Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for the Linux Kernel (Important) |
Description: |
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.
The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735
- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.
The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).
The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251
- CVE-2019-0154: Fix a local denial of service via read of unprotected i915 registers. (bsc#1135966) - CVE-2019-0155: Fix privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967) - CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457). - CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903). - CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). - CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372). - CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465) - CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452). - CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158). - CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).
The following non-security bugs were fixed:
- 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510). - acpi / CPPC: do not require the _PSD method (bsc#1051510). - acpi / processor: do not print errors for processorIDs == 0xff (bsc#1051510). - acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510). - act_mirred: Fix mirred_init_module error handling (bsc#1051510). - alsa: bebob: Fix prototype of helper function to return negative value (bsc#1051510). - alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510). - alsa: hda - Apply AMD controller workaround for Raven platform (bsc#1051510). - alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510). - alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510). - alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510). - alsa: hda - Inform too slow responses (bsc#1051510). - alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510). - alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510). - alsa: hda/realtek - Add support for ALC623 (bsc#1051510). - alsa: hda/realtek - Add support for ALC711 (bsc#1051510). - alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510). - alsa: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510). - alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510). - alsa: hda/realtek - Fix alienware headset mic (bsc#1051510). - alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510). - alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510). - alsa: hda: Add Elkhart Lake pci ID (bsc#1051510). - alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510). - alsa: hda: Add support of Zhaoxin controller (bsc#1051510). - alsa: hda: Flush interrupts on disabling (bsc#1051510). - alsa: hda: Set fifo_size for both playback and capture streams (bsc#1051510). - alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510). - alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510). - alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510). - alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510). - alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510). - alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510). - appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30). - asoc: Define a set of DAPM pre/post-up events (bsc#1051510). - asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510). - asoc: Intel: NHLT: Fix debug print format (bsc#1051510). - asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510). - asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510). - asoc: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510). - asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510). - auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510). - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - blk-wbt: abstract out end IO completion handler (bsc#1135873). - blk-wbt: fix has-sleeper queueing check (bsc#1135873). - blk-wbt: improve waking of tasks (bsc#1135873). - blk-wbt: move disable check into get_limit() (bsc#1135873). - blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873). - block: add io timeout to sysfs (bsc#1148410). - block: do not show io_timeout if driver has no timeout handler (bsc#1148410). - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510). - bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ). - boot: Sign non-x86 kernels when possible (boo#1134303) - bpf: fix use after free in prog symbol exposure (bsc#1083647). - bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15). - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651). - btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607). - btrfs: bail out gracefully rather than BUG_ON (bsc#1153646). - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178). - btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713). - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651). - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510). - can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510). - cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15). - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510). - ceph: fix directories inode i_blkbits initialization (bsc#1153717). - ceph: reconnect connection if session hang in opening state (bsc#1153718). - ceph: update the mtime when truncating up (bsc#1153719). - cfg80211: Purge frame registrations on iftype change (bsc#1051510). - cfg80211: add and use strongly typed element iteration macros (bsc#1051510). - clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510). - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510). - clk: sirf: Do not reference clk_init_data after registration (bsc#1051510). - clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510). - crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737). - crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510). - crypto: af_alg - consolidation of duplicate code (bsc#1154737). - crypto: af_alg - fix race accessing cipher request (bsc#1154737). - crypto: af_alg - remove locking in async callback (bsc#1154737). - crypto: af_alg - update correct dst SGL entry (bsc#1051510). - crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737). - crypto: algif - return error code when no data was processed (bsc#1154737). - crypto: algif_aead - copy AAD from src to dst (bsc#1154737). - crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737). - crypto: algif_aead - overhaul memory management (bsc#1154737). - crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737). - crypto: algif_skcipher - overhaul memory management (bsc#1154737). - crypto: talitos - fix missing break in switch statement (bsc#1142635). - cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584). - cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129). - cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129). - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513). - cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129). - cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05). - dasd_fba: Display '00000000' for zero page when dumping sense (bsc#1123080). - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510). - drm/amdgpu/si: fix ASIC tests (git-fixes). - drm/amdgpu: Check for valid number of registers to read (bsc#1051510). - drm/ast: Fixed reboot test may cause system hanged (bsc#1051510). - drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510). - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510). - drm/i915/cmdparser: Add support for backward jumps (bsc#1135967) - drm/i915/cmdparser: Ignore Length operands during command matching (bsc#1135967) - drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967) - drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967) - drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967) - drm/i915/gtt: Disable read-only support under GVT (bsc#1135967) - drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967) - drm/i915: Add gen9 BCS cmdparsing (bsc#1135967) - drm/i915: Add support for mandatory cmdparsing (bsc#1135967) - drm/i915: Allow parsing of unsized batches (bsc#1135967) - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967) - drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#1135967) - drm/i915: Remove Master tables from cmdparser - drm/i915: Rename gen7 cmdparser tables (bsc#1135967) - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967) - drm/msm/dsi: Implement reset correctly (bsc#1051510). - drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510). - drm/radeon: Fix EEH during kexec (bsc#1051510). - drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510). - drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510). - drm: Flush output polling on shutdown (bsc#1051510). - e1000e: add workaround for possible stalled packet (bsc#1051510). - efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510). - efi: cper: print AER info of pcie fatal error (bsc#1051510). - efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510). - firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes). - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bsc#1051510). - hid: apple: Fix stuck function keys when using FN (bsc#1051510). - hid: fix error message in hid_open_report() (bsc#1051510). - hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510). - hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510). - hid: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510). - hid: prodikeys: Fix general protection fault during probe (bsc#1051510). - hid: sony: Fix memory corruption issue on cleanup (bsc#1051510). - hso: fix NULL-deref on tty open (bsc#1051510). - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510). - hwrng: core - do not wait on add_early_randomness() (git-fixes). - hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905). - i2c: riic: Clear NACK in tend isr (bsc#1051510). - ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108) - ib/core: Add mitigation for Spectre V1 (bsc#1155671) - ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449). - ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205). - ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205). - ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305). - ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510). - ieee802154: ca8210: prevent memory leak (bsc#1051510). - ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - iio: adc: ad799x: fix probe error handling (bsc#1051510). - iio: light: opt3001: fix mutex unlock race (bsc#1051510). - ima: always return negative code for error (bsc#1051510). - input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510). - input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510). - integrity: prevent deadlock during digsig verification (bsc#1090631). - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799). - iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608). - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799). - iommu/amd: Remove domain->updated (bsc#1154610). - iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611). - ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510). - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' (networking-stable-19_09_15). - ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05). - ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05). - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674). - ixgbe: sync the first fragment unconditionally (bsc#1133140). - kABI workaround for crypto/af_alg changes (bsc#1154737). - kABI workaround for drm_vma_offset_node readonly field addition (bsc#1135967) - kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510). - kabi/severities: Whitelist functions internal to radix mm. To call these functions you have to first detect if you are running in radix mm mode which can't be expected of OOT code. - kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05). - kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578). - kernel-binary: check also bzImage on s390/s390x Starting with 4.19-rc1, uncompressed image is no longer built on s390x. - kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case. - kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875). - ksm: cleanup stable_node chain collapse case (bnc#1144338). - ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338). - ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338). - ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338). - ksm: swap the two output parameters of chain/chain_prune (bnc#1144338). - kvm: Convert kvm_lock to a mutex (bsc#1117665). - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665). - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840). - kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665). - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665). - kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665). - kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665). - kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665). - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665). - kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665). - kvm: x86: mmu: Recovery of shattered NX large pages (bsc#1117665, CVE-2018-12207). - kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665). - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510). - libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510). - mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - mac80211: Reject malformed SSID elements (bsc#1051510). - mac80211: accept deauth frames in ibSS mode (bsc#1051510). - mac80211: fix txq null pointer dereference (bsc#1051510). - macsec: drop skb sk before calling gro_cells_receive (bsc#1051510). - md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090). - md/raid0: fix warning message for parameter default_layout (bsc#1140090). - media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642). - media: cpia2_usb: fix memory leaks (bsc#1051510). - media: dvb-core: fix a memory leak bug (bsc#1051510). - media: exynos4-is: fix leaked of_node references (bsc#1051510). - media: gspca: zero usb_buf on error (bsc#1051510). - media: hdpvr: Add device num check and handling (bsc#1051510). - media: hdpvr: add terminating 0 at end of string (bsc#1051510). - media: i2c: ov5645: Fix power sequence (bsc#1051510). - media: iguanair: add sanity checks (bsc#1051510). - media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510). - media: omap3isp: Set device on omap3isp subdevs (bsc#1051510). - media: ov9650: add a sanity check (bsc#1051510). - media: radio/si470x: kill urb on error (bsc#1051510). - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510). - media: saa7146: add cleanup in hexium_attach() (bsc#1051510). - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510). - media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510). - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510). - mem: /dev/mem: Bail out upon SIGKILL (git-fixes). - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#1051510). - mfd: intel-lpss: Remove D3cold delay (bsc#1051510). - mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05). - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510). - mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510). - mmc: sdhci: improve ADMA error reporting (bsc#1051510). - net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes). - net/mlx4_en: fix a memory leak bug (bsc#1046299). - net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ). - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ). - net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30). - net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05). - net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848). - net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848). - net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30). - net: Fix null de-reference of device refcount (networking-stable-19_09_15). - net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612). - net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05). - net: fix skb use after free in netpoll (networking-stable-19_09_05). - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15). - net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes). - net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05). - net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30). - net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05). - net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05). - net_sched: add policy validation for action attributes (networking-stable-19_09_30). - net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes). - netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612). - nfc: enforce CAP_NET_RAW for raw sockets (bsc#1152788 CVE-2019-17056). - nfc: fix attrs checks in netlink interface (bsc#1051510). - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510). - nfc: pn533: fix use-after-free and memleaks (bsc#1051510). - nfs: NFSv4 Check the return value of update_open_stateid (boo#1154189 bsc#1154747). - nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624). - nl80211: fix null pointer dereference (bsc#1051510). - objtool: Clobber user CFLAGS variable (bsc#1153236). - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30). - packaging: add support for riscv64 - pci: Correct pci=resource_alignment parameter example (bsc#1051510). - pci: PM: Fix pci_power_up() (bsc#1051510). - pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092). - pci: hv: Use bytes 4 and 5 from instance ID as the pci domain numbers (bsc#1153263). - pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510). - platform/x86: classmate-laptop: remove unused variable (bsc#1051510). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510). - power: supply: sysfs: ratelimit property read error message (bsc#1051510). - powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186). - powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186). - powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186). - powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186). - powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186). - powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186). - powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186). - powerpc/mm: Properly invalidate when setting process table base (bsc#1055186). - powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186). - powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778). - powerpc/pseries: Remove confusing warning message (bsc#1109158). - powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778). - qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545). - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545). - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#1050536 bsc#1050545). - qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545). - qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05). - r8152: Set macpassthru in reset_resume callback (bsc#1051510). - rdma/bnxt_re: Fix spelling mistake 'missin_resp' -> 'missing_resp' (bsc#1050244). - rdma: Fix goto target to release the allocated memory (bsc#1050244). - rds: Fix warning (bsc#1154848). - rpm/config.sh: Enable livepatch. - rpm/constraints.in: lower disk space required for ARM With a requirement of 35GB, only 2 slow workers are usable for ARM. Current aarch64 build requires 27G and armv6/7 requires 14G. Set requirements respectively to 30GB and 20GB. - rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no reason to lock down the dtb directory for ordinary users. - rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo. - rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE kernel RT and Azure variants are excluded for the moment. (bsc#1141600) - rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in 5.2. - rpm/kernel-binary.spec.in: support partial rt debug config. - rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119). - rpm/macros.kernel-source: KMPs should depend on kmod-compat to build. kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and find-supplements.ksyms in rpm-config-SUSE. - rpm/mkspec: Correct tarball URL for rc kernels. - rpm/mkspec: Make building DTBs optional. - rpm/modflist: Simplify compression support. - rpm: raise required disk space for binary packages Current disk space constraints (10 GB on s390x, 25 GB on other architectures) no longer suffice for 5.3 kernel builds. The statistics show ~30 GB of disk consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB in general and 14 GB on s390x. - rpm: support compressed modules Some of our scripts and scriptlets in rpm/ do not expect module files not ending with '.ko' which currently leads to failure in preuninstall scriptlet of cluster-md-kmp-default (and probably also other subpackages). Let those which could be run on compressed module files recognize '.ko.xz' in addition to '.ko'. - rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635). - s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476). - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05). - sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05). - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15). - sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30). - sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254). - scripts/arch-symbols: add missing link. - scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040). - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845). - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883). - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375). - scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291). - scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291). - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457 CVE-2019-16233). - scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729). - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (networking-stable-19_09_15). - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15). - skge: fix checksum byte order (networking-stable-19_09_30). - sock_diag: fix autoloading of the raw_diag module (bsc#1152791). - sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791). - staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510). - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#1051510). - supporte.conf: add efivarfs to kernel-default-base (bsc#1154858). - tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes). - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15). - tcp: inherit timestamp on mtu probe (networking-stable-19_09_05). - tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05). - thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510). - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510). - tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15). - tipc: fix unlimited bundling of small messages (networking-stable-19_10_05). - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508). - tun: fix use-after-free when register netdev failed (networking-stable-19_09_15). - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099). - usb: adutux: fix NULL-derefs on disconnect (bsc#1142635). - usb: adutux: fix use-after-free on disconnect (bsc#1142635). - usb: adutux: fix use-after-free on release (bsc#1051510). - usb: chaoskey: fix use-after-free on release (bsc#1051510). - usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510). - usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510). - usb: iowarrior: fix use-after-free on disconnect (bsc#1051510). - usb: iowarrior: fix use-after-free on release (bsc#1051510). - usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510). - usb: ldusb: fix memleak on disconnect (bsc#1051510). - usb: ldusb: fix read info leaks (bsc#1051510). - usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510). - usb: legousbtower: fix deadlock on disconnect (bsc#1142635). - usb: legousbtower: fix memleak on disconnect (bsc#1051510). - usb: legousbtower: fix open after failed reset request (bsc#1142635). - usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635). - usb: legousbtower: fix slab info leak at probe (bsc#1142635). - usb: legousbtower: fix use-after-free on release (bsc#1051510). - usb: microtek: fix info-leak at probe (bsc#1142635). - usb: serial: fix runtime PM after driver unbind (bsc#1051510). - usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510). - usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510). - usb: serial: option: add Telit FN980 compositions (bsc#1051510). - usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510). - usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510). - usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510). - usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510). - usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510). - usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510). - usb: usblcd: fix I/O after disconnect (bsc#1142635). - usb: usblp: fix runtime PM after driver unbind (bsc#1051510). - usb: usblp: fix use-after-free on disconnect (bsc#1051510). - usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510). - usb: yurex: Do not retry on unexpected errors (bsc#1051510). - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510). - usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510). - usbnet: sanity checking of packet sizes and device mtu (bsc#1051510). - vfio_pci: Restore original state on release (bsc#1051510). - vfs: Make filldir[64]() verify the directory entry filename is valid (bsc#1144903). - vhost_net: conditionally enable tx polling (bsc#1145099). - video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510). - vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05). - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510). - x86/asm: Fix MWAITX C-state hint value (bsc#1114279). - x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969). - x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969). - x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279). - x86/tsx: Add config options to set tsx=on|off|auto (bsc#1139073, CVE-2019-11135). - xen/netback: fix error path of xenvif_connect_data() (bsc#1065600). - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811). - xhci: Check all endpoints for LPM timeout (bsc#1051510). - xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510). - xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510). - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1046299 1046303 1046305 1050244 1050536 1050545 1051510 1055186 1058115 1061840 1064802 1065600 1065729 1066129 1073513 1082635 1083647 1086323 1087092 1089644 1090631 1093205 1094244 1096254 1097583 1097584 1097585 1097586 1097587 1097588 1098291 1101674 1109158 1114279 1117665 1119461 1119465 1123034 1123080 1133140 1134303 1135642 1135854 1135873 1135966 1135967 1136666 1137040 1137799 1138190 1139073 1140090 1140729 1140845 1140883 1141600 1142635 1142667 1143706 1144338 1144375 1144449 1144903 1145099 1146612 1148410 1149119 1150452 1150457 1150465 1150875 1151508 1152148 1152472 1152489 1152624 1152685 1152788 1152791 1153112 1153158 1153236 1153263 1153274 1153476 1153509 1153646 1153713 1153717 1153718 1153719 1153811 1153969 1154108 1154189 1154353 1154354 1154372 1154578 1154607 1154608 1154610 1154611 1154651 1154737 1154747 1154848 1154858 1154905 1155178 1155179 1155184 1155186 1155518 1155671 1155798 1156395 1167527 1170232 1170774 1171000 1171068 1171073 1171558 1171688 1171742 1172419 1172757 1172873 1173017 1173060 1173115 1173267 1173746 1174029 1174110 1174111 1174358 1174484 1174486 1174899 1175263 1175667 1175718 1175749 1175787 1175882 1175952 1175996 1175997 1175998 1175999 1176000 1176001 1176019 1176022 1176038 1176063 1176137 1176235 1176236 1176237 1176242 1176278 1176357 1176358 1176359 1176360 1176361 1176362 1176363 1176364 1176365 1176366 1176367 1176381 1176423 1176449 1176482 1176486 1176507 1176536 1176537 1176538 1176539 1176540 1176541 1176542 1176544 1176545 1176546 1176548 1176558 1176559 1176587 1176588 1176659 1176698 1176699 1176700 1176721 1176722 1176725 1176732 1176763 1176775 1176788 1176789 1176833 1176869 1176877 1176925 1176962 1176980 1176990 1177021 1177030 897890 898572 900941 908009 CVE-2009-0758 CVE-2010-2244 CVE-2011-0020 CVE-2011-0064 CVE-2011-1002 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2013-1989 CVE-2013-2066 CVE-2013-3571 CVE-2013-4282 CVE-2013-6369 CVE-2014-0004 CVE-2014-0019 CVE-2014-1568 CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 CVE-2014-1585 CVE-2014-1586 CVE-2014-1587 CVE-2014-1588 CVE-2014-1590 CVE-2014-1592 CVE-2014-1593 CVE-2014-1594 CVE-2014-1595 CVE-2014-3564 CVE-2014-7185 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2014-9907 CVE-2015-3247 CVE-2015-5260 CVE-2015-5261 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-0749 CVE-2016-10046 CVE-2016-10048 CVE-2016-10049 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10062 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10068 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071 CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2016-2150 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5118 CVE-2016-5384 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6153 CVE-2016-6491 CVE-2016-6520 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-7799 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8677 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2017-1000445 CVE-2017-1000476 CVE-2017-10800 CVE-2017-10928 CVE-2017-10995 CVE-2017-11141 CVE-2017-11166 CVE-2017-11170 CVE-2017-11188 CVE-2017-11403 CVE-2017-11446 CVE-2017-11448 CVE-2017-11449 CVE-2017-11450 CVE-2017-11478 CVE-2017-11505 CVE-2017-11523 CVE-2017-11524 CVE-2017-11525 CVE-2017-11526 CVE-2017-11527 CVE-2017-11528 CVE-2017-11529 CVE-2017-11530 CVE-2017-11531 CVE-2017-11532 CVE-2017-11533 CVE-2017-11534 CVE-2017-11535 CVE-2017-11537 CVE-2017-11539 CVE-2017-11638 CVE-2017-11639 CVE-2017-11640 CVE-2017-11642 CVE-2017-11644 CVE-2017-11724 CVE-2017-11750 CVE-2017-11751 CVE-2017-11752 CVE-2017-12140 CVE-2017-12418 CVE-2017-12427 CVE-2017-12428 CVE-2017-12429 CVE-2017-12430 CVE-2017-12431 CVE-2017-12432 CVE-2017-12433 CVE-2017-12434 CVE-2017-12435 CVE-2017-12563 CVE-2017-12564 CVE-2017-12565 CVE-2017-12566 CVE-2017-12587 CVE-2017-12640 CVE-2017-12641 CVE-2017-12642 CVE-2017-12643 CVE-2017-12644 CVE-2017-12654 CVE-2017-12662 CVE-2017-12663 CVE-2017-12664 CVE-2017-12665 CVE-2017-12667 CVE-2017-12668 CVE-2017-12669 CVE-2017-12670 CVE-2017-12671 CVE-2017-12672 CVE-2017-12673 CVE-2017-12674 CVE-2017-12675 CVE-2017-12676 CVE-2017-12691 CVE-2017-12692 CVE-2017-12693 CVE-2017-12935 CVE-2017-12983 CVE-2017-13058 CVE-2017-13059 CVE-2017-13060 CVE-2017-13061 CVE-2017-13062 CVE-2017-13131 CVE-2017-13133 CVE-2017-13134 CVE-2017-13139 CVE-2017-13141 CVE-2017-13142 CVE-2017-13146 CVE-2017-13147 CVE-2017-13648 CVE-2017-13658 CVE-2017-13758 CVE-2017-13768 CVE-2017-13769 CVE-2017-14042 CVE-2017-14060 CVE-2017-14103 CVE-2017-14138 CVE-2017-14139 CVE-2017-14172 CVE-2017-14173 CVE-2017-14174 CVE-2017-14175 CVE-2017-14224 CVE-2017-14249 CVE-2017-14314 CVE-2017-14325 CVE-2017-14326 CVE-2017-14341 CVE-2017-14342 CVE-2017-14343 CVE-2017-14505 CVE-2017-14531 CVE-2017-14533 CVE-2017-14607 CVE-2017-14649 CVE-2017-14682 CVE-2017-14733 CVE-2017-14739 CVE-2017-14989 CVE-2017-14997 CVE-2017-15016 CVE-2017-15017 CVE-2017-15033 CVE-2017-15217 CVE-2017-15218 CVE-2017-15277 CVE-2017-15281 CVE-2017-15930 CVE-2017-16352 CVE-2017-16353 CVE-2017-16545 CVE-2017-16546 CVE-2017-16669 CVE-2017-17504 CVE-2017-17680 CVE-2017-17681 CVE-2017-17682 CVE-2017-17879 CVE-2017-17881 CVE-2017-17882 CVE-2017-17884 CVE-2017-17885 CVE-2017-17887 CVE-2017-17914 CVE-2017-17934 CVE-2017-18008 CVE-2017-18022 CVE-2017-18027 CVE-2017-18028 CVE-2017-18029 CVE-2017-18209 CVE-2017-18211 CVE-2017-18250 CVE-2017-18251 CVE-2017-18252 CVE-2017-18254 CVE-2017-18271 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511 CVE-2017-6502 CVE-2017-7436 CVE-2017-7606 CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8343 CVE-2017-8344 CVE-2017-8345 CVE-2017-8346 CVE-2017-8347 CVE-2017-8348 CVE-2017-8349 CVE-2017-8350 CVE-2017-8351 CVE-2017-8352 CVE-2017-8353 CVE-2017-8354 CVE-2017-8355 CVE-2017-8356 CVE-2017-8357 CVE-2017-8765 CVE-2017-8830 CVE-2017-9098 CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 CVE-2017-9261 CVE-2017-9262 CVE-2017-9269 CVE-2017-9405 CVE-2017-9407 CVE-2017-9409 CVE-2017-9439 CVE-2017-9440 CVE-2017-9500 CVE-2017-9501 CVE-2018-10177 CVE-2018-10804 CVE-2018-10805 CVE-2018-11251 CVE-2018-11655 CVE-2018-11656 CVE-2018-12207 CVE-2018-12599 CVE-2018-12600 CVE-2018-14434 CVE-2018-14435 CVE-2018-14436 CVE-2018-14437 CVE-2018-16323 CVE-2018-16329 CVE-2018-16413 CVE-2018-16640 CVE-2018-16642 CVE-2018-16643 CVE-2018-16644 CVE-2018-16645 CVE-2018-16749 CVE-2018-16750 CVE-2018-17965 CVE-2018-17966 CVE-2018-18016 CVE-2018-18024 CVE-2018-5246 CVE-2018-5247 CVE-2018-5357 CVE-2018-5685 CVE-2018-6405 CVE-2018-7443 CVE-2018-7470 CVE-2018-8804 CVE-2018-8960 CVE-2018-9018 CVE-2018-9133 CVE-2018-9135 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16995 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2020-0404 CVE-2020-0427 CVE-2020-0431 CVE-2020-0432 CVE-2020-14385 CVE-2020-14390 CVE-2020-25212 CVE-2020-25284 CVE-2020-26088 SUSE-SU-2020:2879-1
|
Platform(s): | openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
ImageMagick-7.0.7.29-lp150.1 is installed
OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed
OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
|
Definition Synopsis |
openSUSE Leap 15.1 is installed
AND Package Information
bluez-5.48-lp151.8.6 is installed
OR bluez-auto-enable-devices-5.48-lp151.8.6 is installed
OR bluez-cups-5.48-lp151.8.6 is installed
OR bluez-devel-5.48-lp151.8.6 is installed
OR bluez-devel-32bit-5.48-lp151.8.6 is installed
OR bluez-test-5.48-lp151.8.6 is installed
OR libbluetooth3-5.48-lp151.8.6 is installed
OR libbluetooth3-32bit-5.48-lp151.8.6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
strongswan-4.4.0-6.21 is installed
OR strongswan-doc-4.4.0-6.21 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
gimp-2.6.2-3.34.45 is installed
OR gimp-lang-2.6.2-3.34.45 is installed
OR gimp-plugins-python-2.6.2-3.34.45 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP4 is installed
AND Package Information
xen-4.4.2_12-23 is installed
OR xen-doc-html-4.4.2_12-23 is installed
OR xen-kmp-default-4.4.2_12_3.0.101_63-23 is installed
OR xen-kmp-pae-4.4.2_12_3.0.101_63-23 is installed
OR xen-libs-4.4.2_12-23 is installed
OR xen-libs-32bit-4.4.2_12-23 is installed
OR xen-tools-4.4.2_12-23 is installed
OR xen-tools-domU-4.4.2_12-23 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
avahi-0.6.31-20 is installed
OR avahi-lang-0.6.31-20 is installed
OR libavahi-client3-0.6.31-20 is installed
OR libavahi-client3-32bit-0.6.31-20 is installed
OR libavahi-common3-0.6.31-20 is installed
OR libavahi-common3-32bit-0.6.31-20 is installed
OR libavahi-core7-0.6.31-20 is installed
OR libdns_sd-0.6.31-20 is installed
OR libdns_sd-32bit-0.6.31-20 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
gpgme-1.5.1-1 is installed
OR libgpgme11-1.5.1-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND libspice-server1-0.12.7-6 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
fontconfig-2.11.1-7 is installed
OR fontconfig-32bit-2.11.1-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
ImageMagick-6.8.8.1-71.85 is installed
OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed
OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed
OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Legacy Software 15 is installed
AND Package Information
kernel-default-4.12.14-150.41 is installed
OR reiserfs-kmp-default-4.12.14-150.41 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed
AND Package Information
kernel-default-5.3.18-24.24 is installed
OR reiserfs-kmp-default-5.3.18-24.24 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND python-pywbem-0.7.0-4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
kgraft-patch-3_12_74-60_64_66-default-5-2 is installed
OR kgraft-patch-3_12_74-60_64_66-xen-5-2 is installed
OR kgraft-patch-SLE12-SP1_Update_23-5-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
gnome-shell-3.20.4-70 is installed
OR gnome-shell-browser-plugin-3.20.4-70 is installed
OR gnome-shell-lang-3.20.4-70 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
ntp-4.2.8p11-64.5 is installed
OR ntp-doc-4.2.8p11-64.5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND shadow-4.2.1-27.9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
gpg2-2.0.24-9.3 is installed
OR gpg2-lang-2.0.24-9.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND ant-1.9.4-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND sudo-1.8.20p2-3.14 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
kgraft-patch-4_4_175-94_79-default-6-2 is installed
OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
glibc-2.22-62.22 is installed
OR glibc-32bit-2.22-62.22 is installed
OR glibc-devel-2.22-62.22 is installed
OR glibc-devel-32bit-2.22-62.22 is installed
OR glibc-html-2.22-62.22 is installed
OR glibc-i18ndata-2.22-62.22 is installed
OR glibc-info-2.22-62.22 is installed
OR glibc-locale-2.22-62.22 is installed
OR glibc-locale-32bit-2.22-62.22 is installed
OR glibc-profile-2.22-62.22 is installed
OR glibc-profile-32bit-2.22-62.22 is installed
OR nscd-2.22-62.22 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
libgcrypt-1.6.1-16.62 is installed
OR libgcrypt20-1.6.1-16.62 is installed
OR libgcrypt20-32bit-1.6.1-16.62 is installed
OR libgcrypt20-hmac-1.6.1-16.62 is installed
OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
accountsservice-0.6.42-16.3 is installed
OR accountsservice-lang-0.6.42-16.3 is installed
OR libaccountsservice0-0.6.42-16.3 is installed
OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 7 is installed
AND Package Information
libecpg6-10.9-1.12 is installed
OR libpq5-10.9-1.12 is installed
OR libpq5-32bit-10.9-1.12 is installed
OR postgresql10-10.9-1.12 is installed
OR postgresql10-contrib-10.9-1.12 is installed
OR postgresql10-docs-10.9-1.12 is installed
OR postgresql10-libs-10.9-1.12 is installed
OR postgresql10-plperl-10.9-1.12 is installed
OR postgresql10-plpython-10.9-1.12 is installed
OR postgresql10-pltcl-10.9-1.12 is installed
OR postgresql10-server-10.9-1.12 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND ucode-intel-20190618-13.47 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND python-cryptography-2.0.3-3.3 is installed
|