid: Fix returning EPOLLOUT from uhid_char_poll (bsc#1051510).
IB/hfi1: Do not cancel unused work item (bsc#1114685 ).
NFC: pn533: fix bulk-message timeout (bsc#1051510).
RDMA/bnxt_re: Avoid freeing MR resources if dereg fails (bsc#1050244).
Temporary workaround for bsc#1159096 should no longer be needed.
USB: serial: ch341: handle unbound port at reset_resume (bsc#1051510).
USB: serial: io_edgeport: add missing active-port sanity check (bsc#1051510).
USB: serial: keyspan: handle unbound ports (bsc#1051510).
USB: serial: opticon: fix control-message timeouts (bsc#1051510).
USB: serial: quatech2: handle unbound ports (bsc#1051510).
USB: serial: suppress driver bind attributes (bsc#1051510).
blk-mq: avoid sysfs buffer overflow with too many CPU cores (bsc#1159377).
blk-mq: make sure that line break can be printed (bsc#1159377).
bnxt: apply computed clamp value for coalece parameter (bsc#1104745).
bnxt_en: Fix MSIX request logic for RDMA driver (bsc#1104745 ).
bnxt_en: Return error if FW returns more data than dump length (bsc#1104745).
bpf/sockmap: Read psock ingress_msg before sk_receive_queue (bsc#1083647).
bpf: Fix incorrect verifier simulation of ARSH under ALU32 (bsc#1083647).
bpf: Reject indirect var_off stack access in raw mode (bsc#1160618).
bpf: Reject indirect var_off stack access in unpriv mode (bco#1160618).
bpf: Sanity check max value for var_off stack access (bco#1160618).
bpf: Support variable offset stack access from helpers (bco#1160618).
bpf: add self-check logic to liveness analysis (bsc#1160618).
bpf: add verifier stats and log_level bit 2 (bsc#1160618).
bpf: improve stacksafe state comparison (bco#1160618).
bpf: improve verification speed by droping states (bsc#1160618).
bpf: improve verification speed by not remarking live_read (bsc#1160618).
bpf: improve verifier branch analysis (bsc#1160618).
bpf: increase complexity limit and maximum program size (bsc#1160618).
bpf: increase verifier log limit (bsc#1160618).
bpf: speed up stacksafe check (bco#1160618).
bpf: verifier: teach the verifier to reason about the BPF_JSET instruction (bco#1160618).
btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it (dependency for bsc#1157692).
btrfs: fix block group remaining RO forever after error during device replace (bsc#1160442).
btrfs: fix infinite loop during nocow writeback due to race (bsc#1160804).
btrfs: fix integer overflow in calc_reclaim_items_nr (bsc#1160433).
btrfs: fix negative subv_writers counter and data space leak after buffered write (bsc#1160802).
btrfs: fix removal logic of the tree mod log that leads to use-after-free issues (bsc#1160803).
btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Fix for dependency of bsc#1157692).
btrfs: inode: Verify inode mode to avoid NULL pointer dereference (dependency for bsc#1157692).
btrfs: relocation: fix reloc_root lifespan and access (bsc#1159588).
btrfs: tree-checker: Check chunk item at tree block read time (dependency for bsc#1157692).
btrfs: tree-checker: Check level for leaves and nodes (dependency for bsc#1157692).
btrfs: tree-checker: Enhance chunk checker to validate chunk profile (dependency for bsc#1157692).
btrfs: tree-checker: Fix wrong check on max devid (fixes for dependency of bsc#1157692).
btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO (dependency for bsc#1157692).
btrfs: tree-checker: Make chunk item checker messages more readable (dependency for bsc#1157692).
btrfs: tree-checker: Verify dev item (dependency for bsc#1157692).
btrfs: tree-checker: Verify inode item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in block_group_err (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_block_group_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_csum_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_dev_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_dir_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_extent_data_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_inode_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_leaf (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in check_leaf_item (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in chunk_err (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in dev_item_err (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in dir_item_err (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in file_extent_err (dependency for bsc#1157692).
btrfs: tree-checker: get fs_info from eb in generic_err (dependency for bsc#1157692).
can: gs_usb: gs_usb_probe(): use descriptors of current altsetting (bsc#1051510).
can: mscan: mscan_rx_poll(): fix rx path lockup when returning from polling to irq mode (bsc#1051510).
cfg80211/mac80211: make ieee80211_send_layer2_update a public function (bsc#1051510).
cfg80211: fix page refcount issue in A-MSDU decap (bsc#1051510).
cgroup: pids: use atomic64_t for pids->limit (bsc#1161514).
cifs: Close cached root handle only if it had a lease (bsc#1144333).
cifs: Close open handle after interrupted close (bsc#1144333).
cifs: Do not miss cancelled OPEN responses (bsc#1144333).
cifs: Fix NULL pointer dereference in mid callback (bsc#1144333).
cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks (bsc#1144333).
cifs: Fix lookup of root ses in DFS referral cache (bsc#1144333).
cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() (bsc#1144333).
cifs: Fix mount options set in automount (bsc#1144333).
cifs: Fix potential softlockups while refreshing DFS cache (bsc#1144333).
cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1144333).
cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1144333).
cifs: Properly process SMB3 lease breaks (bsc#1144333).
cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1144333).
cifs: add support for flock (bsc#1144333).
cifs: close the shared root handle on tree disconnect (bsc#1144333).
cifs: remove set but not used variables 'cinode' and 'netfid' (bsc#1144333).
clk: imx: clk-composite-8m: add lock to gate/mux (git-fixes).
clk: rockchip: fix I2S1 clock gate register for rk3328 (bsc#1051510).
clk: rockchip: fix ID of 8ch clock of I2S1 for rk3328 (bsc#1051510).
clk: rockchip: fix rk3188 sclk_mac_lbtest parameter ordering (bsc#1051510).
clk: rockchip: fix rk3188 sclk_smc gate data (bsc#1051510).
drm/dp_mst: correct the shifting in DP_REMOTE_I2C_READ (bsc#1051510).
drm/fb-helper: Round up bits_per_pixel if possible (bsc#1051510).
drm/i810: Prevent underflow in ioctl (bsc#1114279)
drm/i915/gvt: Pin vgpu dma address before using (bsc#1112178)
drm/i915/gvt: set guest display buffer as readonly (bsc#1112178)
drm/i915/gvt: use vgpu lock for active state setting (bsc#1112178)
drm/i915: Add missing include file <linux/math64.h> (bsc#1051510).
drm/i915: Fix pid leak with banned clients (bsc#1114279)
drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
drm/qxl: Return error if fbdev is not 32 bpp (bsc#1159028)
drm/radeon: fix r1xx/r2xx register checker for POT textures (bsc#1114279)
drm/sun4i: hdmi: Remove duplicate cleanup calls (bsc#1113956)
drm: limit to INT_MAX in create_blob ioctl (bsc#1051510).
exit: panic before exit_mm() on global init exit (bsc#1161549).
extcon: max8997: Fix lack of path setting in USB device mode (bsc#1051510).
fjes: fix missed check in fjes_acpi_add (bsc#1051510).
fs: cifs: Fix atime update check vs mtime (bsc#1144333).
ftrace: Avoid potential division by zero in function profiler (bsc#1160784).
gpio: Fix error message on out-of-range GPIO in lookup table (bsc#1051510).
hidraw: Return EPOLLOUT from hidraw_poll (bsc#1051510).
iio: buffer: align the size of scan bytes to size of the largest element (bsc#1051510).
inet: protect against too small mtu values (networking-stable-19_12_16).
init: add arch_call_rest_init to allow stack switching (jsc#SLE-11178).
iommu/iova: Init the struct iova to fix the possible memleak (bsc#1160469).
iommu/mediatek: Correct the flush_iotlb_all callback (bsc#1160470).
iommu/vt-d: Unlink device if failed to add to group (bsc#1160756).
iommu: Remove device link to group on failure (bsc#1160755).
iwlwifi: change monitor DMA to be coherent (bsc#1161243).
kABI fixup for alloc_dax_region (bsc#1158071,bsc#1160678).
kABI: Protest new fields in BPF structs (bsc#1160618).
kABI: protect struct sctp_ep_common (kabi).
kernel/trace: Fix do not unregister tracepoints when register sched_migrate_task fail (bsc#1160787).
kvm: x86: Host feature SSBD does not imply guest feature SPEC_CTRL_SSBD (bsc#1160476).
leds: Allow to call led_classdev_unregister() unconditionally (bsc#1161674).
leds: class: ensure workqueue is initialized before setting brightness (bsc#1161674).
livepatch: Simplify stack trace retrieval (jsc#SLE-11178).
mlxsw: spectrum_qdisc: Ignore grafting of invisible FIFO (bsc#1112374).
mm, debug_pagealloc: do not rely on static keys too early (VM debuging functionality, bsc#1159096).
mm/page-writeback.c: fix range_cyclic writeback vs writepages deadlock (bsc#1159394).
mmc: sdhci: Add a quirk for broken command queuing (git-fixes).
mmc: sdhci: Workaround broken command queuing on Intel GLK (git-fixes).
net, sysctl: Fix compiler warning when only cBPF is present (bsc#1109837).
net/mlx4_en: fix mlx4 ethtool -N insertion (networking-stable-19_11_25).
net/mlx5e: Fix set vf link state error flow (networking-stable-19_11_25).
net/mlxfw: Fix out-of-memory error in mfa2 flash burning (bsc#1051858).
net/sched: act_pedit: fix WARN() in the traffic path (networking-stable-19_11_25).
net: bridge: deny dev_set_mac_address() when unregistering (networking-stable-19_12_16).
net: ethernet: ti: cpsw: fix extra rx interrupt (networking-stable-19_12_16).
net: psample: fix skb_over_panic (networking-stable-19_12_03).
net: rtnetlink: prevent underflows in do_setvfinfo() (networking-stable-19_11_25).
net: sched: fix tc -s class show no bstats on class with nolock subqueues (networking-stable-19_12_03).
net: usb: lan78xx: limit size of local TSO packets (bsc#1051510).
net: usb: qmi_wwan: add support for Foxconn T77W968 LTE modules (networking-stable-19_11_18).
openvswitch: drop unneeded BUG_ON() in ovs_flow_cmd_build_info() (networking-stable-19_12_03).
openvswitch: remove another BUG_ON() (networking-stable-19_12_03).
openvswitch: support asymmetric conntrack (networking-stable-19_12_16).
platform/x86: asus-wmi: Fix keyboard brightness cannot be set to 0 (bsc#1051510).
powerpc/irq: fix stack overflow verification (bsc#1065729).
powerpc/livepatch: return -ERRNO values in save_stack_trace_tsk_reliable() (bsc#1071995 bsc#1161875).
powerpc/mm: drop #ifdef CONFIG_MMU in is_ioremap_addr() (bsc#1065729).
powerpc/pkeys: remove unused pkey_allows_readwrite (bsc#1065729).
powerpc/pseries/lparcfg: Fix display of Maximum Memory (bsc#1162028 ltc#181740).
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init() (git-fixes).
powerpc/security: Fix debugfs data leak on 32-bit (bsc#1065729).
powerpc/tools: Do not quote $objdump in scripts (bsc#1065729).
powerpc/xive: Skip ioremap() of ESB pages for LSI interrupts (bsc#1085030).
powerpc: Allow 64bit VDSO __kernel_sync_dicache to work across ranges >4GB (bnc#1151927 5.3.17).
powerpc: Allow flush_icache_range to work across ranges >4GB (bnc#1151927 5.3.17).
qede: Disable hardware gro when xdp prog is installed (bsc#1086314 bsc#1086313 bsc#1086301 ).
r8152: add missing endpoint sanity check (bsc#1051510).
s390/ftrace: save traced function caller (jsc#SLE-11178).
s390/ftrace: use HAVE_FUNCTION_GRAPH_RET_ADDR_PTR (jsc#SLE-11178).
s390/head64: correct init_task stack setup (jsc#SLE-11178).
s390/kasan: avoid false positives during stack unwind (jsc#SLE-11178).
s390/kasan: avoid report in get_wchan (jsc#SLE-11178).
s390/livepatch: Implement reliable stack tracing for the consistency model (jsc#SLE-11178).
s390/process: avoid custom stack unwinding in get_wchan (jsc#SLE-11178).
s390/stacktrace: use common arch_stack_walk infrastructure (jsc#SLE-11178).
s390/suspend: fix stack setup in swsusp_arch_suspend (jsc#SLE-11178).
s390/test_unwind: print verbose unwinding results (jsc#SLE-11178).
s390/unwind: add stack pointer alignment sanity checks (jsc#SLE-11178).
s390/unwind: always inline get_stack_pointer (jsc#SLE-11178).
s390/unwind: avoid int overflow in outside_of_stack (jsc#SLE-11178).
s390/unwind: cleanup unused READ_ONCE_TASK_STACK (jsc#SLE-11178).
s390/unwind: correct stack switching during unwind (jsc#SLE-11178).
s390/unwind: drop unnecessary code around calling ftrace_graph_ret_addr() (jsc#SLE-11178).
s390/unwind: filter out unreliable bogus %r14 (jsc#SLE-11178).
s390/unwind: fix get_stack_pointer(NULL, NULL) (jsc#SLE-11178).
s390/unwind: fix mixing regs and sp (jsc#SLE-11178).
s390/unwind: introduce stack unwind API (jsc#SLE-11178).
s390/unwind: make reuse_sp default when unwinding pt_regs (jsc#SLE-11178).
s390/unwind: remove stack recursion warning (jsc#SLE-11178).
s390/unwind: report an error if pt_regs are not on stack (jsc#SLE-11178).
s390/unwind: start unwinding from reliable state (jsc#SLE-11178).
s390/unwind: stop gracefully at task pt_regs (jsc#SLE-11178).
s390/unwind: stop gracefully at user mode pt_regs in irq stack (jsc#SLE-11178).
s390/unwind: unify task is current checks (jsc#SLE-11178).
s390: add stack switch helper (jsc#SLE-11178).
s390: add support for virtually mapped kernel stacks (jsc#SLE-11178).
s390: always inline current_stack_pointer() (jsc#SLE-11178).
s390: always inline disabled_wait (jsc#SLE-11178).
s390: avoid misusing CALL_ON_STACK for task stack setup (jsc#SLE-11178).
s390: clean up stacks setup (jsc#SLE-11178).
s390: correct CALL_ON_STACK back_chain saving (jsc#SLE-11178).
s390: disable preemption when switching to nodat stack with CALL_ON_STACK (jsc#SLE-11178).
s390: fine-tune stack switch helper (jsc#SLE-11178).
s390: fix register clobbering in CALL_ON_STACK (jsc#SLE-11178).
s390: kabi workaround for ftrace_ret_stack (jsc#SLE-11178).
s390: kabi workaround for lowcore changes due to vmap stack (jsc#SLE-11178).
s390: kabi workaround for reliable stack tracing (jsc#SLE-11178).
s390: preserve kabi for stack unwind API (jsc#SLE-11178).
s390: unify stack size definitions (jsc#SLE-11178).
scsi: lpfc: fix build failure with DEBUGFS disabled (bsc#1154601).
scsi: qla2xxx: Add D-Port Diagnostic reason explanation logs (bsc#1158013).
scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (bsc#1158013).
scsi: qla2xxx: Cleanup unused async_logout_done (bsc#1158013).
scsi: qla2xxx: Consolidate fabric scan (bsc#1158013).
scsi: qla2xxx: Correct fcport flags handling (bsc#1158013).
scsi: qla2xxx: Fix RIDA Format-2 (bsc#1158013).
scsi: qla2xxx: Fix fabric scan hang (bsc#1158013).
scsi: qla2xxx: Fix mtcp dump collection failure (bsc#1158013).
scsi: qla2xxx: Fix stuck login session using prli_pend_timer (bsc#1158013).
scsi: qla2xxx: Fix stuck session in GNL (bsc#1158013).
scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type (bsc#1158013).
scsi: qla2xxx: Fix update_fcport for current_topology (bsc#1158013).
scsi: qla2xxx: Improve readability of the code that handles qla_flt_header (bsc#1158013).
scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (bsc#1158013).
scsi: qla2xxx: Update driver version to 10.01.00.22-k (bsc#1158013).
scsi: qla2xxx: Use common routine to free fcport struct (bsc#1158013).
scsi: qla2xxx: Use get_unaligned_*() instead of open-coding these functions (bsc#1158013).
sctp: cache netns in sctp_ep_common (networking-stable-19_12_03).
sfc: Only cancel the PPS workqueue if it exists (networking-stable-19_11_25).
sfc: Remove 'PCIE error reporting unavailable' (bsc#1161472).
smb3: Fix crash in SMB2_open_init due to uninitialized field in compounding path (bsc#1144333).
smb3: Fix persistent handles reconnect (bsc#1144333).
smb3: fix refcount underflow warning on unmount when no directory leases (bsc#1144333).
smb3: remove confusing dmesg when mounting with encryption ("seal") (bsc#1144333).
stacktrace: Do not skip first entry on noncurrent tasks (jsc#SLE-11178).
stacktrace: Force USER_DS for stack_trace_save_user() (jsc#SLE-11178).
stacktrace: Get rid of unneeded '!!' pattern (jsc#SLE-11178).
stacktrace: Provide common infrastructure (jsc#SLE-11178).
stacktrace: Provide helpers for common stack trace operations (jsc#SLE-11178).
stacktrace: Unbreak stack_trace_save_tsk_reliable() (jsc#SLE-11178).
stacktrace: Use PF_KTHREAD to check for kernel threads (jsc#SLE-11178).
tcp: clear tp->packets_out when purging write queue (bsc#1160560).
tcp: exit if nothing to retransmit on RTO timeout (bsc#1160560, stable 4.14.159).
tcp: md5: fix potential overestimation of TCP option space (networking-stable-19_12_16).
tracing: Cleanup stack trace code (jsc#SLE-11178).
tracing: Have the histogram compare functions convert to u64 first (bsc#1160210).
workqueue: Fix pwq ref leak in rescuer_thread() (bsc#1160211).
x86/MCE/AMD: Allow Reserved types to be overwritten in smca_banks (bsc#1114279).
x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure() (bsc#1114279).
x86/kgbd: Use NMI_VECTOR not APIC_DM_NMI (bsc#1114279).
x86/mce/AMD: Allow any CPU to initialize the smca_banks array (bsc#1114279).
x86/mce: Fix possibly incorrect severity calculation on AMD (bsc#1114279).
x86/resctrl: Fix an imbalance in domain_remove_cpu() (bsc#1114279).
x86/resctrl: Fix potential memory leak (bsc#1114279).
xen-blkfront: switch kcalloc to kvcalloc for large array allocation (bsc#1160917).
xen/blkfront: Adjust indentation in xlvbd_alloc_gendisk (bsc#1065600).
xfs: Fix tail rounding in xfs_alloc_file_space() (bsc#1161087, bsc#1153917).

Special Instructions and Notes:

Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Real Time 12 SP5
zypper in -t patch SUSE-SLE-RT-12-SP5-2020-605=1

Package List:

SUSE Linux Enterprise Real Time 12 SP5 (x86_64)
- kernel-rt-base-4.12.14-6.3.1
- kernel-rt_debug-devel-4.12.14-6.3.1
- cluster-md-kmp-rt-4.12.14-6.3.1
- ocfs2-kmp-rt-4.12.14-6.3.1
- kernel-syms-rt-4.12.14-6.3.1
- gfs2-kmp-rt-4.12.14-6.3.1
- kernel-rt-devel-4.12.14-6.3.1
- dlm-kmp-rt-4.12.14-6.3.1
SUSE Linux Enterprise Real Time 12 SP5 (noarch)
- kernel-devel-rt-4.12.14-6.3.1
- kernel-source-rt-4.12.14-6.3.1
SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64)
- kernel-rt-4.12.14-6.3.1
- kernel-rt_debug-4.12.14-6.3.1

Security update for the Linux Kernel

Description:

Special Instructions and Notes:

Patch Instructions:

Package List:

References: