May 2019 - openSUSE Security Announce - openSUSE Mailing Lists

[security-announce] openSUSE-SU-2019:1407-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 20 May '19

20 May '19

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1407-1 Rating: important References: #1012382 #1020645 #1020989 #1031492 #1047487 #1051510 #1053043 #1062056 #1063638 #1064388 #1066223 #1070872 #1085539 #1087092 #1094244 #1096480 #1096728 #1097104 #1100132 #1103186 #1105348 #1106110 #1106913 #1106929 #1108293 #1110785 #1110946 #1111331 #1112063 #1112178 #1113399 #1114542 #1114638 #1114648 #1114893 #1116803 #1118338 #1118506 #1119086 #1119974 #1120902 #1122776 #1122822 #1125580 #1126040 #1126356 #1127445 #1129138 #1129278 #1129326 #1129770 #1130130 #1130343 #1130344 #1130345 #1130346 #1130347 #1130356 #1130425 #1130567 #1130737 #1130972 #1131107 #1131416 #1131427 #1131488 #1131587 #1131659 #1131857 #1131900 #1131934 #1131935 #1131980 #1132212 #1132227 #1132534 #1132589 #1132618 #1132619 #1132634 #1132635 #1132636 #1132637 #1132638 #1132727 #1132828 #1133188 #1133308 #1133584 #1134160 #1134162 #1134537 #1134564 #1134565 #1134566 #1134651 #1134760 #1134848 #1135013 #1135014 #1135015 #1135100 #843419 #994770 Cross-References: CVE-2018-1000204 CVE-2018-10853 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-15594 CVE-2018-17972 CVE-2018-5814 CVE-2019-11091 CVE-2019-11486 CVE-2019-11815 CVE-2019-11884 CVE-2019-3882 CVE-2019-9503 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves 14 vulnerabilities and has 90 fixes is now available. Description: The openSUSE Leap 42.3 kernel was updated to 4.4.179 to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel. For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736 The following security bugs were fixed: - CVE-2018-5814: Multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets (bnc#1096480). - CVE-2018-10853: A flaw was found in the way Linux kernel KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest (bnc#1097104). - CVE-2018-15594: arch/x86/kernel/paravirt.c in the Linux kernel mishandled certain indirect calls, which made it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests (bnc#1105348 1119974). - CVE-2018-17972: An issue was discovered in the proc_pid_stack function in fs/proc/base.c that did not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents (bnc#1110785). - CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the SG_IO ioctl (bsc#1096728) - CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). It has been disabled. - CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c, a race condition leading to a use-after-free was fixed, related to net namespace cleanup (bnc#1134537). - CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character (bnc#1134848). - CVE-2019-3882: A flaw was found vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427). - CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828). The following non-security bugs were fixed: - 9p: do not trust pdu content for stat item size (bnc#1012382). - 9p locks: add mount option for lock retry interval (bnc#1012382). - 9p/net: fix memory leak in p9_client_create (bnc#1012382). - 9p: use inode->i_lock to protect i_size_write() under 32-bit (bnc#1012382). - acpi: acpi_pad: Do not launch acpi_pad threads on idle cpus (bsc#1113399). - acpi / bus: Only call dmi_check_system() on X86 (git-fixes). - acpi / button: make module loadable when booted in non-ACPI mode (bsc#1051510). - acpi / device_sysfs: Avoid OF modalias creation for removed device (bnc#1012382). - acpi / SBS: Fix GPE storm on recent MacBookPro's (bnc#1012382). - Add hlist_add_tail_rcu() (Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net) (bnc#1012382). - alsa: bebob: use more identical mod_alias for Saffire Pro 10 I/O against Liquid Saffire 56 (bnc#1012382). - alsa: compress: add support for 32bit calls in a 64bit kernel (bnc#1012382). - alsa: compress: prevent potential divide by zero bugs (bnc#1012382). - alsa: core: Fix card races between register and disconnect (bnc#1012382). - alsa: echoaudio: add a check for ioremap_nocache (bnc#1012382). - alsa: hda - Enforces runtime_resume after S3 and S4 for each codec (bnc#1012382). - alsa: hda - Record the current power state before suspend/resume calls (bnc#1012382). - alsa: info: Fix racy addition/deletion of nodes (bnc#1012382). - alsa: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012382). - alsa: PCM: check if ops are defined before suspending PCM (bnc#1012382). - alsa: pcm: Do not suspend stream in unrecoverable PCM state (bnc#1012382). - alsa: pcm: Fix possible OOB access in PCM oss plugins (bnc#1012382). - alsa: rawmidi: Fix potential Spectre v1 vulnerability (bnc#1012382). - alsa: sb8: add a check for request_region (bnc#1012382). - alsa: seq: Fix OOB-reads from strlcpy (bnc#1012382). - alsa: seq: oss: Fix Spectre v1 vulnerability (bnc#1012382). - appletalk: Fix compile regression (bnc#1012382). - appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012382). - applicom: Fix potential Spectre v1 vulnerabilities (bnc#1012382). - arc: fix __ffs return value to avoid build warnings (bnc#1012382). - arc: uacces: remove lp_start, lp_end from clobber list (bnc#1012382). - arcv2: Enable unaligned access in early ASM code (bnc#1012382). - arm64: Add helper to decode register from instruction (bsc#1126040). - arm64: debug: Do not propagate UNKNOWN FAR into si_code for debug signals (bnc#1012382). - arm64: debug: Ensure debug handlers check triggering exception level (bnc#1012382). - arm64: fix COMPAT_SHMLBA definition for large pages (bnc#1012382). - arm64: Fix NUMA build error when !CONFIG_ACPI (fate#319981, git-fixes). - arm64: Fix NUMA build error when !CONFIG_ACPI (git-fixes). - arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012382). - arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012382). - arm64: hide __efistub_ aliases from kallsyms (bnc#1012382). - arm64: kconfig: drop CONFIG_RTC_LIB dependency (bnc#1012382). - arm64/kernel: do not ban ADRP to work around Cortex-A53 erratum #843419 (bsc#1126040). - arm64/kernel: fix incorrect EL0 check in inv_entry macro (bnc#1012382). - arm64/kernel: rename module_emit_adrp_veneer->module_emit_veneer_for_adrp (bsc#1126040). - arm64: mm: Add trace_irqflags annotations to do_debug_exception() (bnc#1012382). - arm64: module: do not BUG when exceeding preallocated PLT count (bsc#1126040). - arm64: module-plts: factor out PLT generation code for ftrace (bsc#1126040). - arm64: module: split core and init PLT sections (bsc#1126040). - arm64: Relax GIC version check during early boot (bnc#1012382). - arm64: support keyctl() system call in 32-bit mode (bnc#1012382). - arm64: traps: disable irq in die() (bnc#1012382). - arm: 8458/1: bL_switcher: add GIC dependency (bnc#1012382). - arm: 8494/1: mm: Enable PXN when running non-LPAE kernel on LPAE processor (bnc#1012382). - arm: 8510/1: rework ARM_CPU_SUSPEND dependencies (bnc#1012382). - arm: 8824/1: fix a migrating irq bug when hotplug cpu (bnc#1012382). - arm: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012382). - arm: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012382). - arm: 8840/1: use a raw_spinlock_t in unwind (bnc#1012382). - arm: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012382). - arm: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012382). - arm: dts: exynos: Add minimal clkout parameters to Exynos3250 PMU (bnc#1012382). - arm: dts: exynos: Do not ignore real-world fuse values for thermal zone 0 on Exynos5420 (bnc#1012382). - arm: imx6q: cpuidle: fix bug that CPU might not wake up at expected time (bnc#1012382). - arm: OMAP2+: Variable "reg" in function omap4_dsi_mux_pads() could be uninitialized (bnc#1012382). - arm: pxa: ssp: unneeded to free devm_ allocated data (bnc#1012382). - arm: s3c24xx: Fix boolean expressions in osiris_dvs_notify (bnc#1012382). - arm: samsung: Limit SAMSUNG_PM_CHECK config option to non-Exynos platforms (bnc#1012382). - ASoC: dapm: change snprintf to scnprintf for possible overflow (bnc#1012382). - ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012382). - ASoC: fsl_esai: fix channel swap issue when stream starts (bnc#1012382). - ASoC: fsl_esai: fix register setting issue in RIGHT_J mode (bnc#1012382). - ASoC: imx-audmux: change snprintf to scnprintf for possible overflow (bnc#1012382). - ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field (bnc#1012382). - ASoC: topology: free created components in tplg load error (bnc#1012382). - assoc_array: Fix shortcut creation (bnc#1012382). - ath10k: avoid possible string overflow (bnc#1012382). - ath9k_htc: Add a sanity check in ath9k_htc_ampdu_action() (bsc#1087092). - atm: he: fix sign-extension overflow on large shift (bnc#1012382). - autofs: drop dentry reference only when it is never used (bnc#1012382). - autofs: fix error return in autofs_fill_super() (bnc#1012382). - batman-adv: Avoid endless loop in bat-on-bat netdevice check (git-fixes). - batman-adv: Fix lockdep annotation of batadv_tlv_container_remove (git-fixes). - batman-adv: fix uninit-value in batadv_interface_tx() (bnc#1012382). - batman-adv: Only put gw_node list reference when removed (git-fixes). - batman-adv: Only put orig_node_vlan list reference when removed (git-fixes). - bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972). - bcache: add a comment in super.c (bsc#1130972). - bcache: add code comments for bset.c (bsc#1130972). - bcache: add comment for cache_set->fill_iter (bsc#1130972). - bcache: add identifier names to arguments of function definitions (bsc#1130972). - bcache: add missing SPDX header (bsc#1130972). - bcache: add MODULE_DESCRIPTION information (bsc#1130972). - bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972). - bcache: add static const prefix to char * array declarations (bsc#1130972). - bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972). - bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972). - bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972). - bcache: comment on direct access to bvec table (bsc#1130972). - bcache: correct dirty data statistics (bsc#1130972). - bcache: do not assign in if condition in bcache_device_init() (bsc#1130972). - bcache: do not assign in if condition in bcache_init() (bsc#1130972). - bcache: do not assign in if condition register_bcache() (bsc#1130972). - bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972). - bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972). - bcache: do not clone bio in bch_data_verify (bsc#1130972). - bcache: do not mark writeback_running too early (bsc#1130972). - bcache: export backing_dev_name via sysfs (bsc#1130972). - bcache: export backing_dev_uuid via sysfs (bsc#1130972). - bcache: fix code comments style (bsc#1130972). - bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972). - bcache: fix indent by replacing blank by tabs (bsc#1130972). - bcache: fix input integer overflow of congested threshold (bsc#1130972). - bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012382). - bcache: fix input overflow to journal_delay_ms (bsc#1130972). - bcache: fix input overflow to sequential_cutoff (bnc#1012382). - bcache: fix input overflow to writeback_delay (bsc#1130972). - bcache: fix input overflow to writeback_rate_minimum (bsc#1130972). - bcache: fix ioctl in flash device (bsc#1130972). - bcache: fix mistaken code comments in bcache.h (bsc#1130972). - bcache: fix mistaken comments in request.c (bsc#1130972). - bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972). - bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972). - bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972). - bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972). - bcache: improve sysfs_strtoul_clamp() (bnc#1012382). - bcache: introduce force_wake_up_gc() (bsc#1130972). - bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972). - bcache: Move couple of functions to sysfs.c (bsc#1130972). - bcache: Move couple of string arrays to sysfs.c (bsc#1130972). - bcache: move open brace at end of function definitions to next line (bsc#1130972). - bcache: never writeback a discard operation (bsc#1130972). - bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972). - bcache: option to automatically run gc thread after writeback (bsc#1130972). - bcache: panic fix for making cache device (bsc#1130972). - bcache: Populate writeback_rate_minimum attribute (bsc#1130972). - bcache: prefer 'help' in Kconfig (bsc#1130972). - bcache: print number of keys in trace_bcache_journal_write (bsc#1130972). - bcache: recal cached_dev_sectors on detach (bsc#1130972). - bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972). - bcache: remove unused bch_passthrough_cache (bsc#1130972). - bcache: remove useless parameter of bch_debug_init() (bsc#1130972). - bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972). - bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972). - bcache: replace printk() by pr_*() routines (bsc#1130972). - bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972). - bcache: set writeback_percent in a flexible range (bsc#1130972). - bcache: split combined if-condition code into separate ones (bsc#1130972). - bcache: stop using the deprecated get_seconds() (bsc#1130972). - bcache: style fixes for lines over 80 characters (bsc#1130972). - bcache: style fix to add a blank line after declarations (bsc#1130972). - bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972). - bcache: trace missed reading by cache_missed (bsc#1130972). - bcache: treat stale && dirty keys as bad keys (bsc#1130972). - bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972). - bcache: update comment for bch_data_insert (bsc#1130972). - bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972). - bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972). - bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972). - bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972). - bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972). - bcache: writeback: properly order backing device IO (bsc#1130972). - binfmt_elf: switch to new creds when switching to new mm (bnc#1012382). - block: check_events: do not bother with events if unsupported (bsc#1110946). - block: disk_events: introduce event flags (bsc#1110946). - block: do not leak memory in bio_copy_user_iov() (bnc#1012382). - bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (bnc#1012382). - bluetooth: Fix decrementing reference count twice in releasing socket (bnc#1012382). - bnxt_en: Drop oversize TX packets to prevent errors (bnc#1012382). - bonding: fix event handling for stacked bonds (bnc#1012382). - btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes). - btrfs: Do not panic when we can't find a root key (bsc#1112063). - btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (pending fix for bsc#1063638). - btrfs: fix corruption reading shared and compressed extents after hole punching (bnc#1012382). - btrfs: qgroup: Cleanup old subtree swap code (bsc#1063638). - btrfs: qgroup: Do not trace subtree if we're dropping reloc tree (bsc#1063638). - btrfs: qgroup: Introduce function to find all new tree blocks of reloc tree (bsc#1063638). - btrfs: qgroup: Introduce function to trace two swaped extents (bsc#1063638). - btrfs: qgroup: Introduce per-root swapped blocks infrastructure (bsc#1063638). - btrfs: qgroup: Introduce trace event to analyse the number of dirty extents accounted (bsc#1063638 dependency). - btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162). - btrfs: qgroup: Only trace data extents in leaves if we're relocating data block group (bsc#1063638). - btrfs: qgroup: Refactor btrfs_qgroup_trace_subtree_swap (bsc#1063638). - btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160). - btrfs: qgroup: Search commit root for rescan to avoid missing extent (bsc#1129326). - btrfs: qgroup: Use delayed subtree rescan for balance (bsc#1063638). - btrfs: qgroup: Use generation-aware subtree swap to mark dirty extents (bsc#1063638). - btrfs: raid56: properly unmap parity page in finish_parity_scrub() (bnc#1012382). - btrfs: relocation: Delay reloc tree deletion after merge_reloc_roots (bsc#1063638). - btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bsc#1134651). - btrfs: remove WARN_ON in log_dir_items (bnc#1012382). - cdc-wdm: pass return value of recover_from_urb_loss (bsc#1129770). - cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012382). - ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134564). - ceph: fix ci->i_head_snapc leak (bsc#1122776). - ceph: fix use-after-free on symlink traversal (bsc#1134565). - ceph: only use d_name directly when parent is locked (bsc#1134566). - cfg80211: extend range deviation for DMG (bnc#1012382). - cfg80211: size various nl80211 messages correctly (bnc#1012382). - cifs: fallback to older infolevels on findfirst queryinfo retry (bnc#1012382). - cifs: fix computation for MAX_SMB2_HDR_SIZE (bnc#1012382). - cifs: Fix NULL pointer dereference of devname (bnc#1012382). - cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542). - cifs: Fix read after write for files with read caching (bnc#1012382). - cifs: use correct format characters (bnc#1012382). - clk: ingenic: Fix round_rate misbehaving with non-integer dividers (bnc#1012382). - clocksource/drivers/exynos_mct: Clear timer interrupt when shutdown (bnc#1012382). - clocksource/drivers/exynos_mct: Move one-shot check from tick clear to ISR (bnc#1012382). - cls_bpf: reset class and reuse major in da (git-fixes). - coresight: coresight_unregister() function cleanup (bnc#1012382). - coresight: "DEVICE_ATTR_RO" should defined as static (bnc#1012382). - coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012382). - coresight: etm4x: Check every parameter used by dma_xx_coherent (bnc#1012382). - coresight: fixing lockdep error (bnc#1012382). - coresight: release reference taken by 'bus_find_device()' (bnc#1012382). - coresight: remove csdev's link from topology (bnc#1012382). - coresight: removing bind/unbind options from sysfs (bnc#1012382). - cpufreq: pxa2xx: remove incorrect __init annotation (bnc#1012382). - cpufreq: tegra124: add missing of_node_put() (bnc#1012382). - cpufreq: Use struct kobj_attribute instead of struct global_attr (bnc#1012382). - cpu/hotplug: Handle unbalanced hotplug enable/disable (bnc#1012382). - cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178). - crypto: ahash - fix another early termination in hash walk (bnc#1012382). - crypto: arm64/aes-ccm - fix logical bug in AAD MAC handling (bnc#1012382). - crypto: caam - fixed handling of sg list (bnc#1012382). - crypto: crypto4xx - properly set IV after de- and encrypt (bnc#1012382). - crypto: pcbc - remove bogus memcpy()s with src == dest (bnc#1012382). - crypto: qat - remove unused and redundant pointer vf_info (bsc#1085539). - crypto: sha256/arm - fix crash bug in Thumb2 build (bnc#1012382). - crypto: sha512/arm - fix crash bug in Thumb2 build (bnc#1012382). - crypto: tgr192 - fix unaligned memory access (bsc#1129770). - crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012382). - cw1200: fix missing unlock on error in cw1200_hw_scan() (bsc#1129770). - dccp: do not use ipv6 header for ipv4 flow (bnc#1012382). - device_cgroup: fix RCU imbalance in error case (bnc#1012382). - Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bnc#1012382). - dmaengine: at_xdmac: Fix wrongfull report of a channel as in use (bnc#1012382). - dmaengine: dmatest: Abort test in case of mapping error (bnc#1012382). - dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012382). - dmaengine: tegra: avoid overflow of byte tracking (bnc#1012382). - dmaengine: usb-dmac: Make DMAC system sleep callbacks explicit (bnc#1012382). - dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638). - dm: fix to_sector() for 32bit (bnc#1012382). - dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012382). - Drivers: hv: vmbus: Fix bugs in rescind handling (bsc#1130567). - Drivers: hv: vmbus: Fix ring buffer signaling (bsc#1118506). - Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1130567). - Drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567). - Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567). - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012382). - drm/fb-helper: dpms_legacy(): Only set on connectors in use (bnc#1106929) - drm/i915: Fix I915_EXEC_RING_MASK (bnc#1106929) - drm/msm: Unblock writer if reader closes file (bnc#1012382). - drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488) - drm/vc4: Account for interrupts in flight (bsc#1106929) - drm/vc4: Allocate the right amount of space for boot-time CRTC state. (bsc#1106929) - drm/vc4: fix a bounds check (bsc#1106929) - drm/vc4: Fix a couple error codes in vc4_cl_lookup_bos() (bsc#1106929) - drm/vc4: Fix compilation error reported by kbuild test bot (bsc#1106929) - drm/vc4: Fix memory leak during gpu reset. (bsc#1106929) - drm/vc4: Fix memory leak of the CRTC state. (bsc#1106929) - drm/vc4: Fix NULL pointer dereference in vc4_save_hang_state() (bsc#1106929) - drm/vc4: Fix OOPSes from trying to cache a partially constructed BO. (bsc#1106929) - drm/vc4: Fix oops when userspace hands in a bad BO. (bsc#1106929) - drm/vc4: Fix overflow mem unreferencing when the binner runs dry. (bsc#1106929) - drm/vc4: Fix races when the CS reads from render targets. (bsc#1106929) - drm/vc4: Fix scaling of uni-planar formats (bsc#1106929) - drm/vc4: Fix the "no scaling" case on multi-planar YUV formats (bsc#1106929) - drm/vc4: Flush the caches before the bin jobs, as well. (bsc#1106929) - drm/vc4: Free hang state before destroying BO cache. (bsc#1106929) - drm/vc4: Move IRQ enable to PM path (bsc#1106929) - drm/vc4: Reset ->{x, y}_scaling[1] when dealing with uniplanar (bsc#1106929) - drm/vc4: Set ->is_yuv to false when num_planes == 1 (bsc#1106929) - drm/vc4: Use drm_free_large() on handles to match its allocation. (bsc#1106929) - drm/vc4: ->x_scaling[1] should never be set to VC4_SCALING_NONE (bsc#1106929) - drm/vmwgfx: Do not double-free the mode stored in par->set_mode (bsc#1106929) - e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 ). - e1000e: Add Support for 38.4MHZ frequency (bsc#1108293 fate#326719). - e1000e: Add Support for CannonLake (bsc#1108293). - e1000e: Add Support for CannonLake (bsc#1108293 fate#326719). - e1000e: Fix -Wformat-truncation warnings (bnc#1012382). - e1000e: Initial Support for CannonLake (bsc#1108293 ). - e1000e: Initial Support for CannonLake (bsc#1108293 fate#326719). - efi: stub: define DISABLE_BRANCH_PROFILING for all architectures (bnc#1012382). - enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012382). - ext2: Fix underflow in ext2_max_size() (bnc#1012382). - ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012382). - ext4: Avoid panic during forced reboot (bsc#1126356). - ext4: brelse all indirect buffer in ext4_ind_remove_space() (bnc#1012382). - ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012382). - ext4: fix data corruption caused by unaligned direct AIO (bnc#1012382). - ext4: fix NULL pointer dereference while journal is aborted (bnc#1012382). - ext4: prohibit fstrim in norecovery mode (bnc#1012382). - ext4: report real fs size after failed resize (bnc#1012382). - extcon: usb-gpio: Do not miss event during suspend/resume (bnc#1012382). - f2fs: do not use mutex lock in atomic context (bnc#1012382). - f2fs: fix to do sanity check with current segment number (bnc#1012382). - fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012382). - firmware: dmi: Optimize dmi_matches (git-fixes). - fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012382). - floppy: check_events callback should not return a negative number (git-fixes). - flow_dissector: Check for IP fragmentation even if not using IPv4 address (git-fixes). - fs/9p: use fscache mutex rather than spinlock (bnc#1012382). - fs/file.c: initialize init_files.resize_wait (bnc#1012382). - fs: fix guard_bio_eod to check for real EOD errors (bnc#1012382). - fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes). - fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (bnc#1012382). - fuse: continue to send FUSE_RELEASEDIR when FUSE_OPEN returns ENOSYS (git-fixes). - fuse: fix possibly missed wake-up after abort (git-fixes). - futex: Ensure that futex address is aligned in handle_futex_death() (bnc#1012382). - futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock() (git-fixes). - futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock() (bnc#1012382). - genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012382). - gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bnc#1012382). - gpio: gpio-omap: fix level interrupt idling (bnc#1012382). - gpio: vf610: Mask all GPIO interrupts (bnc#1012382). - gro_cells: make sure device is up in gro_cells_receive() (bnc#1012382). - h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012382). - hid-sensor-hub.c: fix wrong do_div() usage (bnc#1012382). - hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable (bsc#1129770). - hugetlbfs: fix races and page leaks during migration (bnc#1012382). - hv_netvsc: Fix napi reschedule while receive completion is busy (bsc#1118506). - hv_netvsc: fix race in napi poll when rescheduling (bsc#1118506). - hv_netvsc: Fix the return status in RX path (bsc#1118506). - hv_netvsc: use napi_schedule_irqoff (bsc#1118506). - hv: v4.12 API for hyperv-iommu (bsc#1122822). - hv: v4.12 API for hyperv-iommu (fate#327171, bsc#1122822). - hwrng: virtio - Avoid repeated init of completion (bnc#1012382). - i2c: cadence: Fix the hold bit setting (bnc#1012382). - i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (bnc#1012382). - i2c: tegra: fix maximum transfer size (bnc#1012382). - IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bnc#1012382). - IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012382). - IB/mlx4: Increase the timeout for CM cache (bnc#1012382). - ibmvnic: Enable GRO (bsc#1132227). - ibmvnic: Fix completion structure initialization (bsc#1131659). - ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227). - iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012382). - iio: ad_sigma_delta: select channel when reading register (bnc#1012382). - iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012382). - Include ACPI button driver in base kernel (bsc#1062056). - include/linux/bitrev.h: fix constant bitrev (bnc#1012382). - include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012382). - Input: elan_i2c - add id for touchpad found in Lenovo s21e-20 (bnc#1012382). - Input: matrix_keypad - use flush_delayed_work() (bnc#1012382). - Input: st-keyscan - fix potential zalloc NULL dereference (bnc#1012382). - Input: wacom_serial4 - add support for Wacom ArtPad II tablet (bnc#1012382). - intel_th: Do not reference unassigned outputs (bnc#1012382). - intel_th: gth: Fix an off-by-one in output unassigning (git-fixes). - io: accel: kxcjk1013: restore the range after resume (bnc#1012382). - iommu/amd: Fix NULL dereference bug in match_hid_uid (bsc#1130345). - iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE (bsc#1130346). - iommu/amd: Reserve exclusion range in iova-domain (bsc#1130425). - iommu/amd: Set exclusion range correctly (bsc#1130425). - iommu: Do not print warning when IOMMU driver only supports unmanaged domains (bsc#1130130). - iommu/hyper-v: Add Hyper-V stub IOMMU driver (bsc#1122822). - iommu/hyper-v: Add Hyper-V stub IOMMU driver (fate#327171, bsc#1122822). - iommu/vt-d: Check capability before disabling protected memory (bsc#1130347). - iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135013). - iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135014). - iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135015). - ip6: fix PMTU discovery when using /127 subnets (git-fixes). - ip6mr: Do not call __IP6_INC_STATS() from preemptible context (bnc#1012382). - ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012382). - ip_tunnel: fix ip tunnel lookup in collect_md mode (git-fixes). - ipv4: add sanity checks in ipv4_link_failure() (git-fixes). - ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012382). - ipv4: recompile ip options in ipv4_link_failure (bnc#1012382). - ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012382). - ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012382). - ipvlan: disallow userns cap_net_admin to change global mode/flags (bnc#1012382). - ipvs: Fix signed integer overflow when setsockopt timeout (bnc#1012382). - irqchip/mmp: Only touch the PJ4 IRQ & FIQ bits on enable/disable (bnc#1012382). - iscsi_ibft: Fix missing break in switch statement (bnc#1012382). - isdn: avm: Fix string plus integer warning from Clang (bnc#1012382). - isdn: i4l: isdn_tty: Fix some concurrency double-free bugs (bnc#1012382). - isdn: isdn_tty: fix build warning of strncpy (bnc#1012382). - It's wrong to add len to sector_nr in raid10 reshape twice (bnc#1012382). - iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1119086). - jbd2: clear dirty flag when revoking a buffer from an older transaction (bnc#1012382). - jbd2: fix compile warning when using JBUFFER_TRACE (bnc#1012382). - kabi: arm64: fix kabi breakage on arch specific module (bsc#1126040) - kabi fixup gendisk disk_devt revert (bsc#1020989). - kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012382). - kbuild: setlocalversion: print error to STDERR (bnc#1012382). - kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bnc#1012382). - kernel/sysctl.c: fix out-of-bounds access when setting file-max (bnc#1012382). - keys: allow reaching the keys quotas exactly (bnc#1012382). - keys: always initialize keyring_index_key::desc_len (bnc#1012382). - keys: restrict /proc/keys by credentials at open time (bnc#1012382). - keys: user: Align the payload buffer (bnc#1012382). - kprobes: Fix error check when reusing optimized probes (bnc#1012382). - kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012382). - kprobes: Prohibit probing on bsearch() (bnc#1012382). - kvm: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132634). - kvm: nSVM: clear events pending from svm_complete_interrupts() when exiting to L1 (bnc#1012382). - kvm: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132635). - kvm: nVMX: Ignore limit checks on VMX instructions using flat segments (bnc#1012382). - kvm: nVMX: Sign extend displacements of VMX instr's mem operands (bnc#1012382). - kvm: Reject device ioctls from processes other than the VM's creator (bnc#1012382). - kvm: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run (bsc#1132636). - kvm: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1132637). - kvm: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bnc#1012382). - kvm: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1132534). - kvm: X86: Fix residual mmio emulation request to userspace (bnc#1012382). - kvm: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132638). - l2tp: fix infoleak in l2tp_ip6_recvmsg() (git-fixes). - leds: lp5523: fix a missing check of return value of lp55xx_read (bnc#1012382). - leds: lp55xx: fix null deref on firmware load failure (bnc#1012382). - lib: add crc64 calculation routines (bsc#1130972). - lib/div64.c: off by one in shift (bnc#1012382). - lib: do not depend on linux headers being installed (bsc#1130972). - libertas: call into generic suspend code before turning off power (bsc#1106110). - libertas: fix suspend and resume for SDIO connected cards (bsc#1106110). - lib/int_sqrt: optimize initial value compute (bnc#1012382). - lib/int_sqrt: optimize small argument (bnc#1012382). - libnvdimm/pmem: Honor force_raw for legacy pmem regions (bsc#1131857). - lib/string.c: implement a basic bcmp (bnc#1012382). - locking/lockdep: Add debug_locks check in __lock_downgrade() (bnc#1012382). - locking/static_keys: Improve uninitialized key warning (bsc#1106913). - lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138). - m68k: Add -ffreestanding to CFLAGS (bnc#1012382). - mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012382). - mac80211: do not initiate TDLS connection if station is not associated to AP (bnc#1012382). - mac80211: fix miscounting of ttl-dropped frames (bnc#1012382). - mac80211: fix "warning: target metric may be used uninitialized" (bnc#1012382). - mac80211_hwsim: propagate genlmsg_reply return code (bnc#1012382). - mac8390: Fix mmio access size probe (bnc#1012382). - md: Fix failed allocation of md_register_thread (bnc#1012382). - mdio_bus: Fix use-after-free on device_register fails (bnc#1012382 git-fixes). - md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes). - md: use mddev_suspend/resume instead of ->quiesce() (bsc#1132212). - media: cx88: Get rid of spurious call to cx8800_start_vbi_dma() (bsc#1100132). - media: mt9m111: set initial frame size other than 0x0 (bnc#1012382). - media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012382). - media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012382). - media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012382). - media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012382). - media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012382). - media: uvcvideo: Avoid NULL pointer dereference at the end of streaming (bnc#1012382). - media: uvcvideo: Fix 'type' check leading to overflow (bnc#1012382). - media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1119086). - media: v4l2-ctrls.c/uvc: zero v4l2_event (bnc#1012382). - media: vb2: do not call __vb2_queue_cancel if vb2_start_streaming failed (bsc#1120902). - media: videobuf2-v4l2: drop WARN_ON in vb2_warn_zero_bytesused() (bnc#1012382). - media: vivid: potential integer overflow in vidioc_g_edid() (bsc#11001132). - mfd: ab8500-core: Return zero in get_register_interruptible() (bnc#1012382). - mfd: db8500-prcmu: Fix some section annotations (bnc#1012382). - mfd: mc13xxx: Fix a missing check of a register-read failure (bnc#1012382). - mfd: qcom_rpm: write fw_version to CTRL_REG (bnc#1012382). - mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells (bnc#1012382). - mfd: twl-core: Fix section annotations on {,un}protect_pm_master (bnc#1012382). - mfd: wm5110: Add missing ASRC rate register (bnc#1012382). - mips: ath79: Enable OF serial ports in the default config (bnc#1012382). - mips: Fix kernel crash for R6 in jump label branch function (bnc#1012382). - mips: irq: Allocate accurate order pages for irq stack (bnc#1012382). - mips: jazz: fix 64bit build (bnc#1012382). - mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction (bnc#1012382). - mips: Remove function size check in get_frame_info() (bnc#1012382). - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S (bnc#1012382). - missing barriers in some of unix_sock ->addr and ->path accesses (bnc#1012382). - mmc: bcm2835: reset host on timeout (bsc#1070872). - mmc: block: Allow more than 8 partitions per card (bnc#1012382). - mmc: core: fix using wrong io voltage if mmc_select_hs200 fails (bnc#1012382). - mmc: core: shut up "voltage-ranges unspecified" pr_info() (bnc#1012382). - mmc: davinci: remove extraneous __init annotation (bnc#1012382). - mmc: debugfs: Add a restriction to mmc debugfs clock setting (bnc#1012382). - mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012382). - mmc: make MAN_BKOPS_EN message a debug (bnc#1012382). - mmc: mmc: fix switch timeout issue caused by jiffies precision (bnc#1012382). - mmc: omap: fix the maximum timeout setting (bnc#1012382). - mmc: pwrseq_simple: Make reset-gpios optional to match doc (bnc#1012382). - mmc: pxamci: fix enum type confusion (bnc#1012382). - mmc: sanitize 'bus width' in debug output (bnc#1012382). - mmc: spi: Fix card detection during probe (bnc#1012382). - mmc: tmio_mmc_core: do not claim spurious interrupts (bnc#1012382). - mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934). - mm, memory_hotplug: fix off-by-one in is_pageblock_removable (git-fixes). - mm, memory_hotplug: is_mem_section_removable do not pass the end of a zone (bnc#1012382). - mm, memory_hotplug: test_pages_in_a_zone do not pass the end of zone (bnc#1012382). - mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bnc#1012382). - mm: move is_pageblock_removable_nolock() to mm/memory_hotplug.c (git-fixes prerequisity). - mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012382). - mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935) - mm/rmap: replace BUG_ON(anon_vma->degree) with VM_WARN_ON (bnc#1012382). - mm/slab.c: kmemleak no scan alien caches (bnc#1012382). - mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012382). - mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bnc#1012382). - mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012382). - modpost: file2alias: check prototype of handler (bnc#1012382). - modpost: file2alias: go back to simple devtable lookup (bnc#1012382). - move power_up_on_resume flag to end of structure for kABI (bsc#1106110). - mt7601u: bump supported EEPROM version (bnc#1012382). - mtd: Fix comparison in map_word_andequal() (git-fixes). - mwifiex: pcie: tighten a check in mwifiex_pcie_process_event_ready() (bsc#1100132). - ncpfs: fix build warning of strncpy (bnc#1012382). - net: add description for len argument of dev_get_phys_port_name (git-fixes). - net: Add __icmp_send helper (bnc#1012382). - net: altera_tse: fix connect_local_phy error path (bnc#1012382). - net: altera_tse: fix msgdma_tx_completion on non-zero fill_level case (bnc#1012382). - net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012382). - net: avoid use IPCB in cipso_v4_error (bnc#1012382). - net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012382). - net: diag: support v4mapped sockets in inet_diag_find_one_icsk() (bnc#1012382). - net: do not decrement kobj reference count on init failure (git-fixes). - net: dsa: mv88e6xxx: Fix u64 statistics (bnc#1012382). - net: ena: fix race between link up and device initalization (bsc#1129278). - net: ena: update driver version from 2.0.2 to 2.0.3 (bsc#1129278). - net: ethtool: not call vzalloc for zero sized memory request (bnc#1012382). - netfilter: ipt_CLUSTERIP: fix use-after-free of proc entry (git-fixes). - netfilter: nf_conntrack_tcp: Fix stack out of bounds when parsing TCP options (bnc#1012382). - netfilter: nfnetlink_acct: validate NFACCT_FILTER parameters (bnc#1012382). - netfilter: nfnetlink_log: just returns error for unknown command (bnc#1012382). - netfilter: nfnetlink: use original skbuff when acking batches (git-fixes). - netfilter: physdev: relax br_netfilter dependency (bnc#1012382). - netfilter: x_tables: enforce nul-terminated table name from getsockopt GET_ENTRIES (bnc#1012382). - net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012382). - net: hns: Fix use after free identified by SLUB debug (bnc#1012382). - net: hns: Fix wrong read accesses via Clause 45 MDIO protocol (bnc#1012382). - net: hsr: fix memory leak in hsr_dev_finalize() (bnc#1012382). - net/hsr: fix possible crash in add_timer() (bnc#1012382). - net/ibmvnic: Update carrier state after link state change (bsc#1135100). - net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760). - netlabel: fix out-of-bounds memory accesses (bnc#1012382). - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames (bnc#1012382). - net: mv643xx_eth: disable clk on error path in mv643xx_eth_shared_probe() (bnc#1012382). - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (bnc#1012382). - netns: provide pure entropy for net_hash_mix() (bnc#1012382). - net/packet: fix 4gb buffer limit due to overflow check (bnc#1012382). - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (bnc#1012382). - net: phy: Micrel KSZ8061: link failure after cable connect (bnc#1012382). - net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012382). - net: rose: fix a possible stack overflow (bnc#1012382). - net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (bnc#1012382). - net: set static variable an initial value in atl2_probe() (bnc#1012382). - net: sit: fix UBSAN Undefined behaviour in check_6rd (bnc#1012382). - net: stmmac: dwmac-rk: fix error handling in rk_gmac_powerup() (bnc#1012382). - net-sysfs: call dev_hold if kobject_init_and_add success (git-fixes). - net-sysfs: Fix mem leak in netdev_register_kobject (bnc#1012382). - net: systemport: Fix reception of BPDUs (bnc#1012382). - net: tcp_memcontrol: properly detect ancestor socket pressure (git-fixes). - net/x25: fix a race in x25_bind() (bnc#1012382). - net/x25: fix use-after-free in x25_device_event() (bnc#1012382). - net/x25: reset state in x25_connect() (bnc#1012382). - NFC: nci: memory leak in nci_core_conn_create() (git-fixes). - nfs41: pop some layoutget errors to application (bnc#1012382). - nfs: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes). - nfs: clean up rest of reqs when failing to add one (git-fixes). - nfsd: fix memory corruption caused by readdir (bsc#1127445). - nfsd: fix wrong check in write_v4_end_grace() (git-fixes). - nfs: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes). - nfs: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes). - nfs: Fix dentry revalidation on NFSv4 lookup (bsc#1132618). - nfs: Fix I/O request leakages (git-fixes). - nfs: fix mount/umount race in nlmclnt (git-fixes). - nfs: Fix NULL pointer dereference of dev_name (bnc#1012382). - nfs/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes). - nfsv4.x: always serialize open/close operations (bsc#1114893). - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES (bnc#1012382). - nvme-fc: resolve io failures during connect (bsc#1116803). - ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012382). - openvswitch: fix flow actions reallocation (bnc#1012382). - packets: Always register packet sk in the same order (bnc#1012382). - parport_pc: fix find_superio io compare code, should use equal test (bnc#1012382). - pci: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012382). - pci-hyperv: increase HV_VP_SET_BANK_COUNT_MAX to handle 1792 vcpus (bsc#1122822). - pci-hyperv: increase HV_VP_SET_BANK_COUNT_MAX to handle 1792 vcpus (fate#327171, bsc#1122822). - pci: xilinx-nwl: Add missing of_node_put() (bsc#1100132). - perf auxtrace: Define auxtrace record alignment (bnc#1012382). - perf bench: Copy kernel files needed to build mem{cpy,set} x86_64 benchmarks (bnc#1012382). - perf/core: Restore mmap record type correctly (bnc#1012382). - perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012382). - perf intel-pt: Fix CYC timestamp calculation after OVF (bnc#1012382). - perf intel-pt: Fix overlap calculation for padding (bnc#1012382). - perf intel-pt: Fix TSC slip (bnc#1012382). - perf/ring_buffer: Refuse to begin AUX transaction after rb->aux_mmap_count drops (bnc#1012382). - perf symbols: Filter out hidden symbols from labels (bnc#1012382). - perf: Synchronously free aux pages in case of allocation failure (bnc#1012382). - perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012382). - perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012382). - perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012382). - perf tools: Handle TOPOLOGY headers with no CPU (bnc#1012382). - perf top: Fix error handling in cmd_top() (bnc#1012382). - perf/x86/amd: Add event map for AMD Family 17h (bsc#1114648). - phonet: fix building with clang (bnc#1012382). - pinctrl: meson: meson8b: fix the sdxc_a data 1..3 pins (bnc#1012382). - platform/x86: Fix unmet dependency warning for SAMSUNG_Q10 (bnc#1012382). - PM / Hibernate: Call flush_icache_range() on pages restored in-place (bnc#1012382). - PM / wakeup: Rework wakeup source timer cancellation (bnc#1012382). - pNFS: Skip invalid stateids when doing a bulk destroy (git-fixes). - powerpc/32: Clear on-stack exception marker upon exception return (bnc#1012382). - powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107). - powerpc/64: Disable the speculation barrier from the command line (bsc#1131107). - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107). - powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107). - powerpc/64s: Add support for software count cache flush (bsc#1131107). - powerpc/83xx: Also save/restore SPRG4-7 during suspend (bnc#1012382). - powerpc: Always initialize input array when calling epapr_hypercall() (bnc#1012382). - powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107). - powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107). - powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900). - powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584). - powerpc/numa: improve control of topology updates (bsc#1133584). - powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043). - powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043). - powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1053043, git-fixes). - powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1066223). - powerpc/powernv: Make opal log only readable by root (bnc#1012382). - powerpc/powernv: Query firmware for count cache flush settings (bsc#1131107). - powerpc/pseries/mce: Fix misleading print for TLB mutlihit (bsc#1094244, git-fixes). - powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107). - powerpc/security: Fix spectre_v2 reporting (bsc#1131107). - powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - powerpc/tm: Add commandline option to disable hardware transactional memory (bsc#1118338). - powerpc/tm: Add TM Unavailable Exception (bsc#1118338). - powerpc/tm: Flip the HTM switch default to disabled (bsc#1125580). - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587). - powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587). - powerpc/wii: properly disable use of BATs when requested (bnc#1012382). - qmi_wwan: add Olicard 600 (bnc#1012382). - ravb: Decrease TxFIFO depth of Q3 and Q2 to one (bnc#1012382). - rcu: Do RCU GP kthread self-wakeup from softirq and interrupt (bnc#1012382). - RDMA/core: Do not expose unsupported counters (bsc#994770). - RDMA/srp: Rework SCSI device reset handling (bnc#1012382). - regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012382). - regulator: s2mpa01: Fix step values for some LDOs (bnc#1012382). - regulator: s2mps11: Fix steps for buck7, buck8 and LDO35 (bnc#1012382). - Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (bsc#1110946). - Revert "bridge: do not add port to router list when receives query with source 0.0.0.0" (bnc#1012382). - Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (bsc#1110946). - Revert "ipv4: keep skb->dst around in presence of IP options" (git-fixes). - Revert "kbuild: use -Oz instead of -Os when using clang" (bnc#1012382). - Revert "KEYS: restrict /proc/keys by credentials at open time" (kabi). - Revert "locking/lockdep: Add debug_locks check in __lock_downgrade()" (bnc#1012382). - Revert "mmc: block: do not use parameter prefix if built as module" (bnc#1012382). - Revert "netns: provide pure entropy for net_hash_mix()" (kabi). - Revert "scsi, block: fix duplicate bdi name registration crashes" (bsc#1020989). - Revert "USB: core: only clean up what we allocated" (bnc#1012382). - Revert "x86/kprobes: Verify stack frame on kretprobe" (kabi). - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (bnc#1012382). - rsi: fix a dereference on adapter before it has been null checked (bsc#1085539). - rsi: improve kernel thread handling to fix kernel panic (bnc#1012382). - rtc: Fix overflow when converting time64_t to rtc_time (bnc#1012382). - rtl8xxxu: Fix missing break in switch (bsc#1120902). - s390/dasd: fix panic for failed online processing (bsc#1132589). - s390/dasd: fix using offset into zero size array error (bnc#1012382). - s390: Prevent hotplug rwsem recursion (bsc#1131980). - s390/qeth: fix use-after-free in error path (bnc#1012382). - s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - s390/virtio: handle find on invalid queue gracefully (bnc#1012382). - sched/core: Fix cpu.max vs. cpuhotplug deadlock (bsc#1106913). - sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012382). - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012382). - sched/smt: Expose sched_smt_present static key (bsc#1106913). - sched/smt: Make sched_smt_present track topology (bsc#1106913). - scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git. - scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012382). - scsi: csiostor: fix NULL pointer dereference in csio_vport_set_state() (bnc#1012382). - scsi: isci: initialize shost fully before calling scsi_add_host() (bnc#1012382). - scsi: libfc: free skb when receiving invalid flogi resp (bnc#1012382). - scsi: libiscsi: Fix race between iscsi_xmit_task and iscsi_complete_task (bnc#1012382). - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached (bnc#1012382). - scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012382). - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param (bnc#1012382). - scsi: sd: Fix a race between closing an sd device and sd I/O (bnc#1012382). - scsi: storvsc: Fix a race in sub-channel creation that can cause panic (). - scsi: storvsc: Fix a race in sub-channel creation that can cause panic (fate#323887). - scsi: storvsc: Reduce default ring buffer size to 128 Kbytes (). - scsi: storvsc: Reduce default ring buffer size to 128 Kbytes (fate#323887). - scsi: target/iscsi: Avoid iscsit_release_commands_from_conn() deadlock (bnc#1012382). - scsi: virtio_scsi: do not send sc payload with tmfs (bnc#1012382). - scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (bnc#1012382). - scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices (bnc#1012382). - sctp: fix the transports round robin issue when init is retransmitted (git-fixes). - sctp: get sctphdr by offset in sctp_compute_cksum (bnc#1012382). - sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012382). - serial: 8250_pci: Fix number of ports for ACCES serial cards (bnc#1012382). - serial: 8250_pci: Have ACCES cards that use the four port Pericom PI7C9X7954 chip use the pci_pericom_setup() (bnc#1012382). - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling (bnc#1012382). - serial: max310x: Fix to avoid potential NULL pointer dereference (bnc#1012382). - serial: sh-sci: Fix setting SCSCR_TIE while transferring data (bnc#1012382). - serial: sprd: adjust TIMEOUT to a big value (bnc#1012382). - serial: sprd: clear timeout interrupt only rather than all interrupts (bnc#1012382). - serial: uartps: console_setup() can't be placed to init section (bnc#1012382). - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (bnc#1012382). - sky2: Disable MSI on Dell Inspiron 1545 and Gateway P-79 (bnc#1012382). - SoC: imx-sgtl5000: add missing put_device() (bnc#1012382). - sockfs: getxattr: Fail with -EOPNOTSUPP for invalid attribute names (bnc#1012382). - soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012382). - soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012382). - staging: ashmem: Add missing include (bnc#1012382). - staging: ashmem: Avoid deadlock with mmap/shrink (bnc#1012382). - staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bnc#1012382). - staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012382). - staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bnc#1012382). - staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012382). - staging: goldfish: audio: fix compiliation on arm (bnc#1012382). - staging: ion: Set minimum carveout heap allocation order to PAGE_SHIFT (bnc#1012382). - staging: lustre: fix buffer overflow of string buffer (bnc#1012382). - staging: rtl8188eu: avoid a null dereference on pmlmepriv (bsc#1085539). - staging: vt6655: Fix interrupt race condition on device start up (bnc#1012382). - staging: vt6655: Remove vif check from vnt_interrupt (bnc#1012382). - stm class: Do not leak the chrdev in error path (bnc#1012382). - stm class: Fix an endless loop in channel allocation (bnc#1012382). - stm class: Fix a race in unlinking (bnc#1012382). - stm class: Fix link list locking (bnc#1012382). - stm class: Fix locking in unbinding policy path (bnc#1012382). - stm class: Fix stm device initialization order (bnc#1012382). - stm class: Fix unbalanced module/device refcounting (bnc#1012382). - stm class: Fix unlocking braino in the error path (bnc#1012382). - stm class: Guard output assignment against concurrency (bnc#1012382). - stm class: Hide STM-specific options if STM is disabled (bnc#1012382). - stm class: Prevent division by zero (bnc#1012382). - stm class: Prevent user-controllable allocations (bnc#1012382). - stm class: Support devices with multiple instances (bnc#1012382). - stmmac: copy unicast mac address to MAC registers (bnc#1012382). - stop_machine: Provide stop_machine_cpuslocked() (bsc#1131980). - sunrpc: do not mark uninitialised items as VALID (bsc#1130737). - sunrpc: init xdr_stream for zero iov_len, page_len (bsc#11303356). - supported.conf: add lib/crc64 because bcache uses it - svm/avic: Fix invalidate logical APIC id entry (bsc#1132727). - svm: Fix AVIC DFR and LDR handling (bsc#1130343). - svm: Fix improper check when deactivate AVIC (bsc#1130344). - sysctl: handle overflow for file-max (bnc#1012382). - tcp/dccp: drop SYN packets if accept queue is full (bnc#1012382). - tcp/dccp: remove reqsk_put() from inet_child_forget() (git-fixes). - tcp: do not use ipv6 header for ipv4 flow (bnc#1012382). - tcp: Ensure DCTCP reacts to losses (bnc#1012382). - tcp: handle inet_csk_reqsk_queue_add() failures (git-fixes). - tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012382). - thermal/int340x_thermal: Add additional UUIDs (bnc#1012382). - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check (bnc#1012382). - thermal/int340x_thermal: fix mode setting (bnc#1012382). - time: Introduce jiffies64_to_nsecs() (bsc#1113399). - tmpfs: fix link accounting when a tmpfile is linked in (bnc#1012382). - tmpfs: fix uninitialized return value in shmem_link (bnc#1012382). - tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012382). - tools/power turbostat: return the exit status of a command (bnc#1012382). - tpm: fix kdoc for tpm2_flush_context_cmd() (bsc#1020645). - tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1020645, git-fixes). - tpm/tpm_crb: Avoid unaligned reads in crb_recv() (bnc#1012382). - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012382). - tpm: tpm-interface.c drop unused macros (bsc#1020645). - tracing: kdb: Fix ftdump to not sleep (bnc#1012382). - tty: atmel_serial: fix a potential NULL pointer dereference (bnc#1012382). - tty: increase the default flip buffer limit to 2*640K (bnc#1012382). - tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012382). - tty/serial: atmel: Add is_half_duplex helper (bnc#1012382). - tty/serial: atmel: RS485 HD w/DMA: enable RX after TX is stopped (bnc#1012382). - uas: fix alignment of scatter/gather segments (bsc#1129770). - udf: Fix crash on IO error during truncate (bnc#1012382). - Update config files: add CONFIG_CRC64=m - usb: Add new USB LPM helpers (bsc#1129770). - usb: chipidea: Grab the (legacy) USB PHY by phandle first (bnc#1012382). - usb: Consolidate LPM checks to avoid enabling LPM twice (bsc#1129770). - usb: core: only clean up what we allocated (bnc#1012382). - usb: dwc2: Fix DMA alignment to start at allocated boundary (bsc#1100132). - usb: dwc2: fix the incorrect bitmaps for the ports of multi_tt hub (bsc#1100132). - usb: dwc3: gadget: Fix suspend/resume during device mode (bnc#1012382). - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts (bnc#1012382). - usb: gadget: Add the gserial port checking in gs_start_tx() (bnc#1012382). - usb: gadget: composite: fix dereference after null check coverify warning (bnc#1012382). - usb: gadget: configfs: add mutex lock before unregister gadget (bnc#1012382). - usb: gadget: Potential NULL dereference on allocation error (bnc#1012382). - usb: gadget: rndis: free response queue during REMOTE_NDIS_RESET_MSG (bnc#1012382). - usb: renesas_usbhs: gadget: fix unused-but-set-variable warning (bnc#1012382). - usb: serial: cp210x: add ID for Ingenico 3070 (bnc#1012382). - usb: serial: cp210x: add new device id (bnc#1012382). - usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1119086). - usb: serial: ftdi_sio: add additional NovaTech products (bnc#1012382). - usb: serial: ftdi_sio: add ID for Hjelmslund Electronics USB485 (bnc#1012382). - usb: serial: mos7720: fix mos_parport refcount imbalance on error path (bsc#1129770). - usb: serial: option: add Olicard 600 (bnc#1012382). - usb: serial: option: add Telit ME910 ECM composition (bnc#1012382). - usb: serial: option: set driver_info for SIM5218 and compatibles (bsc#1129770). - video: fbdev: Set pixclock = 0 in goldfishfb (bnc#1012382). - vti4: Fix a ipip packet processing bug in 'IPCOMP' virtual tunnel (bnc#1012382). - vxlan: Do not call gro_cells_destroy() before device is unregistered (bnc#1012382). - vxlan: Fix GRO cells race condition between receive and link delete (bnc#1012382). - vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (bnc#1012382). - wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012382). - wlcore: Fix the return value in case of error in 'wlcore_vendor_cmd_smart_config_start()' (bsc#1120902). - x.509: unpack RSA signatureValue field from BIT STRING (git-fixes). - x86_64: increase stack size for KASAN_EXTRA (bnc#1012382). - x86/apic: Provide apic_ack_irq() (bsc#1122822). - x86/apic: Provide apic_ack_irq() (fate#327171, bsc#1122822). - x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012382). - x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012382). - x86/CPU/AMD: Set the CPB bit unconditionally on F17h (bnc#1012382). - x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012382). - x86/hpet: Prevent potential NULL pointer dereference (bnc#1012382). - x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012382). - x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (bsc#1122822). - x86/Hyper-V: Set x2apic destination mode to physical when x2apic is available (fate#327171, bsc#1122822). - x86/kexec: Do not setup EFI info if EFI runtime is not enabled (bnc#1012382). - x86/kprobes: Verify stack frame on kretprobe (bnc#1012382). - x86/mce: Improve error message when kernel cannot recover, p2 (bsc#1114648). - x86/smp: Enforce CONFIG_HOTPLUG_CPU when SMP=y (bnc#1012382). - x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1111331). - x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - x86/uaccess: Do not leak the AC flag into __put_user() value evaluation (bsc#1114648). - x86/vdso: Add VCLOCK_HVCLOCK vDSO clock read method (bsc#1133308). - x86/vdso: Drop implicit common-page-size linker flag (bnc#1012382). - x86/vdso: Pass --eh-frame-hdr to the linker (git-fixes). - x86: vdso: Use $LD instead of $CC to link (bnc#1012382). - xen-netback: fix occasional leak of grant ref mappings under memory pressure (bnc#1012382). - xen: Prevent buffer overflow in privcmd ioctl (bnc#1012382). - xfrm_user: fix info leak in build_aevent() (git-fixes). - xfrm_user: fix info leak in xfrm_notify_sa() (git-fixes). - xhci: Do not let USB3 ports stuck in polling state prevent suspend (bsc#1047487). - xhci: Fix port resume done detection for SS ports with LPM enabled (bnc#1012382). - xtensa: fix return_address (bnc#1012382). - xtensa: SMP: fix ccount_timer_shutdown (bnc#1012382). - xtensa: SMP: fix secondary CPU initialization (bnc#1012382). - xtensa: SMP: limit number of possible CPUs by NR_CPUS (bnc#1012382). - xtensa: SMP: mark each possible CPU as present (bnc#1012382). - xtensa: smp_lx200_defconfig: fix vectors clash (bnc#1012382). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1407=1 Package List: - openSUSE Leap 42.3 (noarch): kernel-devel-4.4.179-99.1 kernel-docs-4.4.179-99.1 kernel-docs-html-4.4.179-99.1 kernel-docs-pdf-4.4.179-99.1 kernel-macros-4.4.179-99.1 kernel-source-4.4.179-99.1 kernel-source-vanilla-4.4.179-99.1 - openSUSE Leap 42.3 (x86_64): kernel-debug-4.4.179-99.1 kernel-debug-base-4.4.179-99.1 kernel-debug-base-debuginfo-4.4.179-99.1 kernel-debug-debuginfo-4.4.179-99.1 kernel-debug-debugsource-4.4.179-99.1 kernel-debug-devel-4.4.179-99.1 kernel-debug-devel-debuginfo-4.4.179-99.1 kernel-default-4.4.179-99.1 kernel-default-base-4.4.179-99.1 kernel-default-base-debuginfo-4.4.179-99.1 kernel-default-debuginfo-4.4.179-99.1 kernel-default-debugsource-4.4.179-99.1 kernel-default-devel-4.4.179-99.1 kernel-obs-build-4.4.179-99.1 kernel-obs-build-debugsource-4.4.179-99.1 kernel-obs-qa-4.4.179-99.1 kernel-syms-4.4.179-99.1 kernel-vanilla-4.4.179-99.1 kernel-vanilla-base-4.4.179-99.1 kernel-vanilla-base-debuginfo-4.4.179-99.1 kernel-vanilla-debuginfo-4.4.179-99.1 kernel-vanilla-debugsource-4.4.179-99.1 kernel-vanilla-devel-4.4.179-99.1 References: https://www.suse.com/security/cve/CVE-2018-1000204.html https://www.suse.com/security/cve/CVE-2018-10853.html https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2018-15594.html https://www.suse.com/security/cve/CVE-2018-17972.html https://www.suse.com/security/cve/CVE-2018-5814.html https://www.suse.com/security/cve/CVE-2019-11091.html https://www.suse.com/security/cve/CVE-2019-11486.html https://www.suse.com/security/cve/CVE-2019-11815.html https://www.suse.com/security/cve/CVE-2019-11884.html https://www.suse.com/security/cve/CVE-2019-3882.html https://www.suse.com/security/cve/CVE-2019-9503.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1020645 https://bugzilla.suse.com/1020989 https://bugzilla.suse.com/1031492 https://bugzilla.suse.com/1047487 https://bugzilla.suse.com/1051510 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1062056 https://bugzilla.suse.com/1063638 https://bugzilla.suse.com/1064388 https://bugzilla.suse.com/1066223 https://bugzilla.suse.com/1070872 https://bugzilla.suse.com/1085539 https://bugzilla.suse.com/1087092 https://bugzilla.suse.com/1094244 https://bugzilla.suse.com/1096480 https://bugzilla.suse.com/1096728 https://bugzilla.suse.com/1097104 https://bugzilla.suse.com/1100132 https://bugzilla.suse.com/1103186 https://bugzilla.suse.com/1105348 https://bugzilla.suse.com/1106110 https://bugzilla.suse.com/1106913 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1108293 https://bugzilla.suse.com/1110785 https://bugzilla.suse.com/1110946 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1112063 https://bugzilla.suse.com/1112178 https://bugzilla.suse.com/1113399 https://bugzilla.suse.com/1114542 https://bugzilla.suse.com/1114638 https://bugzilla.suse.com/1114648 https://bugzilla.suse.com/1114893 https://bugzilla.suse.com/1116803 https://bugzilla.suse.com/1118338 https://bugzilla.suse.com/1118506 https://bugzilla.suse.com/1119086 https://bugzilla.suse.com/1119974 https://bugzilla.suse.com/1120902 https://bugzilla.suse.com/1122776 https://bugzilla.suse.com/1122822 https://bugzilla.suse.com/1125580 https://bugzilla.suse.com/1126040 https://bugzilla.suse.com/1126356 https://bugzilla.suse.com/1127445 https://bugzilla.suse.com/1129138 https://bugzilla.suse.com/1129278 https://bugzilla.suse.com/1129326 https://bugzilla.suse.com/1129770 https://bugzilla.suse.com/1130130 https://bugzilla.suse.com/1130343 https://bugzilla.suse.com/1130344 https://bugzilla.suse.com/1130345 https://bugzilla.suse.com/1130346 https://bugzilla.suse.com/1130347 https://bugzilla.suse.com/1130356 https://bugzilla.suse.com/1130425 https://bugzilla.suse.com/1130567 https://bugzilla.suse.com/1130737 https://bugzilla.suse.com/1130972 https://bugzilla.suse.com/1131107 https://bugzilla.suse.com/1131416 https://bugzilla.suse.com/1131427 https://bugzilla.suse.com/1131488 https://bugzilla.suse.com/1131587 https://bugzilla.suse.com/1131659 https://bugzilla.suse.com/1131857 https://bugzilla.suse.com/1131900 https://bugzilla.suse.com/1131934 https://bugzilla.suse.com/1131935 https://bugzilla.suse.com/1131980 https://bugzilla.suse.com/1132212 https://bugzilla.suse.com/1132227 https://bugzilla.suse.com/1132534 https://bugzilla.suse.com/1132589 https://bugzilla.suse.com/1132618 https://bugzilla.suse.com/1132619 https://bugzilla.suse.com/1132634 https://bugzilla.suse.com/1132635 https://bugzilla.suse.com/1132636 https://bugzilla.suse.com/1132637 https://bugzilla.suse.com/1132638 https://bugzilla.suse.com/1132727 https://bugzilla.suse.com/1132828 https://bugzilla.suse.com/1133188 https://bugzilla.suse.com/1133308 https://bugzilla.suse.com/1133584 https://bugzilla.suse.com/1134160 https://bugzilla.suse.com/1134162 https://bugzilla.suse.com/1134537 https://bugzilla.suse.com/1134564 https://bugzilla.suse.com/1134565 https://bugzilla.suse.com/1134566 https://bugzilla.suse.com/1134651 https://bugzilla.suse.com/1134760 https://bugzilla.suse.com/1134848 https://bugzilla.suse.com/1135013 https://bugzilla.suse.com/1135014 https://bugzilla.suse.com/1135015 https://bugzilla.suse.com/1135100 https://bugzilla.suse.com/843419 https://bugzilla.suse.com/994770 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1408-1: important: Security update for ucode-intel
by opensuse-security＠opensuse.org 20 May '19

20 May '19

openSUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1408-1 Rating: important References: #1104479 #1111331 #1129231 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release (boo#1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091) Release notes: - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2 - ---- updated platforms ------------------------------------ - SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2 - IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3 - HSW C0 6-3c-3/32 00000025->00000027 Core Gen4 - BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5 - IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2 - IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2 - HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3 - HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3 - HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4 - HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4 - BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5 - SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6 - SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable - SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx - BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40 - BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 - BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87 - BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53 - APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx - SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5 - DNV B0 6-5f-1/01 00000024->0000002e Atom Processor C Series - GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx - AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile - KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8 - CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9 - CFL-H R0 6-9e-d/22 000000b0->000000b8 Core Gen9 Mobile It also contains the update to 20190312 release (boo#1129231): - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - AML-Y22 H0 6-8e-9/10 0000009e Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2 Core Gen8 Mobile - CFL-S P0 6-9e-c/22 000000a2 Core Gen9 Desktop - CFL-H R0 6-9e-d/22 000000b0 Core Gen9 Mobile - ---- updated platforms ------------------------------------ - HSX-E/EP Cx/M1 6-3f-2/6f 0000003d->00000041 Core Gen4 X series; Xeon E5 v3 - HSX-EX E0 6-3f-4/80 00000012->00000013 Xeon E7 v3 - SKX-SP H0/M0/U0 6-55-4/b7 0200004d->0000005a Xeon Scalable - SKX-D M1 6-55-4/b7 0200004d->0000005a Xeon D-21xx - BDX-DE V1 6-56-2/10 00000017->00000019 Xeon D-1520/40 - BDX-DE V2/3 6-56-3/10 07000013->07000016 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 - BDX-DE Y0 6-56-4/10 0f000012->0f000014 Xeon D-1557/59/67/71/77/81/87 - BDX-NS A0 6-56-5/10 0e00000a->0e00000c Xeon D-1513N/23/33/43/53 - APL D0 6-5c-9/03 00000032->00000036 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx - APL E0 6-5c-a/03 0000000c->00000010 Atom x5/7-E39xx - GLK B0 6-7a-1/01 00000028->0000002c Pentium Silver N/J5xxx, Celeron N/J4xxx - KBL-U/Y H0 6-8e-9/c0 0000008e->0000009a Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 00000096->0000009e Core Gen8 Mobile - KBL-H/S/E3 B0 6-9e-9/2a 0000008e->0000009a Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 00000096->000000aa Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 0000008e->000000aa Core Gen8 And it also contains the update to 20180807a, no change except licensing. (boo#1104479). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1408=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): ucode-intel-20190514-32.1 ucode-intel-blob-20190514-32.1 ucode-intel-debuginfo-20190514-32.1 ucode-intel-debugsource-20190514-32.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2019-11091.html https://bugzilla.suse.com/1104479 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1129231 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE and the new "Microarchitectural Data Sampling" CPU side channel issues
by Marcus Meissner 20 May '19

20 May '19

Hi folks, Sorry for a bit late update. We have now released all the software updates for openSUSE Leap 42.3 and 15.0 to allow deploying software mitigations for the newly announced "Microarchitectural Data Sampling" side channel attacks. OpenSUSE Leap 15.1 will come with these available from GA and also the last Tumbleweed snapshot has the mitigations available. Our blog: https://www.suse.com/c/suse-addresses-microarchitectural-data-sampling-vuln… Our TID that explains the sysfs files and kernel bootline possibilities: https://www.suse.com/support/kb/doc/?id=7023736 Also a new version of "spectre-meltdown-checker" is available on Tumbleweed. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1405-1: important: Security update for qemu
by opensuse-security＠opensuse.org 17 May '19

17 May '19

openSUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1405-1 Rating: important References: #1111331 #1125721 #1126455 #1129622 #1130675 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2019-11091 CVE-2019-3812 CVE-2019-8934 CVE-2019-9824 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update for qemu fixes the following issues: Security issues fixed: - CVE-2019-9824: Fixed an information leak in slirp (bsc#1129622) - CVE-2019-8934: Added method to specify whether or not to expose certain ppc64 host information, which can be considered a security issue (bsc#1126455) - CVE-2019-3812: Fixed OOB memory access and information leak in virtual monitor interface (bsc#1125721) - CVE-2018-20815: Fix DOS possibility in device tree processing (bsc#1130675) - Adjust fix for CVE-2019-8934 (bsc#1126455) to match the latest upstream adjustments for the same. Basically now the security fix is to provide a dummy host-model and host-serial value, which overrides getting that value from the host - CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091: Added x86 cpu feature "md-clear" (bsc#1111331) Other bugs fixed: - Use a new approach to handling the file input to -smbios option, which accepts either legacy or per-spec formats regardless of the machine type. This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1405=1 Package List: - openSUSE Leap 15.0 (x86_64): qemu-2.11.2-lp150.7.22.1 qemu-arm-2.11.2-lp150.7.22.1 qemu-arm-debuginfo-2.11.2-lp150.7.22.1 qemu-block-curl-2.11.2-lp150.7.22.1 qemu-block-curl-debuginfo-2.11.2-lp150.7.22.1 qemu-block-dmg-2.11.2-lp150.7.22.1 qemu-block-dmg-debuginfo-2.11.2-lp150.7.22.1 qemu-block-gluster-2.11.2-lp150.7.22.1 qemu-block-gluster-debuginfo-2.11.2-lp150.7.22.1 qemu-block-iscsi-2.11.2-lp150.7.22.1 qemu-block-iscsi-debuginfo-2.11.2-lp150.7.22.1 qemu-block-rbd-2.11.2-lp150.7.22.1 qemu-block-rbd-debuginfo-2.11.2-lp150.7.22.1 qemu-block-ssh-2.11.2-lp150.7.22.1 qemu-block-ssh-debuginfo-2.11.2-lp150.7.22.1 qemu-debuginfo-2.11.2-lp150.7.22.1 qemu-debugsource-2.11.2-lp150.7.22.1 qemu-extra-2.11.2-lp150.7.22.1 qemu-extra-debuginfo-2.11.2-lp150.7.22.1 qemu-guest-agent-2.11.2-lp150.7.22.1 qemu-guest-agent-debuginfo-2.11.2-lp150.7.22.1 qemu-ksm-2.11.2-lp150.7.22.1 qemu-kvm-2.11.2-lp150.7.22.1 qemu-lang-2.11.2-lp150.7.22.1 qemu-ppc-2.11.2-lp150.7.22.1 qemu-ppc-debuginfo-2.11.2-lp150.7.22.1 qemu-s390-2.11.2-lp150.7.22.1 qemu-s390-debuginfo-2.11.2-lp150.7.22.1 qemu-tools-2.11.2-lp150.7.22.1 qemu-tools-debuginfo-2.11.2-lp150.7.22.1 qemu-x86-2.11.2-lp150.7.22.1 qemu-x86-debuginfo-2.11.2-lp150.7.22.1 - openSUSE Leap 15.0 (noarch): qemu-ipxe-1.0.0+-lp150.7.22.1 qemu-seabios-1.11.0-lp150.7.22.1 qemu-sgabios-8-lp150.7.22.1 qemu-vgabios-1.11.0-lp150.7.22.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2018-20815.html https://www.suse.com/security/cve/CVE-2019-11091.html https://www.suse.com/security/cve/CVE-2019-3812.html https://www.suse.com/security/cve/CVE-2019-8934.html https://www.suse.com/security/cve/CVE-2019-9824.html https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1125721 https://bugzilla.suse.com/1126455 https://bugzilla.suse.com/1129622 https://bugzilla.suse.com/1130675 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1402-1: important: Security update for ucode-intel
by opensuse-security＠opensuse.org 16 May '19

16 May '19

openSUSE Security Update: Security update for ucode-intel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1402-1 Rating: important References: #1111331 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for ucode-intel fixes the following issues: This update contains the Intel QSR 2019.1 Microcode release (bsc#1111331) Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the CPU Microcode adjustments for the software mitigations. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Release notes: - Processor Identifier Version Products - Model Stepping F-MO-S/PI Old->New - ---- new platforms ---------------------------------------- - CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2 - ---- updated platforms ------------------------------------ - SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2 - IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3 - HSW C0 6-3c-3/32 00000025->00000027 Core Gen4 - BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5 - IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2 - IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2 - HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3 - HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3 - HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4 - HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4 - BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5 - SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6 - SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable - SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx - BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40 - BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 - BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87 - BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53 - APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx - SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5 - DNV B0 6-5f-1/01 00000024->0000002e Atom Processor C Series - GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx - AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile - KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile - CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile - WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile - WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile - KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6 - CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E - CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8 - CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9 - CFL-H R0 6-9e-d/22 000000b0->000000b8 Core Gen9 Mobile This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1402=1 Package List: - openSUSE Leap 15.0 (x86_64): ucode-intel-20190507-lp150.2.18.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2019-11091.html https://bugzilla.suse.com/1111331 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1403-1: important: Security update for xen
by opensuse-security＠opensuse.org 16 May '19

16 May '19

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1403-1 Rating: important References: #1027519 #1079730 #1098403 #1111025 #1111331 #1120067 #1120095 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves four vulnerabilities and has three fixes is now available. Description: This update for xen fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) These updates contain the XEN Hypervisor adjustments, that additionaly also use CPU Microcode updates. The mitigation can be controlled via the "mds" commandline option, see the documentation. For more information on this set of vulnerabilities, check out https://www.suse.com/support/kb/doc/?id=7023736 Other fixes: - Added code to change LIBXL_HOTPLUG_TIMEOUT at runtime. The included README has details about the impact of this change (bsc#1120095) - Fixes in Live migrating PV domUs An earlier change broke live migration of PV domUs without a device model. The migration would stall for 10 seconds while the domU was paused, which caused network connections to drop. Fix this by tracking the need for a device model within libxl. (bsc#1079730, bsc#1098403, bsc#1111025) - Libvirt segfault when crash triggered on top of HVM guest (bsc#1120067) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1403=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): xen-debugsource-4.10.3_04-lp150.2.19.1 xen-devel-4.10.3_04-lp150.2.19.1 xen-libs-4.10.3_04-lp150.2.19.1 xen-libs-debuginfo-4.10.3_04-lp150.2.19.1 xen-tools-domU-4.10.3_04-lp150.2.19.1 xen-tools-domU-debuginfo-4.10.3_04-lp150.2.19.1 - openSUSE Leap 15.0 (x86_64): xen-4.10.3_04-lp150.2.19.1 xen-doc-html-4.10.3_04-lp150.2.19.1 xen-libs-32bit-4.10.3_04-lp150.2.19.1 xen-libs-32bit-debuginfo-4.10.3_04-lp150.2.19.1 xen-tools-4.10.3_04-lp150.2.19.1 xen-tools-debuginfo-4.10.3_04-lp150.2.19.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2019-11091.html https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1079730 https://bugzilla.suse.com/1098403 https://bugzilla.suse.com/1111025 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1120067 https://bugzilla.suse.com/1120095 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1404-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 16 May '19

16 May '19

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1404-1 Rating: important References: #1050549 #1051510 #1052904 #1053043 #1055117 #1055121 #1055186 #1061840 #1063638 #1065600 #1065729 #1070872 #1082555 #1083647 #1085535 #1085536 #1088804 #1097583 #1097584 #1097585 #1097586 #1097587 #1097588 #1103186 #1103259 #1106011 #1108193 #1108838 #1108937 #1110946 #1111331 #1112063 #1112128 #1112178 #1113722 #1114279 #1114427 #1114542 #1114638 #1119680 #1119843 #1120318 #1120902 #1122767 #1122776 #1124839 #1126221 #1126704 #1126740 #1127175 #1127371 #1127372 #1127374 #1128052 #1128415 #1128544 #1128979 #1129138 #1129273 #1129497 #1129770 #1130195 #1130425 #1130527 #1130567 #1130579 #1130972 #1131107 #1131167 #1131168 #1131169 #1131170 #1131171 #1131172 #1131173 #1131174 #1131175 #1131176 #1131177 #1131178 #1131179 #1131180 #1131290 #1131326 #1131335 #1131336 #1131416 #1131427 #1131442 #1131451 #1131467 #1131488 #1131574 #1131587 #1131659 #1131673 #1131847 #1131848 #1131851 #1131900 #1131934 #1131935 #1132044 #1132083 #1132219 #1132226 #1132227 #1132365 #1132368 #1132369 #1132370 #1132372 #1132373 #1132384 #1132397 #1132402 #1132403 #1132404 #1132405 #1132407 #1132411 #1132412 #1132413 #1132414 #1132426 #1132527 #1132531 #1132555 #1132558 #1132561 #1132562 #1132563 #1132564 #1132570 #1132571 #1132572 #1132589 #1132618 #1132681 #1132726 #1132828 #1132943 #1133005 #1133094 #1133095 #1133115 #1133149 #1133176 #1133188 #1133486 #1133529 #1133584 #1133667 #1133668 #1133672 #1133674 #1133675 #1133698 #1133702 #1133731 #1133769 #1133772 #1133774 #1133778 #1133779 #1133780 #1133825 #1133850 #1133851 #1133852 #1134160 #1134162 #1134199 #1134200 #1134201 #1134202 #1134203 #1134204 #1134205 #1134354 #1134393 #1134459 #1134460 #1134461 #1134537 #1134651 #1134760 #1134810 #1134813 #1134848 #1135006 #1135007 #1135008 #1135100 Cross-References: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-16880 CVE-2019-11091 CVE-2019-11486 CVE-2019-11815 CVE-2019-11884 CVE-2019-3882 CVE-2019-9003 CVE-2019-9500 CVE-2019-9503 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 182 fixes is now available. Description: The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. Four new speculative execution information leak issues have been identified in Intel CPUs. (bsc#1111331) - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS) - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS) - CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS) - CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) This kernel update contains software mitigations for these issues, which also utilize CPU microcode updates shipped in parallel. For more information on this set of information leaks, check out https://www.suse.com/support/kb/doc/?id=7023736 The following security bugs were fixed: - CVE-2018-16880: A flaw was found in handle_rx() function in the vhost_net driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out. (bnc#1122767). - CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c had multiple race conditions (bnc#1133188). It has been disabled. - CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537). - CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character (bnc#1134848). - CVE-2019-3882: A flaw was found in vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). (bnc#1131416 bnc#1131427). - CVE-2019-9003: Attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop (bnc#1126704). - CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results was fixed (bnc#1132681). - CVE-2019-9503: Multiple brcmfmac frame validation bypasses have been fixed (bnc#1132828). The following non-security bugs were fixed: - 9p: do not trust pdu content for stat item size (bsc#1051510). - acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128) (bsc#1132426). - ACPI / SBS: Fix GPE storm on recent MacBookPro's (bsc#1051510). - ALSA: core: Do not refer to snd_cards array directly (bsc#1051510). - ALSA: core: Fix card races between register and disconnect (bsc#1051510). - ALSA: emu10k1: Drop superfluous id-uniquification behavior (bsc#1051510). - ALSA: hda - Add two more machines to the power_save_blacklist (bsc#1051510). - ALSA: hda/hdmi - Consider eld_valid when reporting jack event (bsc#1051510). - ALSA: hda/hdmi - Read the pin sense from register when repolling (bsc#1051510). - ALSA: hda: Initialize power_state field properly (bsc#1051510). - ALSA: hda/realtek - Add new Dell platform for headset mode (bsc#1051510). - ALSA: hda/realtek - Add quirk for Tuxedo XC 1509 (bsc#1131442). - ALSA: hda/realtek - Add support headset mode for DELL WYSE AIO (bsc#1051510). - ALSA: hda/realtek - Add support headset mode for New DELL WYSE NB (bsc#1051510). - ALSA: hda/realtek - add two more pin configuration sets to quirk table (bsc#1051510). - ALSA: hda/realtek - Apply the fixup for ASUS Q325UAR (bsc#1051510). - ALSA: hda/realtek - EAPD turn on later (bsc#1051510). - ALSA: hda/realtek - Fixed Dell AIO speaker noise (bsc#1051510). - ALSA: hda - Register irq handler after the chip initialization (bsc#1051510). - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bsc#1051510). - ALSA: info: Fix racy addition/deletion of nodes (bsc#1051510). - ALSA: line6: Avoid polluting led_* namespace (bsc#1051510). - ALSA: line6: use dynamic buffers (bsc#1051510). - ALSA: PCM: check if ops are defined before suspending PCM (bsc#1051510). - ALSA: seq: Align temporary re-locking with irqsave version (bsc#1051510). - ALSA: seq: Correct unlock sequence at snd_seq_client_ioctl_unlock() (bsc#1051510). - ALSA: seq: Cover unsubscribe_port() in list_mutex (bsc#1051510). - ALSA: seq: Fix OOB-reads from strlcpy (bsc#1051510). - ALSA: seq: Fix race of get-subscription call vs port-delete ioctls (bsc#1051510). - ALSA: seq: Protect in-kernel ioctl calls with mutex (bsc#1051510). - ALSA: seq: Protect racy pool manipulation from OSS sequencer (bsc#1051510). - ALSA: seq: Remove superfluous irqsave flags (bsc#1051510). - ALSA: seq: Simplify snd_seq_kernel_client_enqueue() helper (bsc#1051510). - ALSA: timer: Check ack_list emptiness instead of bit flag (bsc#1051510). - ALSA: timer: Coding style fixes (bsc#1051510). - ALSA: timer: Make snd_timer_close() really kill pending actions (bsc#1051510). - ALSA: timer: Make sure to clear pending ack list (bsc#1051510). - ALSA: timer: Revert active callback sync check at close (bsc#1051510). - ALSA: timer: Simplify error path in snd_timer_open() (bsc#1051510). - ALSA: timer: Unify timer callback process code (bsc#1051510). - ALSA: usb-audio: Fix a memory leak bug (bsc#1051510). - ALSA: usb-audio: Handle the error from snd_usb_mixer_apply_create_quirk() (bsc#1051510). - ALSA: usx2y: fix a double free bug (bsc#1051510). - ASoC: cs4270: Set auto-increment bit for register writes (bsc#1051510). - ASoC: fix valid stream condition (bsc#1051510). - ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bsc#1051510). - ASoC: fsl_esai: fix channel swap issue when stream starts (bsc#1051510). - ASoC: fsl_esai: Fix missing break in switch statement (bsc#1051510). - ASoC: hdmi-codec: fix S/PDIF DAI (bsc#1051510). - ASoC: Intel: avoid Oops if DMA setup fails (bsc#1051510). - ASoC: max98090: Fix restore of DAPM Muxes (bsc#1051510). - ASoC: nau8810: fix the issue of widget with prefixed name (bsc#1051510). - ASoC: nau8824: fix the issue of the widget with prefix name (bsc#1051510). - ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bsc#1051510). - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate (bsc#1051510). - ASoC:soc-pcm:fix a codec fixup issue in TDM case (bsc#1051510). - ASoC: stm32: fix sai driver name initialisation (bsc#1051510). - ASoC: tlv320aic32x4: Fix Common Pins (bsc#1051510). - ASoC: topology: free created components in tplg load error (bsc#1051510). - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error (bsc#1051510). - assume flash part size to be 4MB, if it can't be determined (bsc#1127371). - at76c50x-usb: Do not register led_trigger if usb_register_driver failed (bsc#1051510). - ath10k: avoid possible string overflow (bsc#1051510). - audit: fix a memleak caused by auditing load module (bsc#1051510). - b43: shut up clang -Wuninitialized variable warning (bsc#1051510). - batman-adv: Reduce claim hash refcnt only for removed entry (bsc#1051510). - batman-adv: Reduce tt_global hash refcnt only for removed entry (bsc#1051510). - batman-adv: Reduce tt_local hash refcnt only for removed entry (bsc#1051510). - bcache: account size of buckets used in uuid write to ca->meta_sectors_written (bsc#1130972). - bcache: add a comment in super.c (bsc#1130972). - bcache: add code comments for bset.c (bsc#1130972). - bcache: add comment for cache_set->fill_iter (bsc#1130972). - bcache: add identifier names to arguments of function definitions (bsc#1130972). - bcache: add missing SPDX header (bsc#1130972). - bcache: add MODULE_DESCRIPTION information (bsc#1130972). - bcache: add separate workqueue for journal_write to avoid deadlock (bsc#1130972). - bcache: add static const prefix to char * array declarations (bsc#1130972). - bcache: add sysfs_strtoul_bool() for setting bit-field variables (bsc#1130972). - bcache: add the missing comments for smp_mb()/smp_wmb() (bsc#1130972). - bcache: cannot set writeback_running via sysfs if no writeback kthread created (bsc#1130972). - bcache: correct dirty data statistics (bsc#1130972). - bcache: do not assign in if condition in bcache_init() (bsc#1130972). - bcache: do not assign in if condition register_bcache() (bsc#1130972). - bcache: do not check if debug dentry is ERR or NULL explicitly on remove (bsc#1130972). - bcache: do not check NULL pointer before calling kmem_cache_destroy (bsc#1130972). - bcache: do not clone bio in bch_data_verify (bsc#1130972). - bcache: do not mark writeback_running too early (bsc#1130972). - bcache: export backing_dev_name via sysfs (bsc#1130972). - bcache: export backing_dev_uuid via sysfs (bsc#1130972). - bcache: fix code comments style (bsc#1130972). - bcache: fix indentation issue, remove tabs on a hunk of code (bsc#1130972). - bcache: fix indent by replacing blank by tabs (bsc#1130972). - bcache: fix input integer overflow of congested threshold (bsc#1130972). - bcache: fix input overflow to cache set io_error_limit (bsc#1130972). - bcache: fix input overflow to cache set sysfs file io_error_halflife (bsc#1130972). - bcache: fix input overflow to journal_delay_ms (bsc#1130972). - bcache: fix input overflow to sequential_cutoff (bsc#1130972). - bcache: fix input overflow to writeback_delay (bsc#1130972). - bcache: fix input overflow to writeback_rate_minimum (bsc#1130972). - bcache: fix ioctl in flash device (bsc#1130972). - bcache: fix mistaken code comments in bcache.h (bsc#1130972). - bcache: fix mistaken comments in request.c (bsc#1130972). - bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bsc#1130972). - bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bsc#1130972). - bcache: fix typo in code comments of closure_return_with_destructor() (bsc#1130972). - bcache: fix typo 'succesfully' to 'successfully' (bsc#1130972). - bcache: improve sysfs_strtoul_clamp() (bsc#1130972). - bcache: introduce force_wake_up_gc() (bsc#1130972). - bcache: make cutoff_writeback and cutoff_writeback_sync tunable (bsc#1130972). - bcache: Move couple of functions to sysfs.c (bsc#1130972). - bcache: Move couple of string arrays to sysfs.c (bsc#1130972). - bcache: move open brace at end of function definitions to next line (bsc#1130972). - bcache: never writeback a discard operation (bsc#1130972). - bcache: not use hard coded memset size in bch_cache_accounting_clear() (bsc#1130972). - bcache: option to automatically run gc thread after writeback (bsc#1130972). - bcache: panic fix for making cache device (bsc#1130972). - bcache: Populate writeback_rate_minimum attribute (bsc#1130972). - bcache: prefer 'help' in Kconfig (bsc#1130972). - bcache: print number of keys in trace_bcache_journal_write (bsc#1130972). - bcache: recal cached_dev_sectors on detach (bsc#1130972). - bcache: remove unnecessary space before ioctl function pointer arguments (bsc#1130972). - bcache: remove unused bch_passthrough_cache (bsc#1130972). - bcache: remove useless parameter of bch_debug_init() (bsc#1130972). - bcache: Replace bch_read_string_list() by __sysfs_match_string() (bsc#1130972). - bcache: replace hard coded number with BUCKET_GC_GEN_MAX (bsc#1130972). - bcache: replace '%pF' by '%pS' in seq_printf() (bsc#1130972). - bcache: replace printk() by pr_*() routines (bsc#1130972). - bcache: replace Symbolic permissions by octal permission numbers (bsc#1130972). - bcache: set writeback_percent in a flexible range (bsc#1130972). - bcache: split combined if-condition code into separate ones (bsc#1130972). - bcache: stop bcache device when backing device is offline (bsc#1130972). - bcache: stop using the deprecated get_seconds() (bsc#1130972). - bcache: style fixes for lines over 80 characters (bsc#1130972). - bcache: style fix to add a blank line after declarations (bsc#1130972). - bcache: style fix to replace 'unsigned' by 'unsigned int' (bsc#1130972). - bcache: treat stale && dirty keys as bad keys (bsc#1130972). - bcache: trivial - remove tailing backslash in macro BTREE_FLAG (bsc#1130972). - bcache: update comment for bch_data_insert (bsc#1130972). - bcache: update comment in sysfs.c (bsc#1130972). - bcache: use MAX_CACHES_PER_SET instead of magic number 8 in __bch_bucket_alloc_set (bsc#1130972). - bcache: use (REQ_META|REQ_PRIO) to indicate bio for metadata (bsc#1130972). - bcache: use REQ_PRIO to indicate bio for metadata (bsc#1130972). - bcache: use routines from lib/crc64.c for CRC64 calculation (bsc#1130972). - bcache: use sysfs_strtoul_bool() to set bit-field variables (bsc#1130972). - blkcg: Introduce blkg_root_lookup() (bsc#1131673). - blkcg: Make blkg_root_lookup() work for queues in bypass mode (bsc#1131673). - blk-mq: adjust debugfs and sysfs register when updating nr_hw_queues (bsc#1131673). - blk-mq: Avoid that submitting a bio concurrently with device removal triggers a crash (bsc#1131673). - blk-mq: change gfp flags to GFP_NOIO in blk_mq_realloc_hw_ctxs (bsc#1131673). - blk-mq: fallback to previous nr_hw_queues when updating fails (bsc#1131673). - blk-mq: init hctx sched after update ctx and hctx mapping (bsc#1131673). - blk-mq: realloc hctx when hw queue is mapped to another node (bsc#1131673). - blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (bsc#1131673). - block: check_events: do not bother with events if unsupported (bsc#1110946, bsc#1119843). - block: disk_events: introduce event flags (bsc#1110946, bsc#1119843). - block: Ensure that a request queue is dissociated from the cgroup controller (bsc#1131673). - block: Fix a race between request queue removal and the block cgroup controller (bsc#1131673). - block: Introduce blk_exit_queue() (bsc#1131673). - block: kABI fixes for bio_rewind_iter() removal (bsc#1131673). - block: remove bio_rewind_iter() (bsc#1131673). - bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bsc#1051510). - bluetooth: btusb: request wake pin with NOAUTOEN (bsc#1051510). - bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt (bsc#1051510). - bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() (bsc#1133731). - bluetooth: hidp: fix buffer overflow (bsc#1051510). - bnxt_en: Drop oversize TX packets to prevent errors (networking-stable-19_03_07). - bonding: fix PACKET_ORIGDEV regression (git-fixes). - bpf: fix use after free in bpf_evict_inode (bsc#1083647). - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bsc#1051510). - btrfs: add a helper to return a head ref (bsc#1134813). - btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size (git-fixes). - btrfs: breakout empty head cleanup to a helper (bsc#1134813). - btrfs: check for refs on snapshot delete resume (bsc#1131335). - btrfs: delayed-ref: Introduce better documented delayed ref structures (bsc#1063638 bsc#1128052 bsc#1108838). - btrfs: Do not panic when we can't find a root key (bsc#1112063). - btrfs: extent-tree: Open-code process_func in __btrfs_mod_ref (bsc#1063638 bsc#1128052 bsc#1108838). - btrfs: Factor out common delayed refs init code (bsc#1134813). - btrfs: fix assertion failure on fsync with NO_HOLES enabled (bsc#1131848). - btrfs: Fix bound checking in qgroup_trace_new_subtree_blocks (git-fixes). - btrfs: fix incorrect file size after shrinking truncate and fsync (bsc#1130195). - btrfs: Introduce init_delayed_ref_head (bsc#1134813). - btrfs: move all ref head cleanup to the helper function (bsc#1134813). - btrfs: move extent_op cleanup to a helper (bsc#1134813). - btrfs: move ref_mod modification into the if (ref) logic (bsc#1134813). - btrfs: Open-code add_delayed_data_ref (bsc#1134813). - btrfs: Open-code add_delayed_tree_ref (bsc#1134813). - btrfs: qgroup: Move reserved data accounting from btrfs_delayed_ref_head to btrfs_qgroup_extent_record (bsc#1134162). - btrfs: qgroup: Remove duplicated trace points for qgroup_rsv_add/release (bsc#1134160). - btrfs: remove delayed_ref_node from ref_head (bsc#1134813). - btrfs: remove WARN_ON in log_dir_items (bsc#1131847). - btrfs: save drop_progress if we drop refs at all (bsc#1131336). - btrfs: split delayed ref head initialization and addition (bsc#1134813). - btrfs: track refs in a rb_tree instead of a list (bsc#1134813). - btrfs: Use init_delayed_ref_common in add_delayed_data_ref (bsc#1134813). - btrfs: Use init_delayed_ref_common in add_delayed_tree_ref (bsc#1134813). - btrfs: Use init_delayed_ref_head in add_delayed_ref_head (bsc#1134813). - cdrom: Fix race condition in cdrom_sysctl_register (bsc#1051510). - ceph: ensure d_name stability in ceph_dentry_hash() (bsc#1134461). - ceph: fix ci->i_head_snapc leak (bsc#1122776). - ceph: fix use-after-free on symlink traversal (bsc#1134459). - ceph: only use d_name directly when parent is locked (bsc#1134460). - cgroup: fix parsing empty mount option string (bsc#1133094). - cifs: Do not count -ENODATA as failure for query directory (bsc#1051510). - cifs: do not dereference smb_file_target before null check (bsc#1051510). - cifs: Do not hide EINTR after sending network packets (bsc#1051510). - cifs: Do not reconnect TCP session in add_credits() (bsc#1051510). - cifs: Do not reset lease state to NONE on lease break (bsc#1051510). - cifs: Fix adjustment of credits for MTU requests (bsc#1051510). - cifs: Fix credit calculation for encrypted reads with errors (bsc#1051510). - cifs: Fix credits calculations for reads with errors (bsc#1051510). - cifs: fix POSIX lock leak and invalid ptr deref (bsc#1114542). - cifs: Fix possible hang during async MTU reads and writes (bsc#1051510). - cifs: Fix potential OOB access of lock element array (bsc#1051510). - cifs: Fix read after write for files with read caching (bsc#1051510). - clk: fractional-divider: check parent rate only if flag is set (bsc#1051510). - clk: rockchip: fix frac settings of GPLL clock for rk3328 (bsc#1051510). - clk: rockchip: Fix video codec clocks on rk3288 (bsc#1051510). - clk: rockchip: fix wrong clock definitions for rk3328 (bsc#1051510). - clk: x86: Add system specific quirk to mark clocks as critical (bsc#1051510). - cpupowerutils: bench - Fix cpu online check (bsc#1051510). - cpu/speculation: Add 'mitigations=' cmdline option (bsc#1112178). - crypto: arm/aes-neonbs - do not access already-freed walk.iv (bsc#1051510). - crypto: caam - add missing put_device() call (bsc#1129770). - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bsc#1051510). - crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bsc#1051510). - crypto: chacha20poly1305 - set cra_name correctly (bsc#1051510). - crypto: crct10dif-generic - fix use via crypto_shash_digest() (bsc#1051510). - crypto: crypto4xx - properly set IV after de- and encrypt (bsc#1051510). - crypto: fips - Grammar s/options/option/, s/to/the/ (bsc#1051510). - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bsc#1051510). - crypto: pcbc - remove bogus memcpy()s with src == dest (bsc#1051510). - crypto: sha256/arm - fix crash bug in Thumb2 build (bsc#1051510). - crypto: sha512/arm - fix crash bug in Thumb2 build (bsc#1051510). - crypto: skcipher - do not WARN on unprocessed data after slow walk step (bsc#1051510). - crypto: sun4i-ss - Fix invalid calculation of hash end (bsc#1051510). - crypto: vmx - fix copy-paste error in CTR mode (bsc#1051510). - crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bsc#1051510). - crypto: x86/poly1305 - fix overflow during partial reduction (bsc#1051510). - cxgb4: Add capability to get/set SGE Doorbell Queue Timer Tick (bsc#1127371). - cxgb4: Added missing break in ndo_udp_tunnel_{add/del} (bsc#1127371). - cxgb4: Add flag tc_flower_initialized (bsc#1127371). - cxgb4: Add new T5 PCI device id 0x50ae (bsc#1127371). - cxgb4: Add new T5 PCI device ids 0x50af and 0x50b0 (bsc#1127371). - cxgb4: Add new T6 PCI device ids 0x608a (bsc#1127371). - cxgb4: add per rx-queue counter for packet errors (bsc#1127371). - cxgb4: Add support for FW_ETH_TX_PKT_VM_WR (bsc#1127371). - cxgb4: add support to display DCB info (bsc#1127371). - cxgb4: Add support to read actual provisioned resources (bsc#1127371). - cxgb4: collect ASIC LA dumps from ULP TX (bsc#1127371). - cxgb4: collect hardware queue descriptors (bsc#1127371). - cxgb4: collect number of free PSTRUCT page pointers (bsc#1127371). - cxgb4: convert flower table to use rhashtable (bsc#1127371). - cxgb4: cxgb4: use FW_PORT_ACTION_L1_CFG32 for 32 bit capability (bsc#1127371). - cxgb4/cxgb4vf: Add support for SGE doorbell queue timer (bsc#1127371). - cxgb4/cxgb4vf: Fix mac_hlist initialization and free (bsc#1127374). - cxgb4/cxgb4vf: Link management changes (bsc#1127371). - cxgb4/cxgb4vf: Program hash region for {t4/t4vf}_change_mac() (bsc#1127371). - cxgb4: display number of rx and tx pages free (bsc#1127371). - cxgb4: do not return DUPLEX_UNKNOWN when link is down (bsc#1127371). - cxgb4: Export sge_host_page_size to ulds (bsc#1127371). - cxgb4: fix the error path of cxgb4_uld_register() (bsc#1127371). - cxgb4: impose mandatory VLAN usage when non-zero TAG ID (bsc#1127371). - cxgb4: Mask out interrupts that are not enabled (bsc#1127175). - cxgb4: move Tx/Rx free pages collection to common code (bsc#1127371). - cxgb4: remove redundant assignment to vlan_cmd.dropnovlan_fm (bsc#1127371). - cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size (bsc#1127371). - cxgb4: remove the unneeded locks (bsc#1127371). - cxgb4: specify IQTYPE in fw_iq_cmd (bsc#1127371). - cxgb4: Support ethtool private flags (bsc#1127371). - cxgb4: update supported DCB version (bsc#1127371). - cxgb4: use new fw interface to get the VIN and smt index (bsc#1127371). - cxgb4vf: Few more link management changes (bsc#1127374). - cxgb4vf: fix memleak in mac_hlist initialization (bsc#1127374). - cxgb4vf: Update port information in cxgb4vf_open() (bsc#1127374). - device_cgroup: fix RCU imbalance in error case (bsc#1051510). - Disable kgdboc failed by echo space to /sys/module/kgdboc/parameters/kgdboc (bsc#1051510). - dmaengine: axi-dmac: Do not check the number of frames for alignment (bsc#1051510). - dmaengine: imx-dma: fix warning comparison of distinct pointer types (bsc#1051510). - dmaengine: qcom_hidma: assign channel cookie correctly (bsc#1051510). - dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bsc#1051510). - dmaengine: tegra210-dma: free dma controller in remove() (bsc#1051510). - dmaengine: tegra: avoid overflow of byte tracking (bsc#1051510). - dm: disable DISCARD if the underlying storage no longer supports it (bsc#1114638). - drivers: hv: vmbus: Offload the handling of channels to two workqueues (bsc#1130567). - drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1130567). - drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bsc#1051510). - drm: bridge: dw-hdmi: Fix overflow workaround for Rockchip SoCs (bsc#1113722) - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bsc#1051510). - drm/fb-helper: dpms_legacy(): Only set on connectors in use (bsc#1051510). - drm/i915: Fix I915_EXEC_RING_MASK (bsc#1051510). - drm/i915/gvt: Add in context mmio 0x20D8 to gen9 mmio list (bsc#1113722) - drm/i915/gvt: Annotate iomem usage (bsc#1051510). - drm/i915/gvt: do not deliver a workload if its creation fails (bsc#1051510). - drm/i915/gvt: do not let pin count of shadow mm go negative (bsc#1113722) - drm/i915/gvt: Fix incorrect mask of mmio 0x22028 in gen8/9 mmio list (bnc#1113722) - drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check (bsc#1051510). - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() (bsc#1113722) - drm/mediatek: fix possible object reference leak (bsc#1051510). - drm/meson: add size and alignment requirements for dumb buffers (bnc#1113722) - drm/meson: Fix invalid pointer in meson_drv_unbind() (bsc#1051510). - drm/meson: Uninstall IRQ handler (bsc#1051510). - drm/nouveau: Stop using drm_crtc_force_disable (bsc#1051510). - drm/nouveau/volt/gf117: fix speedo readout register (bsc#1051510). - drm/rockchip: shutdown drm subsystem on shutdown (bsc#1051510). - drm/rockchip: vop: reset scale mode when win is disabled (bsc#1113722) - drm/sun4i: Add missing drm_atomic_helper_shutdown at driver unbind (bsc#1113722) - drm/sun4i: Fix component unbinding and component master deletion (bsc#1113722) - drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722) - drm/sun4i: Set device driver data at bind time for use in unbind (bsc#1113722) - drm/sun4i: Unbind components before releasing DRM and memory (bsc#1113722) - drm/ttm: Remove warning about inconsistent mapping information (bnc#1131488) - drm/udl: add a release method and delay modeset teardown (bsc#1085536) - drm/vc4: Fix memory leak during gpu reset. (bsc#1113722) - dsa: mv88e6xxx: Ensure all pending interrupts are handled prior to exit (networking-stable-19_02_20). - dt-bindings: net: Fix a typo in the phy-mode list for ethernet bindings (bsc#1129770). - dwc2: gadget: Fix completed transfer size calculation in DDMA (bsc#1051510). - e1000e: fix cyclic resets at link up with active tx (bsc#1051510). - e1000e: Fix -Wformat-truncation warnings (bsc#1051510). - ext2: Fix underflow in ext2_max_size() (bsc#1131174). - ext4: add mask of ext4 flags to swap (bsc#1131170). - ext4: add missing brelse() in add_new_gdb_meta_bg() (bsc#1131176). - ext4: brelse all indirect buffer in ext4_ind_remove_space() (bsc#1131173). - ext4: cleanup bh release code in ext4_ind_remove_space() (bsc#1131851). - ext4: cleanup pagecache before swap i_data (bsc#1131178). - ext4: fix check of inode in swap_inode_boot_loader (bsc#1131177). - ext4: fix data corruption caused by unaligned direct AIO (bsc#1131172). - ext4: fix EXT4_IOC_SWAP_BOOT (bsc#1131180). - ext4: fix NULL pointer dereference while journal is aborted (bsc#1131171). - ext4: update quota information while swapping boot loader inode (bsc#1131179). - fbdev: fbmem: fix memory access if logo is bigger than the screen (bsc#1051510). - fix cgroup_do_mount() handling of failure exits (bsc#1133095). - Fix kabi after "md: batch flush requests." (bsc#1119680). - Fix struct page kABI after adding atomic for ppc (bsc#1131326, bsc#1108937). - fm10k: Fix a potential NULL pointer dereference (bsc#1051510). - fs: avoid fdput() after failed fdget() in vfs_dedupe_file_range() (bsc#1132384, bsc#1132219). - fs/nfs: Fix nfs_parse_devname to not modify it's argument (git-fixes). - futex: Cure exit race (bsc#1050549). - futex: Ensure that futex address is aligned in handle_futex_death() (bsc#1050549). - futex: Handle early deadlock return correctly (bsc#1050549). - ghes, EDAC: Fix ghes_edac registration (bsc#1133176). - gpio: adnp: Fix testing wrong value in adnp_gpio_direction_input (bsc#1051510). - gpio: aspeed: fix a potential NULL pointer dereference (bsc#1051510). - gpio: gpio-omap: fix level interrupt idling (bsc#1051510). - gpio: of: Fix of_gpiochip_add() error path (bsc#1051510). - gre6: use log_ecn_error module parameter in ip6_tnl_rcv() (git-fixes). - hid: debug: fix race condition with between rdesc_show() and device removal (bsc#1051510). - hid: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486). - hid: input: add mapping for Assistant key (bsc#1051510). - hid: intel-ish-hid: avoid binding wrong ishtp_cl_device (bsc#1051510). - hid: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bsc#1051510). - hid: logitech: check the return value of create_singlethread_workqueue (bsc#1051510). - hv_netvsc: Fix IP header checksum for coalesced packets (networking-stable-19_03_07). - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwmon: (w83627hf) Use request_muxed_region for Super-IO accesses (bsc#1051510). - hwrng: virtio - Avoid repeated init of completion (bsc#1051510). - i2c: Make i2c_unregister_device() NULL-aware (bsc#1108193). - ibmvnic: Enable GRO (bsc#1132227). - ibmvnic: Fix completion structure initialization (bsc#1131659). - ibmvnic: Fix netdev feature clobbering during a reset (bsc#1132227). - iio: adc: at91: disable adc channel interrupt in timeout case (bsc#1051510). - iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bsc#1051510). - iio: ad_sigma_delta: select channel when reading register (bsc#1051510). - iio: core: fix a possible circular locking dependency (bsc#1051510). - iio: cros_ec: Fix the maths for gyro scale calculation (bsc#1051510). - iio: dac: mcp4725: add missing powerdown bits in store eeprom (bsc#1051510). - iio: Fix scan mask selection (bsc#1051510). - iio/gyro/bmg160: Use millidegrees for temperature scale (bsc#1051510). - iio: gyro: mpu3050: fix chip ID reading (bsc#1051510). - Input: introduce KEY_ASSISTANT (bsc#1051510). - Input: snvs_pwrkey - initialize necessary driver data before enabling IRQ (bsc#1051510). - Input: synaptics-rmi4 - write config register values to the right offset (bsc#1051510). - intel_idle: add support for Jacobsville (jsc#SLE-5394). - intel_th: msu: Fix single mode with IOMMU (bsc#1051510). - intel_th: pci: Add Comet Lake support (bsc#1051510). - io: accel: kxcjk1013: restore the range after resume (bsc#1051510). - iommu/amd: Set exclusion range correctly (bsc#1130425). - iommu/vt-d: Do not request page request irq under dmar_global_lock (bsc#1135006). - iommu/vt-d: Make kernel parameter igfx_off work with vIOMMU (bsc#1135007). - iommu/vt-d: Set intel_iommu_gfx_mapped correctly (bsc#1135008). - ip6_tunnel: fix ip6 tunnel lookup in collect_md mode (git-fixes). - ipmi: Fix I2C client removal in the SSIF driver (bsc#1108193). - ipmi:ssif: compare block number correctly for multi-part return messages (bsc#1051510). - ipmi_ssif: Remove duplicate NULL check (bsc#1108193). - ipv4: Return error for RTA_VIA attribute (networking-stable-19_03_07). - ipv6: Fix dangling pointer when ipv6 fragment (git-fixes). - ipv6: propagate genlmsg_reply return code (networking-stable-19_02_24). - ipv6: Return error for RTA_VIA attribute (networking-stable-19_03_07). - ipv6: sit: reset ip header pointer in ipip6_rcv (git-fixes). - ipvlan: disallow userns cap_net_admin to change global mode/flags (networking-stable-19_03_15). - ipvs: remove IPS_NAT_MASK check to fix passive FTP (git-fixes). - It's wrong to add len to sector_nr in raid10 reshape twice (git-fixes). - iw_cxgb4: cq/qp mask depends on bar2 pages in a host page (bsc#1127371). - iwiwifi: fix bad monitor buffer register addresses (bsc#1129770). - iwlwifi: fix send hcmd timeout recovery flow (bsc#1129770). - jbd2: clear dirty flag when revoking a buffer from an older transaction (bsc#1131167). - jbd2: fix compile warning when using JBUFFER_TRACE (bsc#1131168). - kABI: restore icmp_send (kabi). - kabi/severities: add cxgb4 and cxgb4vf shared data to the whitelis (bsc#1127372) - kABI workaround for removed usb_interface.pm_usage_cnt field (bsc#1051510). - kABI workaround for snd_seq_kernel_client_enqueue() API changes (bsc#1051510). - kbuild: modversions: Fix relative CRC byte order interpretation (bsc#1131290). - kbuild: strip whitespace in cmd_record_mcount findstring (bsc#1065729). - kcm: switch order of device registration to fix a crash (bnc#1130527). - kernel/sysctl.c: add missing range check in do_proc_dointvec_minmax_conv (bsc#1051510). - kernel/sysctl.c: fix out-of-bounds access when setting file-max (bsc#1051510). - kernfs: do not set dentry->d_fsdata (boo#1133115). - KEYS: always initialize keyring_index_key::desc_len (bsc#1051510). - KEYS: user: Align the payload buffer (bsc#1051510). - KVM: Call kvm_arch_memslots_updated() before updating memslots (bsc#1132563). - KVM: Fix kABI for AMD SMAP Errata workaround (bsc#1133149). - KVM: Fix UAF in nested posted interrupt processing (bsc#1134199). - KVM: nVMX: Apply addr size mask to effective address for VMX instructions (bsc#1132561). - KVM: nVMX: Clear reserved bits of #DB exit qualification (bsc#1134200). - KVM: nVMX: Ignore limit checks on VMX instructions using flat segments (bsc#1132564). - KVM: nVMX: restore host state in nested_vmx_vmexit for VMFail (bsc#1134201). - KVM: nVMX: Sign extend displacements of VMX instr's mem operands (bsc#1132562). - KVM: PPC: Book3S HV: Fix race between kvm_unmap_hva_range and MMU mode switch (bsc#1061840). - KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bsc#1133149). - KVM: VMX: Compare only a single byte for VMCS' "launched" in vCPU-run (bsc#1132555). - KVM: VMX: Zero out *all* general purpose registers after VM-Exit (bsc#1134202). - KVM: x86: Always use 32-bit SMRAM save state for 32-bit kernels (bsc#1134203). - KVM: x86: Do not clear EFER during SMM transitions for 32-bit vCPU (bsc#1134204). - KVM: x86: Emulate MSR_IA32_ARCH_CAPABILITIES on AMD hosts (bsc#1114279). - KVM: x86/mmu: Detect MMIO generation wrap in any address space (bsc#1132570). - KVM: x86/mmu: Do not cache MMIO accesses while memslots are in flux (bsc#1132571). - kvm: x86: Report STIBP on GET_SUPPORTED_CPUID (bsc#1111331). - KVM: x86: svm: make sure NMI is injected after nmi_singlestep (bsc#1134205). - leds: avoid races with workqueue (bsc#1051510). - leds: pca9532: fix a potential NULL pointer dereference (bsc#1051510). - lib: add crc64 calculation routines (bsc#1130972). - libata: fix using DMA buffers on stack (bsc#1051510). - lib: do not depend on linux headers being installed (bsc#1130972). - lightnvm: if LUNs are already allocated fix return (bsc#1085535). - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() (bsc#1051510). - Linux v5.0-rc7: bcm2835 MMC issues (bsc#1070872). - locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (bsc#1111331). - lpfc: validate command in lpfc_sli4_scmd_to_wqidx_distr() (bsc#1129138). - mac80211: do not call driver wake_tx_queue op during reconfig (bsc#1051510). - md: batch flush requests (bsc#1119680). - md: Fix failed allocation of md_register_thread (git-fixes). - md/raid1: do not clear bitmap bits on interrupted recovery (git-fixes). - md/raid5: fix 'out of memory' during raid cache recovery (git-fixes). - media: cx18: update *pos correctly in cx18_read_pos() (bsc#1051510). - media: cx23885: check allocation return (bsc#1051510). - media: davinci-isif: avoid uninitialized variable use (bsc#1051510). - media: ivtv: update *pos correctly in ivtv_read_pos() (bsc#1051510). - media: mt9m111: set initial frame size other than 0x0 (bsc#1051510). - media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510). - media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bsc#1051510). - media: ov2659: fix unbalanced mutex_lock/unlock (bsc#1051510). - media: pvrusb2: Prevent a buffer overflow (bsc#1129770). - media: s5p-g2d: Correct return type for mem2mem buffer helpers (bsc#1051510). - media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bsc#1051510). - media: serial_ir: Fix use-after-free in serial_ir_init_module (bsc#1051510). - media: sh_veu: Correct return type for mem2mem buffer helpers (bsc#1051510). - media: tw5864: Fix possible NULL pointer dereference in tw5864_handle_frame (bsc#1051510). - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bsc#1051510). - media: wl128x: Fix an error code in fm_download_firmware() (bsc#1051510). - media: wl128x: prevent two potential buffer overflows (bsc#1051510). - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S (bsc#1051510). - missing barriers in some of unix_sock ->addr and ->path accesses (networking-stable-19_03_15). - mmc: core: fix possible use after free of host (bsc#1051510). - mmc: davinci: remove extraneous __init annotation (bsc#1051510). - mmc: sdhci: Fix data command CRC error handling (bsc#1051510). - mmc: sdhci: Handle auto-command errors (bsc#1051510). - mmc: sdhci: Rename SDHCI_ACMD12_ERR and SDHCI_INT_ACMD12ERR (bsc#1051510). - mmc: tmio_mmc_core: do not claim spurious interrupts (bsc#1051510). - mm/debug.c: fix __dump_page when mapping->host is not set (bsc#1131934). - mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() (bsc#1126740). - mm/page_isolation.c: fix a wrong flag in set_migratetype_isolate() (bsc#1131935). - mm/vmalloc: fix size check for remap_vmalloc_range_partial() (bsc#1133825). - mpls: Return error for RTA_GATEWAY attribute (networking-stable-19_03_07). - mt7601u: bump supported EEPROM version (bsc#1051510). - mtd: docg3: fix a possible memory leak of mtd->name (bsc#1051510). - mtd: docg3: Fix passing zero to 'PTR_ERR' warning in doc_probe_device (bsc#1051510). - mtd: nand: omap: Fix comment in platform data using wrong Kconfig symbol (bsc#1051510). - mtd: part: fix incorrect format specifier for an unsigned long long (bsc#1051510). - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bsc#1129770). - mwifiex: do not advertise IBSS features without FW support (bsc#1129770). - mwifiex: Fix mem leak in mwifiex_tm_cmd (bsc#1051510). - mwifiex: prevent an array overflow (bsc#1051510). - mwl8k: Fix rate_idx underflow (bsc#1051510). - net: Add header for usage of fls64() (networking-stable-19_02_20). - net: Add __icmp_send helper (networking-stable-19_03_07). - net: avoid false positives in untrusted gso validation (git-fixes). - net: avoid skb_warn_bad_offload on IS_ERR (git-fixes). - net: avoid use IPCB in cipso_v4_error (networking-stable-19_03_07). - net: bridge: add vlan_tunnel to bridge port policies (git-fixes). - net: bridge: fix per-port af_packet sockets (git-fixes). - net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (git-fixes). - net: datagram: fix unbounded loop in __skb_try_recv_datagram() (git-fixes). - net: Do not allocate page fragments that are not skb aligned (networking-stable-19_02_20). - net: dsa: legacy: do not unmask port bitmaps (git-fixes). - net: dsa: mv88e6xxx: Fix u64 statistics (networking-stable-19_03_07). - netfilter: bridge: ebt_among: add missing match size checks (git-fixes). - netfilter: bridge: ebt_among: add more missing match size checks (git-fixes). - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (git-fixes). - netfilter: drop template ct when conntrack is skipped (git-fixes). - netfilter: ip6t_MASQUERADE: add dependency on conntrack module (git-fixes). - netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() (git-fixes). - netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (git-fixes). - netfilter: nf_socket: Fix out of bounds access in nf_sk_lookup_slow_v{4,6} (git-fixes). - netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target} (git-fixes). - netfilter: x_tables: fix int overflow in xt_alloc_table_info() (git-fixes). - net: Fix for_each_netdev_feature on Big endian (networking-stable-19_02_20). - net: fix IPv6 prefix route residue (networking-stable-19_02_20). - net: Fix untag for vlan packets without ethernet header (git-fixes). - net: Fix vlan untag for bridge and vlan_dev with reorder_hdr off (git-fixes). - net/hsr: Check skb_put_padto() return value (git-fixes). - net: hsr: fix memory leak in hsr_dev_finalize() (networking-stable-19_03_15). - net/hsr: fix possible crash in add_timer() (networking-stable-19_03_15). - net/ibmvnic: Update carrier state after link state change (bsc#1135100). - net/ibmvnic: Update MAC address settings after adapter reset (bsc#1134760). - netlabel: fix out-of-bounds memory accesses (networking-stable-19_03_07). - netlink: fix nla_put_{u8,u16,u32} for KASAN (git-fixes). - net/mlx5e: Do not overwrite pedit action when multiple pedit used (networking-stable-19_02_24). - net: nfc: Fix NULL dereference on nfc_llcp_build_tlv fails (networking-stable-19_03_07). - net/packet: fix 4gb buffer limit due to overflow check (networking-stable-19_02_24). - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec (git-fixes). - net_sched: acquire RTNL in tc_action_net_exit() (git-fixes). - net_sched: fix two more memory leaks in cls_tcindex (networking-stable-19_02_24). - net: Set rtm_table to RT_TABLE_COMPAT for ipv6 for tables > 255 (networking-stable-19_03_15). - net: sit: fix memory leak in sit_init_net() (networking-stable-19_03_07). - net: sit: fix UBSAN Undefined behaviour in check_6rd (networking-stable-19_03_15). - net: socket: set sock->sk to NULL after calling proto_ops::release() (networking-stable-19_03_07). - net: validate untrusted gso packets without csum offload (networking-stable-19_02_20). - net/x25: fix a race in x25_bind() (networking-stable-19_03_15). - net/x25: fix use-after-free in x25_device_event() (networking-stable-19_03_15). - net/x25: reset state in x25_connect() (networking-stable-19_03_15). - net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms() (git-fixes). - NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bsc#1051510). - NFS: Add missing encode / decode sequence_maxsz to v4.2 operations (git-fixes). - nfsd4: catch some false session retries (git-fixes). - nfsd4: fix cached replies to solo SEQUENCE compounds (git-fixes). - NFS: Do not recoalesce on error in nfs_pageio_complete_mirror() (git-fixes). - NFS: Do not use page_file_mapping after removing the page (git-fixes). - NFS: Fix an I/O request leakage in nfs_do_recoalesce (git-fixes). - NFS: Fix a soft lockup in the delegation recovery code (git-fixes). - NFS: Fix a typo in nfs_init_timeout_values() (git-fixes). - NFS: Fix dentry revalidation on NFSv4 lookup (bsc#1132618). - NFS: Fix I/O request leakages (git-fixes). - NFS: fix mount/umount race in nlmclnt (git-fixes). - NFS/pnfs: Bulk destroy of layouts needs to be safe w.r.t. umount (git-fixes). - NFSv4.1 do not free interrupted slot on open (git-fixes). - NFSv4.1: Reinitialise sequence results before retransmitting a request (git-fixes). - NFSv4/flexfiles: Fix invalid deref in FF_LAYOUT_DEVID_NODE() (git-fixes). - nvme: add proper discard setup for the multipath device (bsc#1114638). - nvme: fix the dangerous reference of namespaces list (bsc#1131673). - nvme: make sure ns head inherits underlying device limits (bsc#1131673). - nvme-multipath: avoid crash on invalid subsystem cntlid enumeration (bsc#1129273). - nvme-multipath: split bios with the ns_head bio_set before submitting (bsc#1103259, bsc#1131673). - nvme: only reconfigure discard if necessary (bsc#1114638). - ocfs2: fix inode bh swapping mixup in ocfs2_reflink_inodes_lock (bsc#1131169). - ocfs2: turn on OCFS2_FS_STATS setting(bsc#1134393) We need to turn on OCFS2_FS_STATS kernel configuration setting, to fix bsc#1134393. - omapfb: add missing of_node_put after of_device_is_available (bsc#1051510). - openvswitch: add seqadj extension when NAT is used (bsc#1051510). - openvswitch: fix flow actions reallocation (bsc#1051510). - packet: validate msg_namelen in send directly (git-fixes). - PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bsc#1051510). - PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable (bsc#1051510). - PCI: pciehp: Convert to threaded IRQ (bsc#1133005). - PCI: pciehp: Ignore Link State Changes after powering off a slot (bsc#1133005). - phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bsc#1051510). - phy: sun4i-usb: Support set_mode to USB_HOST for non-OTG PHYs (bsc#1051510). - platform/x86: alienware-wmi: printing the wrong error code (bsc#1051510). - platform/x86: dell-rbtn: Add missing #include (bsc#1051510). - platform/x86: intel_pmc_ipc: adding error handling (bsc#1051510). - platform/x86: intel_punit_ipc: Revert "Fix resource ioremap warning" (bsc#1051510). - platform/x86: pmc_atom: Drop __initconst on dmi table (bsc#1051510). - platform/x86: sony-laptop: Fix unintentional fall-through (bsc#1051510). - powerpc/64: Call setup_barrier_nospec() from setup_arch() (bsc#1131107). - powerpc/64: Disable the speculation barrier from the command line (bsc#1131107). - powerpc64/ftrace: Include ftrace.h needed for enable/disable calls (bsc#1088804, git-fixes). - powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (bsc#1131107). - powerpc/64s: Add new security feature flags for count cache flush (bsc#1131107). - powerpc/64s: Add support for software count cache flush (bsc#1131107). - powerpc/64s: Fix logic when handling unknown CPU features (bsc#1055117). - powerpc/64s: Fix page table fragment refcount race vs speculative references (bsc#1131326, bsc#1108937). - powerpc/asm: Add a patch_site macro & helpers for patching instructions (bsc#1131107). - powerpc: avoid -mno-sched-epilog on GCC 4.9 and newer (bsc#1065729). - powerpc: consolidate -mno-sched-epilog into FTRACE flags (bsc#1065729). - powerpc: Fix 32-bit KVM-PR lockup and host crash with MacOS guest (bsc#1061840). - powerpc/fsl: Fix spectre_v2 mitigations reporting (bsc#1131107). - powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bsc#1131900). - powerpc/kvm: Save and restore host AMR/IAMR/UAMOR (bsc#1061840). - powerpc/mm: Add missing tracepoint for tlbie (bsc#1055117, git-fixes). - powerpc/mm: Check secondary hash page table (bsc#1065729). - powerpc/mm: Fix page table dump to work on Radix (bsc#1055186, git-fixes). - powerpc/mm/hash: Handle mmap_min_addr correctly in get_unmapped_area topdown search (bsc#1131900). - powerpc/mm/radix: Display if mappings are exec or not (bsc#1055186, git-fixes). - powerpc/mm/radix: Prettify mapped memory range print out (bsc#1055186, git-fixes). - powerpc/numa: document topology_updates_enabled, disable by default (bsc#1133584). - powerpc/numa: improve control of topology updates (bsc#1133584). - powerpc/perf: Fix unit_sel/cache_sel checks (bsc#1053043). - powerpc/perf: Remove l2 bus events from HW cache event array (bsc#1053043). - powerpc/powernv/cpuidle: Init all present cpus for deep states (bsc#1055121). - powerpc/powernv: Do not reprogram SLW image on every KVM guest entry/exit (bsc#1061840). - powerpc/powernv/ioda2: Remove redundant free of TCE pages (bsc#1061840). - powerpc/powernv/ioda: Allocate indirect TCE levels of cached userspace addresses on demand (bsc#1061840). - powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bsc#1061840). - powerpc/powernv: Make opal log only readable by root (bsc#1065729). - powerpc/powernv: Query firmware for count cache flush settings (bsc#1131107). - powerpc/powernv: Remove never used pnv_power9_force_smt4 (bsc#1061840). - powerpc/pseries: Query hypervisor for count cache flush settings (bsc#1131107). - powerpc/security: Fix spectre_v2 reporting (bsc#1131107). - powerpc/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bsc#1131587). - powerpc/vdso64: Fix CLOCK_MONOTONIC inconsistencies across Y2038 (bsc#1131587). - proc/kcore: do not bounds check against address 0 (bsc#1051510). - proc: revalidate kernel thread inodes to root:root (bsc#1051510). - proc/sysctl: fix return error for proc_doulongvec_minmax() (bsc#1051510). - pwm: Fix deadlock warning when removing PWM device (bsc#1051510). - pwm: meson: Consider 128 a valid pre-divider (bsc#1051510). - pwm: meson: Do not disable PWM when setting duty repeatedly (bsc#1051510). - pwm: meson: Use the spin-lock only to protect register modifications (bsc#1051510). - pwm: tiehrpwm: Update shadow register for disabling PWMs (bsc#1051510). - qla2xxx: allow irqbalance control in non-MQ mode (bsc#1128979). - qla2xxx: always allocate qla_tgt_wq (bsc#1131451). - qmi_wwan: add Olicard 600 (bsc#1051510). - qmi_wwan: Add support for Quectel EG12/EM12 (networking-stable-19_03_07). - RAS/CEC: Check the correct variable in the debugfs error handling (bsc#1085535). - ravb: Decrease TxFIFO depth of Q3 and Q2 to one (networking-stable-19_03_15). - rdma/cxgb4: Add support for 64Byte cqes (bsc#1127371). - rdma/cxgb4: Add support for kernel mode SRQ's (bsc#1127371). - rdma/cxgb4: Add support for srq functions & structs (bsc#1127371). - rdma/cxgb4: fix some info leaks (bsc#1127371). - RDMA/cxgb4: Make c4iw_poll_cq_one() easier to analyze (bsc#1127371). - rdma/cxgb4: Remove a set-but-not-used variable (bsc#1127371). - RDMA/iw_cxgb4: Drop __GFP_NOFAIL (bsc#1127371). - rds: fix refcount bug in rds_sock_addref (git-fixes). - rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete (git-fixes). - Re-export snd_cards for kABI compatibility (bsc#1051510). - regulator: tps65086: Fix tps65086_ldoa1_ranges for selector 0xB (bsc#1051510). - Revert "ALSA: seq: Protect in-kernel ioctl calls with mutex" (bsc#1051510). - Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (bsc#1110946, bsc#1119843). - Revert "drm/sun4i: rgb: Change the pixel clock validation check (bnc#1113722)" - Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (bsc#1110946). - Revert "tty: pty: Fix race condition between release_one_tty and pty_write" (bsc#1051510). - ring-buffer: Check if memory is available before allocation (bsc#1132531). - route: set the deleted fnhe fnhe_daddr to 0 in ip_del_fnhe to fix a race (networking-stable-19_03_15). - rt2x00: do not increment sequence number while re-transmitting (bsc#1051510). - rtlwifi: rtl8723ae: Fix missing break in switch statement (bsc#1051510). - rxrpc: Do not release call mutex on error pointer (git-fixes). - rxrpc: Do not treat call aborts as conn aborts (git-fixes). - rxrpc: Fix client call queueing, waiting for channel (networking-stable-19_03_15). - rxrpc: Fix Tx ring annotation after initial Tx failure (git-fixes). - s390/dasd: fix panic for failed online processing (bsc#1132589). - s390/pkey: move pckmo subfunction available checks away from module init (bsc#1128544). - s390/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bsc#1051510). - sc16is7xx: move label 'err_spi' to correct section (bsc#1051510). - sc16is7xx: put err_spi and err_i2c into correct #ifdef (bsc#1051510). - scripts: override locale from environment when running recordmcount.pl (bsc#1134354). - scsi: libsas: allocate sense buffer for bsg queue (bsc#1131467). - scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (bsc#1130579). - scsi: qla2xxx: Fix panic in qla_dfs_tgt_counters_show (bsc#1132044). - sctp: call gso_reset_checksum when computing checksum in sctp_gso_segment (networking-stable-19_02_24). - sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune (git-fixes). - sctp: set frag_point in sctp_setsockopt_maxseg correctly` (git-fixes). - selinux: use kernel linux/socket.h for genheaders and mdp (bsc#1134810). - serial: 8250_pxa: honor the port number from devicetree (bsc#1051510). - serial: ar933x_uart: Fix build failure with disabled console (bsc#1051510). - serial: max310x: Fix to avoid potential NULL pointer dereference (bsc#1051510). - serial: sh-sci: Fix setting SCSCR_TIE while transferring data (bsc#1051510). - serial: uartps: console_setup() can't be placed to init section (bsc#1051510). - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach() (networking-stable-19_02_24). - SoC: imx-sgtl5000: add missing put_device() (bsc#1051510). - soc: qcom: gsbi: Fix error handling in gsbi_probe() (bsc#1051510). - soc/tegra: fuse: Fix illegal free of IO base address (bsc#1051510). - soc/tegra: pmc: Drop locking from tegra_powergate_is_powered() (bsc#1051510). - spi: a3700: Clear DATA_OUT when performing a read (bsc#1051510). - spi: bcm2835aux: fix driver to not allow 65535 (=-1) cs-gpios (bsc#1051510). - spi: bcm2835aux: setup gpio-cs to output and correct level during setup (bsc#1051510). - spi: bcm2835aux: warn in dmesg that native cs is not really supported (bsc#1051510). - spi: rspi: Fix sequencer reset during initialization (bsc#1051510). - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bsc#1051510). - staging: comedi: ni_usb6501: Fix possible double-free of ->usb_rx_buf (bsc#1051510). - staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bsc#1051510). - staging: comedi: vmk80xx: Fix possible double-free of ->usb_rx_buf (bsc#1051510). - staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bsc#1051510). - staging: iio: ad7192: Fix ad7193 channel address (bsc#1051510). - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bsc#1051510). - staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bsc#1051510). - staging: vt6655: Fix interrupt race condition on device start up (bsc#1051510). - staging: vt6655: Remove vif check from vnt_interrupt (bsc#1051510). - stm class: Fix an endless loop in channel allocation (bsc#1051510). - stm class: Fix channel free in stm output free path (bsc#1051510). - stm class: Prevent division by zero (bsc#1051510). - sunrpc/cache: handle missing listeners better (bsc#1126221). - sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (git-fixes). - supported.conf: Add openvswitch to kernel-default-base (bsc#1124839). - supported.conf: Add vxlan to kernel-default-base (bsc#1132083). - supported.conf: dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574). - svm/avic: Fix invalidate logical APIC id entry (bsc#1132726). - svm: Fix AVIC DFR and LDR handling (bsc#1132558). - sysctl: handle overflow for file-max (bsc#1051510). - tcp: fix TCP_REPAIR_QUEUE bound checking (git-fixes). - tcp: tcp_v4_err() should be more careful (networking-stable-19_02_20). - thermal/int340x_thermal: Add additional UUIDs (bsc#1051510). - thermal/int340x_thermal: fix mode setting (bsc#1051510). - tipc: fix race condition causing hung sendto (networking-stable-19_03_07). - tpm: Fix the type of the return value in calc_tpm2_event_size() (bsc#1082555). - tracing: Fix a memory leak by early error exit in trace_pid_write() (bsc#1133702). - tracing: Fix buffer_ref pipe ops (bsc#1133698). - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account (bsc#1132527). - tty: atmel_serial: fix a potential NULL pointer dereference (bsc#1051510). - tty: increase the default flip buffer limit to 2*640K (bsc#1051510). - tty: pty: Fix race condition between release_one_tty and pty_write (bsc#1051510). - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bsc#1051510). - tun: fix blocking read (networking-stable-19_03_07). - tun: remove unnecessary memory barrier (networking-stable-19_03_07). - UAS: fix alignment of scatter/gather segments (bsc#1129770). - udf: Fix crash on IO error during truncate (bsc#1131175). - usb: cdc-acm: fix unthrottle races (bsc#1051510). - usb: chipidea: Grab the (legacy) USB PHY by phandle first (bsc#1051510). - usb: core: Fix bug caused by duplicate interface PM usage counter (bsc#1051510). - usb: core: Fix unterminated string returned by usb_string() (bsc#1051510). - usb: dwc3: Fix default lpm_nyet_threshold value (bsc#1051510). - usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bsc#1051510). - usb: gadget: net2272: Fix net2272_dequeue() (bsc#1051510). - usb: gadget: net2280: Fix net2280_dequeue() (bsc#1051510). - usb: gadget: net2280: Fix overrun of OUT messages (bsc#1051510). - usb: host: xhci-rcar: Add XHCI_TRUST_TX_LENGTH quirk (bsc#1051510). - usb: mtu3: fix EXTCON dependency (bsc#1051510). - usb: serial: cp210x: add new device id (bsc#1051510). - usb: serial: cp210x: fix GPIO in autosuspend (bsc#1120902). - usb: serial: f81232: fix interrupt worker not stop (bsc#1051510). - usb: serial: fix unthrottle races (bsc#1051510). - usb: serial: ftdi_sio: add additional NovaTech products (bsc#1051510). - usb: serial: option: add Olicard 600 (bsc#1051510). - usb: serial: option: add support for Quectel EM12 (bsc#1051510). - usb-storage: Set virt_boundary_mask to avoid SG overflows (bsc#1051510). - usb: u132-hcd: fix resource leak (bsc#1051510). - usb: usb251xb: fix to avoid potential NULL pointer dereference (bsc#1051510). - usb: usbip: fix isoc packet num validation in get_pipe (bsc#1051510). - usb: w1 ds2490: Fix bug caused by improper use of altsetting array (bsc#1051510). - usb: yurex: Fix protection fault after device removal (bsc#1051510). - vfio/mdev: Avoid release parent reference during error path (bsc#1051510). - vfio/mdev: Fix aborting mdev child device removal if one fails (bsc#1051510). - vfio_pci: Enable memory accesses before calling pci_map_rom (bsc#1051510). - vfio/pci: use correct format characters (bsc#1051510). - vfs: allow dedupe of user owned read-only files (bsc#1133778, bsc#1132219). - vfs: avoid problematic remapping requests into partial EOF block (bsc#1133850, bsc#1132219). - vfs: dedupe: extract helper for a single dedup (bsc#1133769, bsc#1132219). - vfs: dedupe should return EPERM if permission is not granted (bsc#1133779, bsc#1132219). - vfs: exit early from zero length remap operations (bsc#1132411, bsc#1132219). - vfs: export vfs_dedupe_file_range_one() to modules (bsc#1133772, bsc#1132219). - vfs: limit size of dedupe (bsc#1132397, bsc#1132219). - vfs: rename clone_verify_area to remap_verify_area (bsc#1133852, bsc#1132219). - vfs: skip zero-length dedupe requests (bsc#1133851, bsc#1132219). - vfs: swap names of {do,vfs}_clone_file_range() (bsc#1133774, bsc#1132219). - vfs: vfs_clone_file_prep_inodes should return EINVAL for a clone from beyond EOF (bsc#1133780, bsc#1132219). - vhost/vsock: fix reset orphans race with close timeout (bsc#1051510). - video: fbdev: Set pixclock = 0 in goldfishfb (bsc#1051510). - virtio-blk: limit number of hw queues by nr_cpu_ids (bsc#1051510). - virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bsc#1051510). - virtio_pci: fix a NULL pointer reference in vp_del_vqs (bsc#1051510). - vsock/virtio: fix kernel panic after device hot-unplug (bsc#1051510). - vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (bsc#1051510). - vsock/virtio: reset connected sockets on device removal (bsc#1051510). - vxlan: test dev->flags & IFF_UP before calling netif_rx() (networking-stable-19_02_20). - wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bsc#1051510). - wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bsc#1051510). - x86/cpu: Sanitize FAM6_ATOM naming (bsc#1111331). - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bsc#1111331). - x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bsc#1132572). - x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bsc#1111331). - x86/MCE/AMD, EDAC/mce_amd: Add new error descriptions for some SMCA bank types (bsc#1128415). - x86/MCE/AMD, EDAC/mce_amd: Add new McaTypes for CS, PSP, and SMU units (bsc#1128415). - x86/MCE/AMD, EDAC/mce_amd: Add new MP5, NBIO, and PCIE SMCA bank types (bsc#1128415). - x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type (bsc#1128415). - x86/mce/AMD: Pass the bank number to smca_get_bank_type() (bsc#1128415). - x86/MCE: Fix kABI for new AMD bank names (bsc#1128415). - x86/mce: Handle varying MCA bank counts (bsc#1128415). - x86/msr-index: Cleanup bit defines (bsc#1111331). - x86/PCI: Fixup RTIT_BAR of Intel Denverton Trace Hub (bsc#1120318). - x86/speculation: Consolidate CPU whitelists (bsc#1111331). - x86/speculation/mds: Add basic bug infrastructure for MDS (bsc#1111331). - x86/speculation/mds: Add BUG_MSBDS_ONLY (bsc#1111331). - x86/speculation/mds: Add mds_clear_cpu_buffers() (bsc#1111331). - x86/speculation/mds: Add mds=full,nosmt cmdline option (bsc#1111331). - x86/speculation/mds: Add mitigation control for MDS (bsc#1111331). - x86/speculation/mds: Add mitigation mode VMWERV (bsc#1111331). - x86/speculation/mds: Add 'mitigations=' support for MDS (bsc#1111331). - x86/speculation/mds: Add SMT warning message (bsc#1111331). - x86/speculation/mds: Add sysfs reporting for MDS (bsc#1111331). - x86/speculation/mds: Clear CPU buffers on exit to user (bsc#1111331). - x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bsc#1111331). - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bsc#1111331). - x86/speculation: Move arch_smt_update() call to after mitigation decisions (bsc#1111331). - x86/speculation: Prevent deadlock on ssb_state::lock (bsc#1114279). - x86/speculation: Simplify the CPU bug detection logic (bsc#1111331). - x86/speculation: Support 'mitigations=' cmdline option (bsc#1112178). - x86/tsc: Force inlining of cyc2ns bits (bsc#1052904). - xen-netback: do not populate the hash cache on XenBus disconnect (networking-stable-19_03_07). - xen-netback: fix occasional leak of grant ref mappings under memory pressure (networking-stable-19_03_07). - xen: Prevent buffer overflow in privcmd ioctl (bsc#1065600). - xfrm: do not call rcu_read_unlock when afinfo is NULL in xfrm_get_tos (git-fixes). - xfrm: Fix ESN sequence number handling for IPsec GSO packets (git-fixes). - xfrm: fix rcu_read_unlock usage in xfrm_local_error (git-fixes). - xfrm: Fix stack-out-of-bounds read on socket policy lookup (git-fixes). - xfrm: fix xfrm_do_migrate() with AEAD e.g(AES-GCM) (git-fixes). - xfrm: Return error on unknown encap_type in init_state (git-fixes). - xfs: add the ability to join a held buffer to a defer_ops (bsc#1133674). - xfs: allow xfs_lock_two_inodes to take different EXCL/SHARED modes (bsc#1132370, bsc#1132219). - xfs: call xfs_qm_dqattach before performing reflink operations (bsc#1132368, bsc#1132219). - xfs: cap the length of deduplication requests (bsc#1132373, bsc#1132219). - xfs: clean up xfs_reflink_remap_blocks call site (bsc#1132413, bsc#1132219). - xfs: detect and fix bad summary counts at mount (bsc#1114427). - xfs: fix data corruption w/ unaligned dedupe ranges (bsc#1132405, bsc#1132219). - xfs: fix data corruption w/ unaligned reflink ranges (bsc#1132407, bsc#1132219). - xfs: fix pagecache truncation prior to reflink (bsc#1132412, bsc#1132219). - xfs: fix reporting supported extra file attributes for statx() (bsc#1133529). - xfs: flush removing page cache in xfs_reflink_remap_prep (bsc#1132414, bsc#1132219). - xfs: hold xfs_buf locked between shortform->leaf conversion and the addition of an attribute (bsc#1133675). - xfs: kill meaningless variable 'zero' (bsc#1106011). - xfs: only grab shared inode locks for source file during reflink (bsc#1132372, bsc#1132219). - xfs: prepare xfs_break_layouts() for another layout type (bsc#1106011). - xfs: prepare xfs_break_layouts() to be called with XFS_MMAPLOCK_EXCL (bsc#1106011). - xfs: refactor clonerange preparation into a separate helper (bsc#1132402, bsc#1132219). - xfs: refactor xfs_trans_roll (bsc#1133667). - xfs: reflink find shared should take a transaction (bsc#1132226, bsc#1132219). - xfs: reflink should break pnfs leases before sharing blocks (bsc#1132369, bsc#1132219). - xfs: remove dest file's post-eof preallocations before reflinking (bsc#1132365, bsc#1132219). - xfs: remove the ip argument to xfs_defer_finish (bsc#1133672). - xfs: remove xfs_zero_range (bsc#1106011). - xfs: rename xfs_defer_join to xfs_defer_ijoin (bsc#1133668). - xfs: update ctime and remove suid before cloning files (bsc#1132404, bsc#1132219). - xfs: zero posteof blocks when cloning above eof (bsc#1132403, bsc#1132219). - xhci: Do not let USB3 ports stuck in polling state prevent suspend (bsc#1051510). - xhci: Fix port resume done detection for SS ports with LPM enabled (bsc#1051510). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1404=1 Package List: - openSUSE Leap 15.0 (noarch): kernel-devel-4.12.14-lp150.12.61.1 kernel-docs-4.12.14-lp150.12.61.1 kernel-docs-html-4.12.14-lp150.12.61.1 kernel-macros-4.12.14-lp150.12.61.1 kernel-source-4.12.14-lp150.12.61.1 kernel-source-vanilla-4.12.14-lp150.12.61.1 - openSUSE Leap 15.0 (x86_64): kernel-debug-4.12.14-lp150.12.61.1 kernel-debug-base-4.12.14-lp150.12.61.1 kernel-debug-base-debuginfo-4.12.14-lp150.12.61.1 kernel-debug-debuginfo-4.12.14-lp150.12.61.1 kernel-debug-debugsource-4.12.14-lp150.12.61.1 kernel-debug-devel-4.12.14-lp150.12.61.1 kernel-debug-devel-debuginfo-4.12.14-lp150.12.61.1 kernel-default-4.12.14-lp150.12.61.1 kernel-default-base-4.12.14-lp150.12.61.1 kernel-default-base-debuginfo-4.12.14-lp150.12.61.1 kernel-default-debuginfo-4.12.14-lp150.12.61.1 kernel-default-debugsource-4.12.14-lp150.12.61.1 kernel-default-devel-4.12.14-lp150.12.61.1 kernel-default-devel-debuginfo-4.12.14-lp150.12.61.1 kernel-kvmsmall-4.12.14-lp150.12.61.1 kernel-kvmsmall-base-4.12.14-lp150.12.61.1 kernel-kvmsmall-base-debuginfo-4.12.14-lp150.12.61.1 kernel-kvmsmall-debuginfo-4.12.14-lp150.12.61.1 kernel-kvmsmall-debugsource-4.12.14-lp150.12.61.1 kernel-kvmsmall-devel-4.12.14-lp150.12.61.1 kernel-kvmsmall-devel-debuginfo-4.12.14-lp150.12.61.1 kernel-obs-build-4.12.14-lp150.12.61.1 kernel-obs-build-debugsource-4.12.14-lp150.12.61.1 kernel-obs-qa-4.12.14-lp150.12.61.1 kernel-syms-4.12.14-lp150.12.61.1 kernel-vanilla-4.12.14-lp150.12.61.1 kernel-vanilla-base-4.12.14-lp150.12.61.1 kernel-vanilla-base-debuginfo-4.12.14-lp150.12.61.1 kernel-vanilla-debuginfo-4.12.14-lp150.12.61.1 kernel-vanilla-debugsource-4.12.14-lp150.12.61.1 kernel-vanilla-devel-4.12.14-lp150.12.61.1 kernel-vanilla-devel-debuginfo-4.12.14-lp150.12.61.1 References: https://www.suse.com/security/cve/CVE-2018-12126.html https://www.suse.com/security/cve/CVE-2018-12127.html https://www.suse.com/security/cve/CVE-2018-12130.html https://www.suse.com/security/cve/CVE-2018-16880.html https://www.suse.com/security/cve/CVE-2019-11091.html https://www.suse.com/security/cve/CVE-2019-11486.html https://www.suse.com/security/cve/CVE-2019-11815.html https://www.suse.com/security/cve/CVE-2019-11884.html https://www.suse.com/security/cve/CVE-2019-3882.html https://www.suse.com/security/cve/CVE-2019-9003.html https://www.suse.com/security/cve/CVE-2019-9500.html https://www.suse.com/security/cve/CVE-2019-9503.html https://bugzilla.suse.com/1050549 https://bugzilla.suse.com/1051510 https://bugzilla.suse.com/1052904 https://bugzilla.suse.com/1053043 https://bugzilla.suse.com/1055117 https://bugzilla.suse.com/1055121 https://bugzilla.suse.com/1055186 https://bugzilla.suse.com/1061840 https://bugzilla.suse.com/1063638 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1070872 https://bugzilla.suse.com/1082555 https://bugzilla.suse.com/1083647 https://bugzilla.suse.com/1085535 https://bugzilla.suse.com/1085536 https://bugzilla.suse.com/1088804 https://bugzilla.suse.com/1097583 https://bugzilla.suse.com/1097584 https://bugzilla.suse.com/1097585 https://bugzilla.suse.com/1097586 https://bugzilla.suse.com/1097587 https://bugzilla.suse.com/1097588 https://bugzilla.suse.com/1103186 https://bugzilla.suse.com/1103259 https://bugzilla.suse.com/1106011 https://bugzilla.suse.com/1108193 https://bugzilla.suse.com/1108838 https://bugzilla.suse.com/1108937 https://bugzilla.suse.com/1110946 https://bugzilla.suse.com/1111331 https://bugzilla.suse.com/1112063 https://bugzilla.suse.com/1112128 https://bugzilla.suse.com/1112178 https://bugzilla.suse.com/1113722 https://bugzilla.suse.com/1114279 https://bugzilla.suse.com/1114427 https://bugzilla.suse.com/1114542 https://bugzilla.suse.com/1114638 https://bugzilla.suse.com/1119680 https://bugzilla.suse.com/1119843 https://bugzilla.suse.com/1120318 https://bugzilla.suse.com/1120902 https://bugzilla.suse.com/1122767 https://bugzilla.suse.com/1122776 https://bugzilla.suse.com/1124839 https://bugzilla.suse.com/1126221 https://bugzilla.suse.com/1126704 https://bugzilla.suse.com/1126740 https://bugzilla.suse.com/1127175 https://bugzilla.suse.com/1127371 https://bugzilla.suse.com/1127372 https://bugzilla.suse.com/1127374 https://bugzilla.suse.com/1128052 https://bugzilla.suse.com/1128415 https://bugzilla.suse.com/1128544 https://bugzilla.suse.com/1128979 https://bugzilla.suse.com/1129138 https://bugzilla.suse.com/1129273 https://bugzilla.suse.com/1129497 https://bugzilla.suse.com/1129770 https://bugzilla.suse.com/1130195 https://bugzilla.suse.com/1130425 https://bugzilla.suse.com/1130527 https://bugzilla.suse.com/1130567 https://bugzilla.suse.com/1130579 https://bugzilla.suse.com/1130972 https://bugzilla.suse.com/1131107 https://bugzilla.suse.com/1131167 https://bugzilla.suse.com/1131168 https://bugzilla.suse.com/1131169 https://bugzilla.suse.com/1131170 https://bugzilla.suse.com/1131171 https://bugzilla.suse.com/1131172 https://bugzilla.suse.com/1131173 https://bugzilla.suse.com/1131174 https://bugzilla.suse.com/1131175 https://bugzilla.suse.com/1131176 https://bugzilla.suse.com/1131177 https://bugzilla.suse.com/1131178 https://bugzilla.suse.com/1131179 https://bugzilla.suse.com/1131180 https://bugzilla.suse.com/1131290 https://bugzilla.suse.com/1131326 https://bugzilla.suse.com/1131335 https://bugzilla.suse.com/1131336 https://bugzilla.suse.com/1131416 https://bugzilla.suse.com/1131427 https://bugzilla.suse.com/1131442 https://bugzilla.suse.com/1131451 https://bugzilla.suse.com/1131467 https://bugzilla.suse.com/1131488 https://bugzilla.suse.com/1131574 https://bugzilla.suse.com/1131587 https://bugzilla.suse.com/1131659 https://bugzilla.suse.com/1131673 https://bugzilla.suse.com/1131847 https://bugzilla.suse.com/1131848 https://bugzilla.suse.com/1131851 https://bugzilla.suse.com/1131900 https://bugzilla.suse.com/1131934 https://bugzilla.suse.com/1131935 https://bugzilla.suse.com/1132044 https://bugzilla.suse.com/1132083 https://bugzilla.suse.com/1132219 https://bugzilla.suse.com/1132226 https://bugzilla.suse.com/1132227 https://bugzilla.suse.com/1132365 https://bugzilla.suse.com/1132368 https://bugzilla.suse.com/1132369 https://bugzilla.suse.com/1132370 https://bugzilla.suse.com/1132372 https://bugzilla.suse.com/1132373 https://bugzilla.suse.com/1132384 https://bugzilla.suse.com/1132397 https://bugzilla.suse.com/1132402 https://bugzilla.suse.com/1132403 https://bugzilla.suse.com/1132404 https://bugzilla.suse.com/1132405 https://bugzilla.suse.com/1132407 https://bugzilla.suse.com/1132411 https://bugzilla.suse.com/1132412 https://bugzilla.suse.com/1132413 https://bugzilla.suse.com/1132414 https://bugzilla.suse.com/1132426 https://bugzilla.suse.com/1132527 https://bugzilla.suse.com/1132531 https://bugzilla.suse.com/1132555 https://bugzilla.suse.com/1132558 https://bugzilla.suse.com/1132561 https://bugzilla.suse.com/1132562 https://bugzilla.suse.com/1132563 https://bugzilla.suse.com/1132564 https://bugzilla.suse.com/1132570 https://bugzilla.suse.com/1132571 https://bugzilla.suse.com/1132572 https://bugzilla.suse.com/1132589 https://bugzilla.suse.com/1132618 https://bugzilla.suse.com/1132681 https://bugzilla.suse.com/1132726 https://bugzilla.suse.com/1132828 https://bugzilla.suse.com/1132943 https://bugzilla.suse.com/1133005 https://bugzilla.suse.com/1133094 https://bugzilla.suse.com/1133095 https://bugzilla.suse.com/1133115 https://bugzilla.suse.com/1133149 https://bugzilla.suse.com/1133176 https://bugzilla.suse.com/1133188 https://bugzilla.suse.com/1133486 https://bugzilla.suse.com/1133529 https://bugzilla.suse.com/1133584 https://bugzilla.suse.com/1133667 https://bugzilla.suse.com/1133668 https://bugzilla.suse.com/1133672 https://bugzilla.suse.com/1133674 https://bugzilla.suse.com/1133675 https://bugzilla.suse.com/1133698 https://bugzilla.suse.com/1133702 https://bugzilla.suse.com/1133731 https://bugzilla.suse.com/1133769 https://bugzilla.suse.com/1133772 https://bugzilla.suse.com/1133774 https://bugzilla.suse.com/1133778 https://bugzilla.suse.com/1133779 https://bugzilla.suse.com/1133780 https://bugzilla.suse.com/1133825 https://bugzilla.suse.com/1133850 https://bugzilla.suse.com/1133851 https://bugzilla.suse.com/1133852 https://bugzilla.suse.com/1134160 https://bugzilla.suse.com/1134162 https://bugzilla.suse.com/1134199 https://bugzilla.suse.com/1134200 https://bugzilla.suse.com/1134201 https://bugzilla.suse.com/1134202 https://bugzilla.suse.com/1134203 https://bugzilla.suse.com/1134204 https://bugzilla.suse.com/1134205 https://bugzilla.suse.com/1134354 https://bugzilla.suse.com/1134393 https://bugzilla.suse.com/1134459 https://bugzilla.suse.com/1134460 https://bugzilla.suse.com/1134461 https://bugzilla.suse.com/1134537 https://bugzilla.suse.com/1134651 https://bugzilla.suse.com/1134760 https://bugzilla.suse.com/1134810 https://bugzilla.suse.com/1134813 https://bugzilla.suse.com/1134848 https://bugzilla.suse.com/1135006 https://bugzilla.suse.com/1135007 https://bugzilla.suse.com/1135008 https://bugzilla.suse.com/1135100 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1399-1: important: Security update for jakarta-commons-fileupload
by opensuse-security＠opensuse.org 15 May '19

15 May '19

openSUSE Security Update: Security update for jakarta-commons-fileupload ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1399-1 Rating: important References: #1128829 #1128963 Cross-References: CVE-2016-1000031 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for jakarta-commons-fileupload fixes the following issue: Security issue fixed: - CVE-2016-1000031: Fixed remote execution (bsc#1128963, bsc#1128829). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1399=1 Package List: - openSUSE Leap 15.0 (noarch): jakarta-commons-fileupload-1.1.1-lp150.2.3.1 jakarta-commons-fileupload-javadoc-1.1.1-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2016-1000031.html https://bugzilla.suse.com/1128829 https://bugzilla.suse.com/1128963 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1398-1: Security update for bzip2
by opensuse-security＠opensuse.org 15 May '19

15 May '19

openSUSE Security Update: Security update for bzip2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1398-1 Rating: low References: #985657 Cross-References: CVE-2016-3189 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for bzip2 fixes the following issues: Security issue fixed: - CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1398=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): bzip2-1.0.6-lp150.4.3.1 bzip2-debuginfo-1.0.6-lp150.4.3.1 bzip2-debugsource-1.0.6-lp150.4.3.1 libbz2-1-1.0.6-lp150.4.3.1 libbz2-1-debuginfo-1.0.6-lp150.4.3.1 libbz2-devel-1.0.6-lp150.4.3.1 - openSUSE Leap 15.0 (noarch): bzip2-doc-1.0.6-lp150.4.3.1 - openSUSE Leap 15.0 (x86_64): libbz2-1-32bit-1.0.6-lp150.4.3.1 libbz2-1-32bit-debuginfo-1.0.6-lp150.4.3.1 libbz2-devel-32bit-1.0.6-lp150.4.3.1 References: https://www.suse.com/security/cve/CVE-2016-3189.html https://bugzilla.suse.com/985657 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0

[security-announce] openSUSE-SU-2019:1400-1: important: Security update for pacemaker
by opensuse-security＠opensuse.org 15 May '19

15 May '19

openSUSE Security Update: Security update for pacemaker ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1400-1 Rating: important References: #1117381 #1131353 #1131356 #1131357 Cross-References: CVE-2018-16877 CVE-2018-16878 CVE-2019-3885 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for pacemaker fixes the following issues: Security issues fixed: - CVE-2019-3885: Fixed an information disclosure in log output. (bsc#1131357) - CVE-2018-16877: Fixed a local privilege escalation through insufficient IPC client-server authentication. (bsc#1131356) - CVE-2018-16878: Fixed a denial of service through insufficient verification inflicted preference of uncontrolled processes. (bsc#1131353) Non-security issue fixed: - crmd: delete resource from lrmd when appropriate to avoid timeouts with crmsh (bsc#1117381). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1400=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libpacemaker-devel-1.1.18+20180430.b12c320f5-lp150.2.9.1 libpacemaker3-1.1.18+20180430.b12c320f5-lp150.2.9.1 libpacemaker3-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-cli-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-cli-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-debugsource-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-remote-1.1.18+20180430.b12c320f5-lp150.2.9.1 pacemaker-remote-debuginfo-1.1.18+20180430.b12c320f5-lp150.2.9.1 - openSUSE Leap 15.0 (noarch): pacemaker-cts-1.1.18+20180430.b12c320f5-lp150.2.9.1 References: https://www.suse.com/security/cve/CVE-2018-16877.html https://www.suse.com/security/cve/CVE-2018-16878.html https://www.suse.com/security/cve/CVE-2019-3885.html https://bugzilla.suse.com/1117381 https://bugzilla.suse.com/1131353 https://bugzilla.suse.com/1131356 https://bugzilla.suse.com/1131357 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org

1 0