Oval Definition:oval:org.opensuse.security:def:4422
Revision Date:2021-06-09Version:1
Title:Security update for the Linux Kernel (Important)
Description:

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes.



The following security bugs were fixed:

- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values. (bsc#1186111) - CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. (bnc#1186062) - CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges. (bnc#1186060) - CVE-2021-3491: Fixed a potential heap overflow in mem_rw(). This vulnerability is related to the PROVIDE_BUFFERS operation, which allowed the MAX_RW_COUNT limit to be bypassed (bsc#1185642). - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611). - CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances this can be abused to inject arbitrary network packets and/or exfiltrate user data (bnc#1185859). - CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed (bnc#1185859 bnc#1185862). - CVE-2020-26147: The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments, even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used (bnc#1185859). - CVE-2020-26145: An issue was discovered with Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. (bnc#1185860) - CVE-2020-26141: An issue was discovered in the ALFA driver for AWUS036H, where the Message Integrity Check (authenticity) of fragmented TKIP frames was not verified. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. (bnc#1185987) - CVE-2021-23133: Fixed a race condition in SCTP sockets, which could lead to privilege escalation from the context of a network service or an unprivileged process. (bnc#1184675)

The following non-security bugs were fixed:

- ACPI / hotplug / PCI: Fix reference count leak in enable_slot() (git-fixes). - ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes). - ACPI: GTDT: Do not corrupt interrupt mappings on watchdow probe failure (git-fixes). - ACPI: custom_method: fix a possible memory leak (git-fixes). - ACPI: custom_method: fix potential use-after-free issue (git-fixes). - ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383). - ALSA: aloop: Fix initialization of controls (git-fixes). - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (git-fixes). - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect (git-fixes). - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer (git-fixes). - ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices (git-fixes). - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (git-fixes). - ALSA: hdsp: do not disable if not enabled (git-fixes). - ALSA: hdspm: do not disable if not enabled (git-fixes). - ALSA: line6: Fix racy initialization of LINE6 MIDI (git-fixes). - ALSA: rme9652: do not disable if not enabled (git-fixes). - ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes). - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes). - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls (git-fixes). - ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails (git-fixes). - ARM: footbridge: fix PCI interrupt mapping (git-fixes). - ASoC: cs35l33: fix an error code in probe() (git-fixes). - ASoC: cs42l42: Regmap must use_single_read/write (git-fixes). - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes). - ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes). - ASoC: rt286: Generalize support for ALC3263 codec (git-fixes). - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (git-fixes). - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes). - Bluetooth: SMP: Fail if remote and local public keys are identical (git-fixes). - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (git-fixes). - Bluetooth: initialize skb_queue_head at l2cap_chan_create() (git-fixes). - Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185724). - Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185724). - Drivers: hv: vmbus: Use after free in __vmbus_open() (git-fixes). - EDAC/amd64: Gather hardware information early (bsc#1180552). - EDAC/amd64: Make struct amd64_family_type global (bsc#1180552). - EDAC/amd64: Save max number of controllers to family type (bsc#1180552). - HID: alps: fix error return code in alps_input_configured() (git-fixes). - HID: plantronics: Workaround for double volume key presses (git-fixes). - HID: wacom: Assign boolean values to a bool variable (git-fixes). - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (git-fixes). - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices (git-fixes). - Input: i8042 - fix Pegatron C15B ID entry (git-fixes). - Input: nspire-keypad - enable interrupts only when opened (git-fixes). - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state (git-fixes). - KVM: s390: fix guarded storage control register handling (bsc#1133021). - NFC: fix possible resource leak (git-fixes). - NFC: fix resource leak when target index is invalid (git-fixes). - NFC: nci: fix memory leak in nci_allocate_device (git-fixes). - NFSv4: Replace closed stateids with the 'invalid special stateid' (bsc#1185481). - PCI: PM: Do not read power state in pci_enable_device_flags() (git-fixes). - PCI: Release OF node in pci_scan_device()'s error path (git-fixes). - RDMA/hns: Delete redundant condition judgment related to eq (bsc#1104427). - RDMA/srpt: Fix error return code in srpt_cm_req_recv() (bsc#1103992). - SUNRPC in case of backlog, hand free slots directly to waiting task (bsc#1185428). - SUNRPC: More fixes for backlog congestion (bsc#1185428). - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet (git-fixes). - USB: Add reset-resume quirk for WD19's Realtek Hub (git-fixes). - USB: serial: fix return value for unsupported ioctls (git-fixes). - USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes). - USB: trancevibrator: fix control-request direction (git-fixes). - af_packet: fix the tx skb protocol in raw sockets with ETH_P_ALL (bsc#1176081). - ata: libahci_platform: fix IRQ check (git-fixes). - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices (git-fixes). - backlight: journada720: Fix Wmisleading-indentation warning (git-fixes). - batman-adv: Do not always reallocate the fragmentation skb head (git-fixes). - bluetooth: eliminate the potential race condition when removing the HCI controller (git-fixes). - bnxt_en: Fix PCI AER error recovery flow (git-fixes). - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() (bsc#1104745). - bpf: Fix masking negation logic upon negative dst register (git-fixes). - btrfs: fix race between transaction aborts and fsyncs leading to use-after-free (bsc#1186441). - btrfs: fix race when picking most recent mod log operation for an old root (bsc#1186439). - bus: qcom: Put child node before return (git-fixes). - cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes). - cfg80211: scan: drop entry from hidden_list on overflow (git-fixes). - clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes). - clk: fix invalid usage of list cursor in register (git-fixes). - clk: fix invalid usage of list cursor in unregister (git-fixes). - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz (git-fixes). - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 (git-fixes). - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock (git-fixes). - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes). - clk: uniphier: Fix potential infinite loop (git-fixes). - cpufreq: Add NULL checks to show() and store() methods of cpufreq (bsc#1184040). - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown (bsc#1184040). - cpufreq: Kconfig: fix documentation links (git-fixes). - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758). - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (git-fixes). - crypto: qat - Fix a double free in adf_create_ring (git-fixes). - crypto: qat - do not release uninitialized resources (git-fixes). - crypto: qat - fix error path in adf_isr_resource_alloc() (git-fixes). - cxgb4: Fix unintentional sign extension issues (bsc#1064802 bsc#1066129). - dm: fix redundant IO accounting for bios that need splitting (bsc#1183738). - dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes). - docs: kernel-parameters: Add gpio_mockup_named_lines (git-fixes). - docs: kernel-parameters: Move gpio-mockup for alphabetic order (git-fixes). - drivers: net: fix memory leak in atusb_probe (git-fixes). - drivers: net: fix memory leak in peak_usb_create_dev (git-fixes). - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f (git-fixes). - drm/amdgpu: fix NULL pointer dereference (git-fixes). - drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes). - drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes). - drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes). - drm/meson: fix shutdown crash when component not probed (git-fixes). - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (git-fixes). - drm/omap: fix misleading indentation in pixinc() (git-fixes). - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (git-fixes). - drm/radeon: Fix off-by-one power_state index heap overwrite (git-fixes). - drm/radeon: fix copy of uninitialized variable back to userspace (git-fixes). - e1000e: Fix duplicate include guard (git-fixes). - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes). - e1000e: add rtnl_lock() to e1000_reset_task (git-fixes). - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit (bsc#1113431). - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged (git-fixes). - fbdev: zero-fill colormap in fbcmap.c (git-fixes). - ftrace: Handle commands when closing set_ftrace_filter file (git-fixes). - genirq: Reduce irqdebug cacheline bouncing (bsc#1185703 ltc#192641). - gianfar: Handle error code at MAC address change (git-fixes). - gpio: xilinx: Correct kernel doc for xgpio_probe() (git-fixes). - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 (git-fixes). - i2c: cadence: add IRQ check (git-fixes). - i2c: emev2: add IRQ check (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: jz4780: add IRQ check (git-fixes). - i2c: s3c2410: fix possible NULL pointer deref on read message after write (git-fixes). - i2c: sh7760: add IRQ check (git-fixes). - i2c: sh7760: fix IRQ error path (git-fixes). - i40e: Added Asym_Pause to supported link modes (git-fixes). - i40e: Fix PHY type identifiers for 2.5G and 5G adapters (jsc#SLE-4797). - i40e: Fix sparse errors in i40e_txrx.c (git-fixes). - i40e: Fix use-after-free in i40e_client_subtask() (bsc#1101816 ). - i40e: fix broken XDP support (git-fixes). - i40e: fix the panic when running bpf in xdpdrv mode (git-fixes). - i40e: fix the restart auto-negotiation after FEC modified (jsc#SLE-4797). - ibmvfc: Avoid move login if fast fail is enabled (bsc#1185938 ltc#192043). - ibmvfc: Handle move login failure (bsc#1185938 ltc#192043). - ibmvfc: Reinit target retries (bsc#1185938 ltc#192043). - ibmvnic: remove default label from to_string switch (bsc#1152457 ltc#174432 git-fixes). - igb: Fix duplicate include guard (git-fixes). - igb: check timestamp validity (git-fixes). - iio: adc: ad7793: Add missing error code in ad7793_setup() (git-fixes). - iio: gyro: mpu3050: Fix reported temperature value (git-fixes). - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error (git-fixes). - iio: tsl2583: Fix division by a zero lux_val (git-fixes). - intel_th: Consistency and off-by-one fix (git-fixes). - ipmi/watchdog: Stop watchdog timer when the current action is 'none' (bsc#1184855). - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() (git-fixes). - kABI: powerpc/64: add back start_tb and accum_tb to thread_struct. - kabi: preserve struct header_ops after bsc#1176081 fix (bsc#1176081). - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (git-fixes). - liquidio: Fix unintented sign extension of a left shift of a u16 (git-fixes). - mac80211: bail out if cipher schemes are invalid (git-fixes). - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN (git-fixes). - mac80211: clear the beacon's CRC after channel switch (git-fixes). - macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes). - md-cluster: fix use-after-free issue when removing rdev (bsc#1184082). - md/raid1: properly indicate failure when ending a failed write request (bsc#1185680). - md: do not flush workqueue unconditionally in md_open (bsc#1184081). - md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081). - md: md_open returns -EBUSY when entering racing area (bsc#1184081). - md: split mddev_find (bsc#1184081). - media: adv7604: fix possible use-after-free in adv76xx_remove() (git-fixes). - media: dvb-usb: fix memory leak in dvb_usb_adapter_init (git-fixes). - media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes). - media: em28xx: fix memory leak (git-fixes). - media: gspca/sq905.c: fix uninitialized variable (git-fixes). - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() (git-fixes). - media: ite-cir: check for receive overflow (git-fixes). - media: m88rs6000t: avoid potential out-of-bounds reads on arrays (git-fixes). - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs (git-fixes). - media: omap4iss: return error code when omap4iss_get() failed (git-fixes). - mfd: lpc_sch: Partially revert 'Add support for Intel Quark X1000' (git-fixes). - mfd: stm32-timers: Avoid clearing auto reload register (git-fixes). - misc/uss720: fix memory leak in uss720_probe (git-fixes). - misc: lis3lv02d: Fix false-positive WARN on various HP models (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct (git-fixes). - mlxsw: spectrum_mr: Update egress RIF list before route's action (bsc#1112374). - mm: mempolicy: fix potential pte_unmap_unlock pte error (bsc#1185906). - mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bsc#1185906). - mmc: block: Update ext_csd.cache_ctrl if it was written (git-fixes). - mmc: core: Correct descriptions in mmc_of_parse() (git-fixes). - mmc: core: Do a power cycle when the CMD11 fails (git-fixes). - mmc: core: Set read only for SD cards with permanent write protect bit (git-fixes). - mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes). - mt7601u: fix always true expression (git-fixes). - mtd: require write permissions for locking and badblock ioctls (git-fixes). - net, xdp: Update pkt_type if generic XDP changes unicast MAC (bsc#1109837). - net/ethernet: Add parse_protocol header_ops support (bsc#1176081). - net/mlx4_en: update moderation when config reset (git-fixes). - net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes). - net/mlx5e: Remove the wrong assumption about transport offset (bsc#1176081). - net/mlx5e: Trust kernel regarding transport offset (bsc#1176081). - net/packet: Ask driver for protocol if not provided by user (bsc#1176081). - net/packet: Remove redundant skb->protocol set (bsc#1176081). - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (git-fixes). - net: Do not set transport offset to invalid value (bsc#1176081). - net: Introduce parse_protocol header_ops callback (bsc#1176081). - net: enic: Cure the enic api locking trainwreck (git-fixes). - net: hns3: Fix for geneve tx checksum bug (bsc#1104353 ). - net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet() (bsc#1104353). - net: hns3: disable phy loopback setting in hclge_mac_start_phy (bsc#1104353). - net: hns3: fix for vxlan gpe tx checksum bug (bsc#1104353 ). - net: hns3: fix incorrect configuration for igu_egu_hw_err (bsc#1104353). - net: hns3: initialize the message content in hclge_get_link_mode() (bsc#1126390). - net: hns3: use netif_tx_disable to stop the transmit queue (bsc#1104353). - net: phy: intel-xway: enable integrated led functions (git-fixes). - net: qed: RDMA personality shouldn't fail VF load (git-fixes). - net: thunderx: Fix unintentional sign extension issue (git-fixes). - net: usb: fix memory leak in smsc75xx_bind (git-fixes). - netdevice: Add missing IFF_PHONY_HEADROOM self-definition (git-fixes). - netfilter: conntrack: add new sysctl to disable RST check (bsc#1183947 bsc#1185950). - netfilter: conntrack: avoid misleading 'invalid' in log message (bsc#1183947 bsc#1185950). - netfilter: conntrack: improve RST handling when tuple is re-used (bsc#1183947 bsc#1185950). - netfilter: conntrack: tcp: only close if RST matches exact sequence (bsc#1183947 bsc#1185950). - nfc: pn533: prevent potential memory corruption (git-fixes). - nvme-fc: clear q_live at beginning of association teardown (git-fixes). - nvme-loop: Introduce no merge flag for biovec (bsc#1174682). - pata_arasan_cf: fix IRQ check (git-fixes). - pata_ipx4xx_cf: fix IRQ check (git-fixes). - pcnet32: Use pci_resource_len to validate PCI resource (git-fixes). - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally (git-fixes). - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() (git-fixes). - pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes). - pinctrl: lewisburg: Update number of pins in community (git-fixes). - pinctrl: samsung: use 'int' for register masks in Exynos (git-fixes). - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (git-fixes). - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table (git-fixes). - platform/x86: thinkpad_acpi: Correct thermal sensor allocation (git-fixes). - power: supply: Use IRQF_ONESHOT (git-fixes). - power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() (git-fixes). - power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() (git-fixes). - powerpc/64: remove start_tb and accum_tb from thread_struct (bsc#1186487 ltc#177613). - powerpc/64s: Fix crashes when toggling entry flush barrier (bsc#1177666 git-fixes). - powerpc/64s: Fix crashes when toggling stf barrier (bsc#1087082 git-fixes). - powerpc/pseries: lparcfg calculate PURR on demand (bsc#1186487 ltc#177613). - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes). - rsxx: remove extraneous 'const' qualifier (git-fixes). - rtc: ds1307: Fix wday settings for rx8130 (git-fixes). - rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes). - s390/dasd: fix hanging DASD driver unbind (bsc#1183754 LTC#192081). - s390/dasd: fix hanging IO request during DASD driver unbind (bsc#1183754 LTC#192081). - s390/entry: save the caller of psw_idle (bsc#1185677). - s390/kdump: fix out-of-memory with PCI (bsc#1182256 LTC#191375). - sata_mv: add IRQ checks (git-fixes). - scsi: core: Run queue in case of I/O resource contention failure (bsc#1186416). - scsi: libfc: Avoid invoking response handler twice if ep is already completed (bsc#1186573). - scsi: lpfc: Add a option to enable interlocked ABTS before job completion (bsc#1186452). - scsi: lpfc: Add ndlp kref accounting for resume RPI path (bsc#1186452). - scsi: lpfc: Fix 'Unexpected timeout' error in direct attach topology (bsc#1186452). - scsi: lpfc: Fix Node recovery when driver is handling simultaneous PLOGIs (bsc#1186452). - scsi: lpfc: Fix bad memory access during VPD DUMP mailbox command (bsc#1186452). - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (bsc#1186452). - scsi: lpfc: Fix node handling for Fabric Controller and Domain Controller (bsc#1186452). - scsi: lpfc: Fix non-optimized ERSP handling (bsc#1186452). - scsi: lpfc: Fix unreleased RPIs when NPIV ports are created (bsc#1186452). - scsi: lpfc: Ignore GID-FT response that may be received after a link flip (bsc#1186452). - scsi: lpfc: Reregister FPIN types if ELS_RDF is received from fabric controller (bsc#1186452). - scsi: lpfc: Update lpfc version to 12.8.0.10 (bsc#1186452). - scsi: qla2xxx: Prevent PRLI in target mode (git-fixes). - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (git-fixes). - serial: stm32: fix incorrect characters on console (git-fixes). - smc: disallow TCP_ULP in smc_setsockopt() (bsc#1109837). - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes). - spi: dln2: Fix reference leak to master (git-fixes). - spi: omap-100k: Fix reference leak to master (git-fixes). - spi: spi-ti-qspi: Free DMA resources (git-fixes). - staging: emxx_udc: fix loop in _nbu2ss_nuke() (git-fixes). - staging: iio: cdc: ad7746: avoid overwrite of num_channels (git-fixes). - staging: rtl8192u: Fix potential infinite loop (git-fixes). - tcp: fix to update snd_wl1 in bulk receiver fast path (bsc#1185827). - thermal/drivers/ti-soc-thermal/bandgap Remove unused variable 'val' (git-fixes). - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (git-fixes). - tpm: fix error return code in tpm2_get_cc_attrs_tbl() (git-fixes). - tracing: Map all PIDs to command lines (git-fixes). - uio: uio_hv_generic: use devm_kzalloc() for private data alloc (git-fixes). - uio_hv_generic: Fix a memory leak in error handling paths (git-fixes). - uio_hv_generic: Fix another memory leak in error handling paths (git-fixes). - uio_hv_generic: add missed sysfs_remove_bin_file (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes). - usb: dwc3: omap: improve extcon initialization (git-fixes). - usb: fotg210-hcd: Fix an error message (git-fixes). - usb: sl811-hcd: improve misleading indentation (git-fixes). - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS (git-fixes). - usb: xhci: Fix port minor revision (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - vgacon: Record video mode changes with VT_RESIZEX (git-fixes). - video: hyperv_fb: Add ratelimit on error message (bsc#1185724). - vsock/vmci: log once the failed queue pair allocation (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (git-fixes). - xhci: Do not use GFP_KERNEL in (potentially) atomic context (git-fixes). - xsk: Respect device's headroom and tailroom on generic xmit path (bsc#1109837).
Family:unixClass:patch
Status:Reference(s):1044231
1048942
1051510
1051858
1056686
1060463
1064802
1065729
1066129
1071995
1078248
1082635
1087082
1089644
1091041
1101816
1103990
1103991
1103992
1104353
1104427
1104745
1108043
1109837
1111666
1111974
1112178
1112374
1113431
1113722
1113956
1113994
1114279
1114685
1117169
1118661
1119113
1119680
1120853
1120999
1126390
1127354
1127371
1127611
1129770
1131107
1132091
1133021
1134090
1134983
1135966
1135967
1136157
1137223
1137236
1137835
1138039
1140948
1141267
1141895
1142095
1142635
1142924
1143706
1144059
1144333
1146539
1149448
1150466
1151067
1151548
1151900
1152457
1152782
1153628
1153811
1154043
1154058
1154124
1154355
1154526
1154601
1155021
1155689
1155692
1155836
1155897
1155921
1155982
1156187
1156258
1156429
1156466
1156471
1156494
1156510
1156609
1156700
1156729
1156882
1156928
1157032
1157038
1157042
1157044
1157045
1157046
1157049
1157070
1157115
1157143
1157145
1157158
1157160
1157162
1157171
1157173
1157178
1157180
1157182
1157183
1157184
1157191
1157193
1157197
1157298
1157304
1157307
1157324
1157333
1157386
1157424
1157463
1157499
1157678
1157698
1157778
1157908
1158049
1158063
1158064
1158065
1158066
1158067
1158068
1158071
1158082
1158187
1158381
1158394
1158398
1158407
1158410
1158413
1158417
1158427
1158445
1159285
1160659
1161561
1161951
1162928
1162929
1162931
1164078
1164507
1165111
1165404
1165488
1165527
1165528
1165741
1165813
1165873
1165929
1165950
1165980
1165984
1165985
1166003
1166101
1166102
1166103
1166104
1166632
1166658
1166730
1166731
1166732
1166733
1166734
1166735
1168404
1168407
1169066
1169658
1171252
1171254
1171746
1172356
1172437
1172698
1172704
1172798
1172846
1173972
1174543
1174633
1174635
1174638
1174682
1174753
1174817
1175168
1175193
1175194
1175476
1175674
1176081
1177666
1180552
1181383
1182256
1183738
1183754
1183947
1184040
1184081
1184082
1184611
1184675
1184855
1185428
1185481
1185642
1185677
1185680
1185703
1185724
1185758
1185827
1185859
1185860
1185862
1185863
1185898
1185899
1185901
1185906
1185938
1185950
1185987
1186060
1186061
1186062
1186111
1186285
1186390
1186416
1186439
1186441
1186452
1186460
1186484
1186487
1186498
1186573
CVE-2018-1000199
CVE-2019-0154
CVE-2019-10197
CVE-2019-11023
CVE-2019-12779
CVE-2019-14562
CVE-2019-14895
CVE-2019-14901
CVE-2019-15916
CVE-2019-16231
CVE-2019-17055
CVE-2019-18660
CVE-2019-18683
CVE-2019-18805
CVE-2019-18809
CVE-2019-19046
CVE-2019-19049
CVE-2019-19052
CVE-2019-19056
CVE-2019-19057
CVE-2019-19058
CVE-2019-19060
CVE-2019-19062
CVE-2019-19063
CVE-2019-19065
CVE-2019-19067
CVE-2019-19068
CVE-2019-19073
CVE-2019-19074
CVE-2019-19075
CVE-2019-19077
CVE-2019-19078
CVE-2019-19080
CVE-2019-19081
CVE-2019-19082
CVE-2019-19083
CVE-2019-19227
CVE-2019-19524
CVE-2019-19525
CVE-2019-19528
CVE-2019-19529
CVE-2019-19530
CVE-2019-19531
CVE-2019-19534
CVE-2019-19536
CVE-2019-19543
CVE-2019-19768
CVE-2020-10018
CVE-2020-10757
CVE-2020-11793
CVE-2020-12653
CVE-2020-12654
CVE-2020-13844
CVE-2020-14345
CVE-2020-14346
CVE-2020-14347
CVE-2020-14349
CVE-2020-14350
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
CVE-2020-24586
CVE-2020-24587
CVE-2020-26139
CVE-2020-26141
CVE-2020-26145
CVE-2020-26147
CVE-2020-8023
CVE-2020-8647
CVE-2020-8648
CVE-2020-8649
CVE-2020-9383
CVE-2021-23133
CVE-2021-23134
CVE-2021-32399
CVE-2021-33034
CVE-2021-33200
CVE-2021-3491
SUSE-SU-2019:1267-2
SUSE-SU-2019:1791-1
SUSE-SU-2020:0836-1
SUSE-SU-2020:1109-1
SUSE-SU-2020:1126-1
SUSE-SU-2020:1856-1
SUSE-SU-2020:2264-1
SUSE-SU-2020:2326-1
SUSE-SU-2020:2713-1
SUSE-SU-2020:2947-1
SUSE-SU-2021:1913-1
Platform(s):SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Build System Kit 12 SP3
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Live Patching 12 SP4
SUSE Linux Enterprise Live Patching 12 SP5
SUSE Linux Enterprise Module for Advanced Systems Management 12
SUSE Linux Enterprise Module for High Performance Computing 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND Package Information
  • ruby2.1-rubygem-chef-10.32.2-3 is installed
  • OR rubygem-chef-10.32.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND Package Information
  • cups-1.7.5-5 is installed
  • OR cups-ddk-1.7.5-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND Package Information
  • ghostscript-mini-9.15-14 is installed
  • OR ghostscript-mini-devel-9.15-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND Package Information
  • ghostscript-mini-9.15-17 is installed
  • OR ghostscript-mini-devel-9.15-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP3 is installed
  • AND Package Information
  • libreoffice-5.3.5.2-43.5 is installed
  • OR libreoffice-sdk-5.3.5.2-43.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • bzip2-1.0.6-27 is installed
  • OR libbz2-1-1.0.6-27 is installed
  • OR libbz2-1-32bit-1.0.6-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • libX11-6-1.6.2-4 is installed
  • OR libX11-6-32bit-1.6.2-4 is installed
  • OR libX11-data-1.6.2-4 is installed
  • OR libX11-xcb1-1.6.2-4 is installed
  • OR libX11-xcb1-32bit-1.6.2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND SuSEfirewall2-3.6.312.333-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-gd-2.40.1-6.3 is installed
  • OR graphviz-python-2.40.1-6.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed
  • AND
  • libjavascriptcoregtk-4_0-18-2.28.1-3.49 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-3.49 is installed
  • OR libwebkit2gtk3-lang-2.28.1-3.49 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49 is installed
  • OR webkit2gtk3-2.28.1-3.49 is installed
  • OR webkit2gtk3-devel-2.28.1-3.49 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Performance Computing 15-LTSS is installed
  • AND
  • libjavascriptcoregtk-4_0-18-2.28.1-3.49 is installed
  • OR libwebkit2gtk-4_0-37-2.28.1-3.49 is installed
  • OR libwebkit2gtk3-lang-2.28.1-3.49 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49 is installed
  • OR webkit2gtk3-2.28.1-3.49 is installed
  • OR webkit2gtk3-devel-2.28.1-3.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP4 is installed
  • AND Package Information
  • kgraft-patch-4_12_14-95_32-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP4_Update_8-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 SP5 is installed
  • AND Package Information
  • kernel-default-kgraft-4.12.14-122.74.1 is installed
  • OR kernel-default-kgraft-devel-4.12.14-122.74.1 is installed
  • OR kgraft-patch-4_12_14-122_74-default-1-8.3.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed
  • AND Package Information
  • python2-salt-2018.3.0-46.28 is installed
  • OR salt-2018.3.0-46.28 is installed
  • OR salt-api-2018.3.0-46.28 is installed
  • OR salt-bash-completion-2018.3.0-46.28 is installed
  • OR salt-cloud-2018.3.0-46.28 is installed
  • OR salt-doc-2018.3.0-46.28 is installed
  • OR salt-master-2018.3.0-46.28 is installed
  • OR salt-minion-2018.3.0-46.28 is installed
  • OR salt-proxy-2018.3.0-46.28 is installed
  • OR salt-ssh-2018.3.0-46.28 is installed
  • OR salt-syndic-2018.3.0-46.28 is installed
  • OR salt-zsh-completion-2018.3.0-46.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for High Performance Computing 12 is installed
  • AND Package Information
  • python-numpy_1_13_3-gnu-hpc-1.13.3-4.9 is installed
  • OR python-numpy_1_13_3-gnu-hpc-devel-1.13.3-4.9 is installed
  • OR python2-numpy-gnu-hpc-1.13.3-4.9 is installed
  • OR python2-numpy-gnu-hpc-devel-1.13.3-4.9 is installed
  • OR python3-numpy-gnu-hpc-1.13.3-4.9 is installed
  • OR python3-numpy-gnu-hpc-devel-1.13.3-4.9 is installed
  • OR python3-numpy_1_13_3-gnu-hpc-1.13.3-4.9 is installed
  • OR python3-numpy_1_13_3-gnu-hpc-devel-1.13.3-4.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 12 is installed
  • AND Package Information
  • cups154-1.5.4-5 is installed
  • OR cups154-client-1.5.4-5 is installed
  • OR cups154-filters-1.5.4-5 is installed
  • OR cups154-libs-1.5.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_15-default-7-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_4-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 12 is installed
  • AND Package Information
  • kernel-ec2-3.12.59-60.45 is installed
  • OR kernel-ec2-devel-3.12.59-60.45 is installed
  • OR kernel-ec2-extra-3.12.59-60.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND Package Information
  • libnetpbm10-10.26.44-101.9.1 is installed
  • OR libnetpbm10-32bit-10.26.44-101.9.1 is installed
  • OR libnetpbm10-x86-10.26.44-101.9.1 is installed
  • OR netpbm-10.26.44-101.9.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • libgnomesu-1.0.0-307.10.1 is installed
  • OR libgnomesu-lang-1.0.0-307.10.1 is installed
  • OR libgnomesu0-1.0.0-307.10.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND apache2-mod_perl-2.0.8-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-4 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND xf86-video-intel-2.99.917+git781.c8990575-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • apache2-2.4.33-3.30 is installed
  • OR apache2-devel-2.4.33-3.30 is installed
  • OR apache2-doc-2.4.33-3.30 is installed
  • OR apache2-prefork-2.4.33-3.30 is installed
  • OR apache2-utils-2.4.33-3.30 is installed
  • OR apache2-worker-2.4.33-3.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.4.0esr-81 is installed
  • OR MozillaFirefox-translations-45.4.0esr-81 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND squid-4.11-5.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND libjasper-devel-1.900.1-134.17.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND aaa_base-malloccheck-13.2+git20140911.61c1681-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • bind-9.9.6P1-32.1 is installed
  • OR bind-devel-9.9.6P1-32.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND Package Information
  • guile-2.0.9-8.3 is installed
  • OR guile-devel-2.0.9-8.3 is installed
  • OR libguilereadline-v-18-18-2.0.9-8.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND Package Information
  • kernel-default-3.12.38-44.1 is installed
  • OR kernel-default-extra-3.12.38-44.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
  • AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP3 is installed
  • AND argyllcms-1.6.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.5 is installed
  • OR libavcodec-devel-3.4.2-4.5 is installed
  • OR libavformat-devel-3.4.2-4.5 is installed
  • OR libavformat57-3.4.2-4.5 is installed
  • OR libavresample-devel-3.4.2-4.5 is installed
  • OR libavresample3-3.4.2-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • MozillaThunderbird-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed
  • OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.22 is installed
  • OR libvncclient0-0.9.10-4.22 is installed
  • OR libvncserver0-0.9.10-4.22 is installed
    • BACK