Oval Definition:oval:org.opensuse.security:def:52310
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Moderate)
Description:



The SUSE Linux Enterprise 15-SP1 kernel-RT was updated to 4.12.14 to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2020-8992: Fixed an issue in ext4_protect_reserved_inode in fs/ext4/block_validity.c that allowed attackers to cause a soft lockup via a crafted journal size (bsc#1164069). - CVE-2020-8648: Fixed a use-after-free vulnerability in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (bsc#1162928). - CVE-2020-2732: Fixed an issue affecting Intel CPUs where an L2 guest may trick the L0 hypervisor into accessing sensitive L1 resources (bsc#1163971).

The following non-security bugs were fixed:

- ACPI: PM: Avoid attaching ACPI PM domain to certain devices (bsc#1051510). - ACPI / video: Add force_none quirk for Dell OptiPlex 9020M (bsc#1051510). - ACPI: video: Do not export a non working backlight interface on MSI MS-7721 boards (bsc#1051510). - ACPI: watchdog: Allow disabling WDAT at boot (bsc#1162557). - ACPI / watchdog: Fix init failure with overlapping register regions (bsc#1162557). - ACPI / watchdog: Set default timeout in probe (bsc#1162557). - ALSA: dummy: Fix PCM format loop in proc output (bsc#1111666). - ALSA: hda: Add JasperLake PCI ID and codec vid (bsc#1111666). - ALSA: hda: Clear RIRB status before reading WP (bsc#1111666). - ALSA: hda: hdmi - add Tigerlake support (bsc#1111666). - ALSA: hda/hdmi - Clean up Intel platform-specific fixup checks (bsc#1111666). - ALSA: hda: hdmi - fix pin setup on Tigerlake (bsc#1111666). - ALSA: hda/realtek - Fixed one of HP ALC671 platform Headset Mic supported (bsc#1111666). - ALSA: hda/realtek - Fix silent output on MSI-GL73 (git-fixes). - ALSA: hda: Reset stream if DMA RUN bit not cleared (bsc#1111666). - ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs (git-fixes). - ALSA: seq: Avoid concurrent access to queue flags (git-fixes). - ALSA: seq: Fix concurrent access to queue current tick/time (git-fixes). - ALSA: usb-audio: Apply sample rate quirk for Audioengine D1 (git-fixes). - ALSA: usb-audio: Fix endianess in descriptor validation (bsc#1111666). - arm64: Revert support for execute-only user mappings (bsc#1160218). - ASoC: sun8i-codec: Fix setting DAI data format (git-fixes). - ata: ahci: Add shutdown to freeze hardware resources of ahci (bsc#1164388). - bcache: add code comment bch_keylist_pop() and bch_keylist_pop_front() (bsc#1163762). - bcache: add code comments for state->pool in __btree_sort() (bsc#1163762). - bcache: add code comments in bch_btree_leaf_dirty() (bsc#1163762). - bcache: add cond_resched() in __bch_cache_cmp() (bsc#1163762). - bcache: add idle_max_writeback_rate sysfs interface (bsc#1163762). - bcache: add more accurate error messages in read_super() (bsc#1163762). - bcache: add readahead cache policy options via sysfs interface (bsc#1163762). - bcache: at least try to shrink 1 node in bch_mca_scan() (bsc#1163762). - bcache: avoid unnecessary btree nodes flushing in btree_flush_write() (bsc#1163762). - bcache: check return value of prio_read() (bsc#1163762). - bcache: deleted code comments for dead code in bch_data_insert_keys() (bsc#1163762). - bcache: do not export symbols (bsc#1163762). - bcache: explicity type cast in bset_bkey_last() (bsc#1163762). - bcache: fix a lost wake-up problem caused by mca_cannibalize_lock (bsc#1163762). - bcache: Fix an error code in bch_dump_read() (bsc#1163762). - bcache: fix deadlock in bcache_allocator (bsc#1163762). - bcache: fix incorrect data type usage in btree_flush_write() (bsc#1163762). - bcache: fix memory corruption in bch_cache_accounting_clear() (bsc#1163762). - bcache: fix static checker warning in bcache_device_free() (bsc#1163762). - bcache: ignore pending signals when creating gc and allocator thread (bsc#1163762, bsc#1112504). - bcache: print written and keys in trace_bcache_btree_write (bsc#1163762). - bcache: reap c->btree_cache_freeable from the tail in bch_mca_scan() (bsc#1163762). - bcache: reap from tail of c->btree_cache in bch_mca_scan() (bsc#1163762). - bcache: remove macro nr_to_fifo_front() (bsc#1163762). - bcache: remove member accessed from struct btree (bsc#1163762). - bcache: remove the extra cflags for request.o (bsc#1163762). - bcache: Revert 'bcache: shrink btree node cache after bch_btree_check()' (bsc#1163762, bsc#1112504). - blk-mq: avoid sysfs buffer overflow with too many CPU cores (bsc#1163840). - blk-mq: make sure that line break can be printed (bsc#1164098). - Bluetooth: Fix race condition in hci_release_sock() (bsc#1051510). - Btrfs: do not double lock the subvol_sem for rename exchange (bsc#1162943). - Btrfs: fix infinite loop during fsync after rename operations (bsc#1163383). - Btrfs: fix race between adding and putting tree mod seq elements and nodes (bsc#1163384). - cdrom: respect device capabilities during opening action (boo#1164632). - chardev: Avoid potential use-after-free in 'chrdev_open()' (bsc#1163849). - cifs: fix mount option display for sec=krb5i (bsc#1161907). - clk: mmp2: Fix the order of timer mux parents (bsc#1051510). - clk: qcom: rcg2: Do not crash if our parent can't be found; return an error (bsc#1051510). - clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock (bsc#1051510). - clk: tegra: Mark fuse clock as critical (bsc#1051510). - clocksource: Prevent double add_timer_on() for watchdog_timer (bsc#1051510). - closures: fix a race on wakeup from closure_sync (bsc#1163762). - Documentation: Document arm64 kpti control (bsc#1162623). - drm/amd/display: Retrain dongles when SINK_COUNT becomes non-zero (bsc#1111666). - drm/amdgpu: add function parameter description in 'amdgpu_gart_bind' (bsc#1051510). - drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table (bsc#1051510). - drm/amdgpu: remove always false comparison in 'amdgpu_atombios_i2c_process_i2c_ch' (bsc#1051510). - drm/amdgpu: remove set but not used variable 'amdgpu_connector' (bsc#1051510). - drm/amdgpu: remove set but not used variable 'dig' (bsc#1051510). - drm/amdgpu: remove set but not used variable 'dig_connector' (bsc#1051510). - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' (bsc#1051510). - drm/amdgpu: remove set but not used variable 'mc_shared_chmap' from 'gfx_v6_0.c' and 'gfx_v7_0.c' (bsc#1051510). - drm: bridge: dw-hdmi: constify copied structure (bsc#1051510). - drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler (bsc#1051510). - drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new() (bsc#1051510). - drm/rockchip: lvds: Fix indentation of a #define (bsc#1051510). - drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add (bsc#1051510). - Enable CONFIG_BLK_DEV_SR_VENDOR (boo#1164632). - enic: prevent waking up stopped tx queues over watchdog reset (bsc#1133147). - ext2: check err when partial != NULL (bsc#1163859). - ext4: check for directory entries too close to block end (bsc#1163861). - ext4: fix a bug in ext4_wait_for_tail_page_commit (bsc#1163841). - ext4: fix checksum errors with indexed dirs (bsc#1160979). - ext4: fix deadlock allocating crypto bounce page from mempool (bsc#1163842). - ext4: fix mount failure with quota configured as module (bsc#1164471). - ext4: Fix mount failure with quota configured as module (bsc#1164471). - ext4: improve explanation of a mount failure caused by a misconfigured kernel (bsc#1163843). - ext4, jbd2: ensure panic when aborting with zero errno (bsc#1163853). - fix autofs regression caused by follow_managed() changes (bsc#1159271). - fix dget_parent() fastpath race (bsc#1159271). - fscrypt: do not set policy for a dead directory (bsc#1163846). - fs/namei.c: fix missing barriers when checking positivity (bsc#1159271). - fs/namei.c: pull positivity check into follow_managed() (bsc#1159271). - fs/open.c: allow opening only regular files during execve() (bsc#1163845). - ftrace: Add comment to why rcu_dereference_sched() is open coded (git-fixes). - ftrace: Protect ftrace_graph_hash with ftrace_sync (git-fixes). - genirq/proc: Return proper error code when irq_set_affinity() fails (bnc#1105392). - gtp: avoid zero size hashtable (networking-stable-20_01_01). - gtp: do not allow adding duplicate tid and ms_addr pdp context (networking-stable-20_01_01). - gtp: fix an use-after-free in ipv4_pdp_find() (networking-stable-20_01_01). - gtp: fix wrong condition in gtp_genl_dump_pdp() (networking-stable-20_01_01). - hotplug/drc-info: Add code to search ibm,drc-info property (bsc#1157480 ltc#181028). - hv_netvsc: Fix offset usage in netvsc_send_table() (bsc#1164598). - hv_netvsc: Fix send_table offset in case of a host bug (bsc#1164598). - hv_netvsc: Fix tx_table init in rndis_set_subchannel() (bsc#1164598). - hv_netvsc: Fix unwanted rx_table reset (bsc#1164598). - hwmon: (k10temp) Add support for AMD family 17h, model 70h CPUs (bsc#1163206). - hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions (bsc#1051510). - iommu/amd: Fix IOMMU perf counter clobbering during init (bsc#1162617). - iommu/arm-smmu-v3: Populate VMID field for CMDQ_OP_TLBI_NH_VA (bsc#1164314). - iommu/io-pgtable-arm: Fix race handling in split_blk_unmap() (bsc#1164115). - iwlwifi: do not throw error when trying to remove IGTK (bsc#1051510). - iwlwifi: mvm: fix NVM check for 3168 devices (bsc#1051510). - jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal (bsc#1163862). - jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer (bsc#1163836). - jbd2: Fix possible overflow in jbd2_log_space_left() (bsc#1163860). - jbd2: make sure ESHUTDOWN to be recorded in the journal superblock (bsc#1163863). - jbd2: move the clearing of b_modified flag to the journal_unmap_buffer() (bsc#1163880). - jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record (bsc#1163852). - kabi/severities: Whitelist rpaphp_get_drc_props (bsc#1157480 ltc#181028). - kconfig: fix broken dependency in randconfig-generated .config (bsc#1051510). - kernel-binary.spec.in: do not recommend firmware for kvmsmall and azure flavor (boo#1161360). - KVM: Clean up __kvm_gfn_to_hva_cache_init() and its callers (bsc#1133021). - KVM: fix spectrev1 gadgets (bsc#1164705). - KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails (bsc#1061840). - KVM: PPC: Book3S PR: Fix -Werror=return-type build failure (bsc#1061840). - KVM: PPC: Book3S PR: Free shared page if mmu initialization fails (bsc#1061840). - KVM: SVM: Override default MMIO mask if memory encryption is enabled (bsc#1162618). - KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks (bsc#1164734). - KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks (bsc#1164728). - KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks (bsc#1164729). - KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF attacks (bsc#1164712). - KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks (bsc#1164730). - KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF attacks in x86.c (bsc#1164733). - KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit() from Spectre-v1/L1TF attacks (bsc#1164731). - KVM: x86: Protect MSR-based index computations in pmu.h from Spectre-v1/L1TF attacks (bsc#1164732). - KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks (bsc#1164735). - KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks (bsc#1164705). - KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks (bsc#1164727). - lcoking/rwsem: Add missing ACQUIRE to read_slowpath sleep loop (bsc#1050549). - lib: crc64: include <linux/crc64.h> for 'crc64_be' (bsc#1163762). - lib/scatterlist.c: adjust indentation in __sg_alloc_table (bsc#1051510). - lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more() (bsc#1051510). - livepatch/samples/selftest: Use klp_shadow_alloc() API correctly (bsc#1071995). - livepatch/selftest: Clean up shadow variable names and type (bsc#1071995). - locking/rwsem: Prevent decrement of reader count before increment (bsc#1050549). - mac80211: Fix TKIP replay protection immediately after key setup (bsc#1051510). - mac80211: mesh: restrict airtime metric to peered established plinks (bsc#1051510). - md/raid0: Fix buffer overflow at debug print (bsc#1164051). - media: af9005: uninitialized variable printked (bsc#1051510). - media: cec: CEC 2.0-only bcast messages were ignored (git-fixes). - media: digitv: do not continue if remote control state can't be read (bsc#1051510). - media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0 (bsc#1051510). - media: exynos4-is: fix wrong mdev and v4l2 dev order in error path (git-fixes). - media: gspca: zero usb_buf (bsc#1051510). - media: iguanair: fix endpoint sanity check (bsc#1051510). - media: ov6650: Fix crop rectangle alignment not passed back (git-fixes). - media: ov6650: Fix incorrect use of JPEG colorspace (git-fixes). - media: pulse8-cec: fix lost cec_transmit_attempt_done() call. - media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors (bsc#1051510). - media/v4l2-core: set pages dirty upon releasing DMA buffers (bsc#1051510). - media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments (bsc#1051510). - mfd: da9062: Fix watchdog compatible string (bsc#1051510). - mfd: dln2: More sanity checking for endpoints (bsc#1051510). - mfd: rn5t618: Mark ADC control register volatile (bsc#1051510). - mmc: spi: Toggle SPI polarity, do not hardcode it (bsc#1051510). - mod_devicetable: fix PHY module format (networking-stable-19_12_28). - mtd: fix mtd_oobavail() incoherent returned value (bsc#1051510). - namei: only return -ECHILD from follow_dotdot_rcu() (bsc#1163851). - net: add sendmsg_locked and sendpage_locked to af_inet6 (bsc#1144162). - net: dst: Force 4-byte alignment of dst_metrics (networking-stable-19_12_28). - net: ena: fix napi handler misbehavior when the napi budget is zero (networking-stable-20_01_01). - net: hisilicon: Fix a BUG trigered by wrong bytes_compl (networking-stable-19_12_28). - net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() (networking-stable-19_12_28). - net: qlogic: Fix error paths in ql_alloc_large_buffers() (networking-stable-19_12_28). - net: sched: correct flower port blocking (git-fixes). - net: usb: lan78xx: Fix suspend/resume PHY register access error (networking-stable-19_12_28). - new helper: lookup_positive_unlocked() (bsc#1159271). - nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info (bsc#1163774). - PCI: Add DMA alias quirk for Intel VCA NTB (bsc#1051510). - PCI: Do not disable bridge BARs when assigning bus resources (bsc#1051510). - PCI/IOV: Fix memory leak in pci_iov_add_virtfn() (git-fixes). - PCI: rpaphp: Add drc-info support for hotplug slot registration (bsc#1157480 ltc#181028). - PCI: rpaphp: Annotate and correctly byte swap DRC properties (bsc#1157480 ltc#181028). - PCI: rpaphp: Avoid a sometimes-uninitialized warning (bsc#1157480 ltc#181028). - PCI: rpaphp: Correctly match ibm, my-drc-index to drc-name when using drc-info (bsc#1157480 ltc#181028). - PCI: rpaphp: Do not rely on firmware feature to imply drc-info support (bsc#1157480 ltc#181028). - PCI: rpaphp: Fix up pointer to first drc-info entry (bsc#1157480 ltc#181028). - PCI/switchtec: Fix vep_vector_number ioread width (bsc#1051510). - percpu: Separate decrypted varaibles anytime encryption can be enabled (bsc#1114279). - perf/x86/intel: Fix inaccurate period in context switch for auto-reload (bsc#1164315). - powerpc: avoid adjusting memory_limit for capture kernel memory reservation (bsc#1140025 ltc#176086). - powerpc: Enable support for ibm,drc-info devtree property (bsc#1157480 ltc#181028). - powerpc/papr_scm: Fix leaking 'bus_desc.provider_name' in some paths (bsc#1142685 ltc#179509). - powerpc/pseries: Add cpu DLPAR support for drc-info property (bsc#1157480 ltc#181028). - powerpc/pseries: Advance pfn if section is not present in lmb_is_removable() (bsc#1065729). - powerpc/pseries: Allow not having ibm, hypertas-functions::hcall-multi-tce for DDW (bsc#1065729). - powerpc/pseries: Enable support for ibm,drc-info property (bsc#1157480 ltc#181028). - powerpc/pseries: Fix bad drc_index_start value parsing of drc-info entry (bsc#1157480 ltc#181028). - powerpc/pseries: Fix drc-info mappings of logical cpus to drc-index (bsc#1157480 ltc#181028). - powerpc/pseries: Fix vector5 in ibm architecture vector table (bsc#1157480 ltc#181028). - powerpc/pseries/hotplug-memory: Change rc variable to bool (bsc#1065729). - powerpc/pseries: Revert support for ibm,drc-info devtree property (bsc#1157480 ltc#181028). - powerpc/pseries/vio: Fix iommu_table use-after-free refcount warning (bsc#1065729). - powerpc: reserve memory for capture kernel after hugepages init (bsc#1140025 ltc#176086). - powerpc/tm: Fix clearing MSR[TS] in current when reclaiming on signal delivery (bsc#1118338 ltc#173734). - power: supply: ltc2941-battery-gauge: fix use-after-free (bsc#1051510). - pseries/drc-info: Search DRC properties for CPU indexes (bsc#1157480 ltc#181028). - pstore/ram: Write new dumps to start of recycled zones (bsc#1051510). - pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional (git-fixes). - pwm: Remove set but not set variable 'pwm' (git-fixes). - pxa168fb: Fix the function used to release some memory in an error (bsc#1114279) - qede: Fix multicast mac configuration (networking-stable-19_12_28). - qmi_wwan: Add support for Quectel RM500Q (bsc#1051510). - quota: Check that quota is not dirty before release (bsc#1163858). - quota: fix livelock in dquot_writeback_dquots (bsc#1163857). - r8152: get default setting of WOL before initializing (bsc#1051510). - regulator: Fix return value of _set_load() stub (bsc#1051510). - regulator: rk808: Lower log level on optional GPIOs being not available (bsc#1051510). - reiserfs: Fix memory leak of journal device string (bsc#1163867). - reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling (bsc#1163869). - Revert 'locking/pvqspinlock: Do not wait if vCPU is preempted' (bsc#1050549). - rpm/kabi.pl: support new (>=5.4) Module.symvers format (new symbol namespace field) - rpm/kernel-binary.spec.in: Conflict with too old powerpc-utils (jsc#ECO-920, jsc#SLE-11054, jsc#SLE-11322). - rpm/kernel-binary.spec.in: Replace Novell with SUSE - rtc: cmos: Stop using shared IRQ (bsc#1051510). - rtc: hym8563: Return -EINVAL if the time is known to be invalid (bsc#1051510). - rtlwifi: Fix MAX MPDU of VHT capability (git-fixes). - rtlwifi: Remove redundant semicolon in wifi.h (git-fixes). - scsi: qla2xxx: Fix a NULL pointer dereference in an error path (bsc#1157966 bsc#1158013 bsc#1157424). - scsi: qla2xxx: Fix unbound NVME response length (bsc#1157966 bsc#1158013 bsc#1157424). - sctp: fully initialize v4 addr in some functions (networking-stable-19_12_28). - serial: ifx6x60: add missed pm_runtime_disable (bsc#1051510). - serial: pl011: Fix DMA ->flush_buffer() (bsc#1051510). - serial: serial_core: Perform NULL checks for break_ctl ops (bsc#1051510). - serial: stm32: fix transmit_chars when tx is stopped (bsc#1051510). - sh_eth: check sh_eth_cpu_data::dual_port when dumping registers (bsc#1051510). - sh_eth: fix dumping ARSTR (bsc#1051510). - sh_eth: fix invalid context bug while calling auto-negotiation by ethtool (bsc#1051510). - sh_eth: fix invalid context bug while changing link options by ethtool (bsc#1051510). - sh_eth: fix TSU init on SH7734/R8A7740 (bsc#1051510). - sh_eth: fix TXALCR1 offsets (bsc#1051510). - sh_eth: TSU_QTAG0/1 registers the same as TSU_QTAGM0/1 (bsc#1051510). - soc: renesas: rcar-sysc: Add goto to of_node_put() before return (bsc#1051510). - soc/tegra: fuse: Correct straps' address for older Tegra124 device trees (bsc#1051510). - soc: ti: wkup_m3_ipc: Fix race condition with rproc_boot (bsc#1051510). - spi: tegra114: clear packed bit for unpacked mode (bsc#1051510). - spi: tegra114: configure dma burst size to fifo trig level (bsc#1051510). - spi: tegra114: fix for unpacked mode transfers (bsc#1051510). - spi: tegra114: flush fifos (bsc#1051510). - spi: tegra114: terminate dma and reset on transfer timeout (bsc#1051510). - sr_vendor: support Beurer GL50 evo CD-on-a-chip devices (boo#1164632). - staging: vt6656: correct packet types for CTS protect, mode (bsc#1051510). - staging: vt6656: Fix false Tx excessive retries reporting (bsc#1051510). - staging: vt6656: use NULLFUCTION stack on mac80211 (bsc#1051510). - stop_machine: Atomically queue and wake stopper threads (bsc#1088810, bsc#1161702). - stop_machine: Disable preemption after queueing stopper threads (bsc#1088810, bsc#1161702). - stop_machine: Disable preemption when waking two stopper threads (bsc#1088810, bsc#1161702). - stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (bsc#1088810, bsc#1161702). - tcp: do not send empty skb from tcp_write_xmit() (networking-stable-20_01_01). - tracing: Annotate ftrace_graph_hash pointer with __rcu (git-fixes). - tracing: Annotate ftrace_graph_notrace_hash pointer with __rcu (git-fixes). - tracing: Fix tracing_stat return values in error handling paths (git-fixes). - tracing: Fix very unlikely race of registering two stat tracers (git-fixes). - tty: n_hdlc: fix build on SPARC (bsc#1051510). - tty/serial: atmel: Add is_half_duplex helper (bsc#1051510). - tty: serial: msm_serial: Fix lockup for sysrq and oops (bsc#1051510). - tty: vt: keyboard: reject invalid keycodes (bsc#1051510). - ubifs: do not trigger assertion on invalid no-key filename (bsc#1163850). - ubifs: Fix deadlock in concurrent bulk-read and writepage (bsc#1163856). - ubifs: Fix FS_IOC_SETFLAGS unexpectedly clearing encrypt flag (bsc#1163855). - ubifs: Reject unsupported ioctl flags explicitly (bsc#1163844). - udp: fix integer overflow while computing available space in sk_rcvbuf (networking-stable-20_01_01). - USB: core: fix check for duplicate endpoints (git-fixes). - USB: EHCI: Do not return -EPIPE when hub is disconnected (git-fixes). - USB: gadget: legacy: set max_speed to super-speed (bsc#1051510). - USB: gadget: Zero ffs_io_data (bsc#1051510). - USB: host: xhci-hub: fix extra endianness conversion (bsc#1051510). - usbip: Fix error path of vhci_recv_ret_submit() (git-fixes). - USB: serial: option: add support for Quectel RM500Q in QDL mode (git-fixes). - USB: serial: option: add Telit ME910G1 0x110a composition (git-fixes). - USB: serial: option: add ZLP support for 0x1bc7/0x9010 (git-fixes). - usb-storage: Disable UAS on JMicron SATA enclosure (bsc#1051510). - vhost/vsock: accept only packets with the right dst_cid (networking-stable-20_01_01). - watchdog: max77620_wdt: fix potential build errors (bsc#1051510). - watchdog: rn5t618_wdt: fix module aliases (bsc#1051510). - watchdog: wdat_wdt: fix get_timeleft call for wdat_wdt (bsc#1162557). - wireless: fix enabling channel 12 for custom regulatory domain (bsc#1051510). - wireless: wext: avoid gcc -O3 warning (bsc#1051510). - x86/amd_nb: Add PCI device IDs for family 17h, model 70h (bsc#1163206). - x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR (bsc#1162619). - x86/intel_rdt: Split resource group removal in two (bsc#1112178). - x86/intel_rdt: Split resource group removal in two (bsc#1112178). - x86/resctrl: Check monitoring static key in the MBM overflow handler (bsc#1114279). - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178). - x86/resctrl: Fix a deadlock due to inaccurate reference (bsc#1112178). - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup (bsc#1112178). - x86/resctrl: Fix use-after-free due to inaccurate refcount of rdtgroup (bsc#1112178). - x86/resctrl: Fix use-after-free when deleting resource groups (bsc#1114279). - xen/balloon: Support xend-based toolstack take two (bsc#1065600). - xen: Enable interrupts when calling _cond_resched() (bsc#1065600). - xhci: Fix memory leak in xhci_add_in_port() (bsc#1051510). - xhci: fix USB3 device initiated resume race with roothub autosuspend (bsc#1051510). - xhci: make sure interrupts are restored to correct state (bsc#1051510).
Family:unixClass:patch
Status:Reference(s):1050549
1051510
1061840
1065600
1065729
1071995
1083647
1085030
1088810
1093733
1094301
1101776
1101777
1101786
1101788
1101791
1101794
1101800
1101802
1101804
1101810
1105392
1106514
1109911
1111647
1111666
1112178
1112504
1113956
1114279
1117740
1118338
1120386
1121231
1121232
1121233
1121234
1121235
1124493
1127367
1127369
1127370
1131941
1131945
1132091
1133021
1133147
1136021
1137325
1140025
1141980
1142685
1144162
1145051
1145929
1148868
1150690
1156288
1157424
1157480
1157966
1158013
1158505
1158983
1159037
1159198
1159199
1159271
1160218
1160979
1161052
1161360
1161561
1161702
1161907
1161951
1162171
1162557
1162617
1162618
1162619
1162623
1162928
1162943
1163206
1163383
1163384
1163403
1163762
1163774
1163836
1163840
1163841
1163842
1163843
1163844
1163845
1163846
1163849
1163850
1163851
1163852
1163853
1163855
1163856
1163857
1163858
1163859
1163860
1163861
1163862
1163863
1163867
1163869
1163880
1163897
1163971
1164051
1164069
1164098
1164115
1164284
1164314
1164315
1164388
1164471
1164598
1164632
1164705
1164712
1164727
1164728
1164729
1164730
1164731
1164732
1164733
1164734
1164735
1164777
1164780
1164893
1165019
1165182
1165185
1165211
1165241
1165710
1165823
1165949
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1166982
1167005
1167216
1167288
1167290
1167316
1167421
1167423
1167627
1167629
1168075
1168202
1168273
1168276
1168295
1168367
1168424
1168443
1168486
1168552
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1168994
1169013
1169057
1169307
1169308
1169390
1169514
1169625
1173812
1174463
1174570
957624
CVE-2008-4316
CVE-2012-0804
CVE-2012-3524
CVE-2012-4504
CVE-2012-4559
CVE-2012-4560
CVE-2012-4561
CVE-2013-0176
CVE-2013-1986
CVE-2013-1987
CVE-2014-0017
CVE-2014-0467
CVE-2014-8132
CVE-2014-8767
CVE-2014-8768
CVE-2014-8769
CVE-2014-9116
CVE-2014-9140
CVE-2015-0261
CVE-2015-2153
CVE-2015-2154
CVE-2015-2155
CVE-2015-3138
CVE-2015-3146
CVE-2016-0739
CVE-2016-10165
CVE-2016-5759
CVE-2016-7922
CVE-2016-7923
CVE-2016-7924
CVE-2016-7925
CVE-2016-7926
CVE-2016-7927
CVE-2016-7928
CVE-2016-7929
CVE-2016-7930
CVE-2016-7931
CVE-2016-7932
CVE-2016-7933
CVE-2016-7934
CVE-2016-7935
CVE-2016-7936
CVE-2016-7937
CVE-2016-7938
CVE-2016-7939
CVE-2016-7940
CVE-2016-7947
CVE-2016-7948
CVE-2016-7949
CVE-2016-7950
CVE-2016-7973
CVE-2016-7974
CVE-2016-7975
CVE-2016-7983
CVE-2016-7984
CVE-2016-7985
CVE-2016-7986
CVE-2016-7992
CVE-2016-7993
CVE-2016-8574
CVE-2016-8575
CVE-2017-5202
CVE-2017-5203
CVE-2017-5204
CVE-2017-5205
CVE-2017-5341
CVE-2017-5342
CVE-2017-5482
CVE-2017-5483
CVE-2017-5484
CVE-2017-5485
CVE-2017-5486
CVE-2018-11354
CVE-2018-11355
CVE-2018-11356
CVE-2018-11357
CVE-2018-11358
CVE-2018-11359
CVE-2018-11360
CVE-2018-11361
CVE-2018-11362
CVE-2018-12086
CVE-2018-14339
CVE-2018-14340
CVE-2018-14341
CVE-2018-14342
CVE-2018-14343
CVE-2018-14344
CVE-2018-14367
CVE-2018-14368
CVE-2018-14369
CVE-2018-14370
CVE-2018-16056
CVE-2018-16057
CVE-2018-16058
CVE-2018-16435
CVE-2018-18225
CVE-2018-18226
CVE-2018-18227
CVE-2018-19622
CVE-2018-19623
CVE-2018-19624
CVE-2018-19625
CVE-2018-19626
CVE-2018-19627
CVE-2018-19628
CVE-2019-10894
CVE-2019-10895
CVE-2019-10896
CVE-2019-10897
CVE-2019-10898
CVE-2019-10899
CVE-2019-10900
CVE-2019-10901
CVE-2019-10902
CVE-2019-10903
CVE-2019-11023
CVE-2019-13619
CVE-2019-16319
CVE-2019-19553
CVE-2019-19770
CVE-2019-3701
CVE-2019-3820
CVE-2019-5716
CVE-2019-5717
CVE-2019-5718
CVE-2019-5719
CVE-2019-5721
CVE-2019-9208
CVE-2019-9209
CVE-2019-9214
CVE-2019-9458
CVE-2020-10713
CVE-2020-10942
CVE-2020-11494
CVE-2020-11669
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-15706
CVE-2020-15707
CVE-2020-2732
CVE-2020-7044
CVE-2020-8648
CVE-2020-8834
CVE-2020-8992
CVE-2020-9428
CVE-2020-9429
CVE-2020-9430
CVE-2020-9431
SUSE-SU-2019:1459-1
SUSE-SU-2020:0688-1
SUSE-SU-2020:0693-1
SUSE-SU-2020:1146-1
SUSE-SU-2020:2073-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.6esr-0.4 is installed
  • OR MozillaFirefox-translations-17.0.6esr-0.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.6.0esr-0.8 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7 is installed
  • OR MozillaFirefox-translations-24.6.0esr-0.8 is installed
  • OR libfreebl3-3.16.1-0.8 is installed
  • OR libfreebl3-32bit-3.16.1-0.8 is installed
  • OR libsoftokn3-3.16.1-0.8 is installed
  • OR libsoftokn3-32bit-3.16.1-0.8 is installed
  • OR mozilla-nspr-4.10.6-0.3 is installed
  • OR mozilla-nspr-32bit-4.10.6-0.3 is installed
  • OR mozilla-nss-3.16.1-0.8 is installed
  • OR mozilla-nss-32bit-3.16.1-0.8 is installed
  • OR mozilla-nss-tools-3.16.1-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libxml2-2.7.6-0.34 is installed
  • OR libxml2-32bit-2.7.6-0.34 is installed
  • OR libxml2-python-2.7.6-0.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND cvs-1.12.12-181 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND mutt-1.5.21-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND kdump-0.8.15-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • glib2-lang-2.48.2-10 is installed
  • OR glib2-tools-2.48.2-10 is installed
  • OR libgio-2_0-0-2.48.2-10 is installed
  • OR libgio-2_0-0-32bit-2.48.2-10 is installed
  • OR libgio-fam-2.48.2-10 is installed
  • OR libglib-2_0-0-2.48.2-10 is installed
  • OR libglib-2_0-0-32bit-2.48.2-10 is installed
  • OR libgmodule-2_0-0-2.48.2-10 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-10 is installed
  • OR libgobject-2_0-0-2.48.2-10 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-10 is installed
  • OR libgthread-2_0-0-2.48.2-10 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • lcms2-2.7-9.7 is installed
  • OR liblcms2-2-2.7-9.7 is installed
  • OR liblcms2-2-32bit-2.7-9.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-rt_debug-4.12.14-14.20 is installed
  • OR dlm-kmp-rt_debug-4.12.14-14.20 is installed
  • OR gfs2-kmp-rt_debug-4.12.14-14.20 is installed
  • OR kernel-rt-4.12.14-14.20 is installed
  • OR kernel-rt-extra-4.12.14-14.20 is installed
  • OR kernel-rt-livepatch-devel-4.12.14-14.20 is installed
  • OR kernel-rt_debug-4.12.14-14.20 is installed
  • OR kernel-rt_debug-base-4.12.14-14.20 is installed
  • OR kernel-rt_debug-extra-4.12.14-14.20 is installed
  • OR kernel-rt_debug-livepatch-devel-4.12.14-14.20 is installed
  • OR kselftests-kmp-rt-4.12.14-14.20 is installed
  • OR kselftests-kmp-rt_debug-4.12.14-14.20 is installed
  • OR ocfs2-kmp-rt_debug-4.12.14-14.20 is installed
  • OR reiserfs-kmp-rt-4.12.14-14.20 is installed
  • OR reiserfs-kmp-rt_debug-4.12.14-14.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • graphviz-addons-2.40.1-6.3 is installed
  • OR graphviz-doc-2.40.1-6.3 is installed
  • OR graphviz-gnome-2.40.1-6.3 is installed
  • OR graphviz-guile-2.40.1-6.3 is installed
  • OR graphviz-gvedit-2.40.1-6.3 is installed
  • OR graphviz-java-2.40.1-6.3 is installed
  • OR graphviz-lua-2.40.1-6.3 is installed
  • OR graphviz-php-2.40.1-6.3 is installed
  • OR graphviz-ruby-2.40.1-6.3 is installed
  • OR graphviz-smyrna-2.40.1-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • ntp-4.2.8p4-1 is installed
  • OR ntp-doc-4.2.8p4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • emacs-24.3-25.3 is installed
  • OR emacs-el-24.3-25.3 is installed
  • OR emacs-info-24.3-25.3 is installed
  • OR emacs-nox-24.3-25.3 is installed
  • OR emacs-x11-24.3-25.3 is installed
  • OR etags-24.3-25.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libudisks2-0-2.1.3-1 is installed
  • OR udisks2-2.1.3-1 is installed
  • OR udisks2-lang-2.1.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-52.9.0esr-109.38 is installed
  • OR MozillaFirefox-devel-52.9.0esr-109.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-9-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-9-2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND sudo-1.8.20p2-3.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libblkid1-2.29.2-3.12 is installed
  • OR libblkid1-32bit-2.29.2-3.12 is installed
  • OR libfdisk1-2.29.2-3.12 is installed
  • OR libmount1-2.29.2-3.12 is installed
  • OR libmount1-32bit-2.29.2-3.12 is installed
  • OR libsmartcols1-2.29.2-3.12 is installed
  • OR libuuid1-2.29.2-3.12 is installed
  • OR libuuid1-32bit-2.29.2-3.12 is installed
  • OR python-libmount-2.29.2-3.12 is installed
  • OR util-linux-2.29.2-3.12 is installed
  • OR util-linux-lang-2.29.2-3.12 is installed
  • OR util-linux-systemd-2.29.2-3.12 is installed
  • OR uuidd-2.29.2-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libicu-doc-52.1-8.7 is installed
  • OR libicu52_1-52.1-8.7 is installed
  • OR libicu52_1-32bit-52.1-8.7 is installed
  • OR libicu52_1-data-52.1-8.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • grub2-2.02-19.48 is installed
  • OR grub2-i386-pc-2.02-19.48 is installed
  • OR grub2-powerpc-ieee1275-2.02-19.48 is installed
  • OR grub2-snapper-plugin-2.02-19.48 is installed
  • OR grub2-systemd-sleep-plugin-2.02-19.48 is installed
  • OR grub2-x86_64-efi-2.02-19.48 is installed
  • OR grub2-x86_64-xen-2.02-19.48 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • gnome-shell-3.26.2+20180130.0d9c74212-4.19 is installed
  • OR gnome-shell-calendar-3.26.2+20180130.0d9c74212-4.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.40 is installed
  • OR kernel-default-extra-4.12.14-197.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-glance-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-api-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-doc-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-glare-13.0.1~a0~dev6-4.3 is installed
  • OR openstack-glance-registry-13.0.1~a0~dev6-4.3 is installed
  • OR python-glance-13.0.1~a0~dev6-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Django-1.11.11-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
    • BACK