Oval Definition:oval:org.opensuse.security:def:52578
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Important)
Description:





The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.



The following security bugs were fixed:

- CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.

The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735

- CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described 'Microarchitectural Data Sampling' attack.

The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).

The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251

- CVE-2019-0154: Fix a local denial of service via read of unprotected i915 registers. (bsc#1135966) - CVE-2019-0155: Fix privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967) - CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457). - CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903). - CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). - CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372). - CVE-2019-16232: Fix a potential NULL pointer dereference in the Marwell libertas driver (bsc#1150465) - CVE-2019-16234: iwlwifi pcie driver did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150452). - CVE-2019-17133: cfg80211 wireless extension did not reject a long SSID IE, leading to a Buffer Overflow (bsc#1153158). - CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788).

The following non-security bugs were fixed:

- 9p: avoid attaching writeback_fid on mmap with type PRIVATE (bsc#1051510). - acpi / CPPC: do not require the _PSD method (bsc#1051510). - acpi / processor: do not print errors for processorIDs == 0xff (bsc#1051510). - acpi: CPPC: Set pcc_data[pcc_ss_id] to NULL in acpi_cppc_processor_exit() (bsc#1051510). - act_mirred: Fix mirred_init_module error handling (bsc#1051510). - alsa: bebob: Fix prototype of helper function to return negative value (bsc#1051510). - alsa: hda - Add laptop imic fixup for ASUS M9V laptop (bsc#1051510). - alsa: hda - Apply AMD controller workaround for Raven platform (bsc#1051510). - alsa: hda - Define a fallback_pin_fixup_tbl for alc269 family (bsc#1051510). - alsa: hda - Drop unsol event handler for Intel HDMI codecs (bsc#1051510). - alsa: hda - Expand pin_match function to match upcoming new tbls (bsc#1051510). - alsa: hda - Inform too slow responses (bsc#1051510). - alsa: hda - Show the fatal CORB/RIRB error more clearly (bsc#1051510). - alsa: hda/hdmi: remove redundant assignment to variable pcm_idx (bsc#1051510). - alsa: hda/realtek - Add support for ALC623 (bsc#1051510). - alsa: hda/realtek - Add support for ALC711 (bsc#1051510). - alsa: hda/realtek - Blacklist PC beep for Lenovo ThinkCentre M73/93 (bsc#1051510). - alsa: hda/realtek - Check beep whitelist before assigning in all codecs (bsc#1051510). - alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510). - alsa: hda/realtek - Fix alienware headset mic (bsc#1051510). - alsa: hda/realtek: Reduce the Headphone static noise on XPS 9350/9360 (bsc#1051510). - alsa: hda/sigmatel - remove unused variable 'stac9200_core_init' (bsc#1051510). - alsa: hda: Add Elkhart Lake pci ID (bsc#1051510). - alsa: hda: Add Tigerlake/Jasperlake pci ID (bsc#1051510). - alsa: hda: Add support of Zhaoxin controller (bsc#1051510). - alsa: hda: Flush interrupts on disabling (bsc#1051510). - alsa: hda: Set fifo_size for both playback and capture streams (bsc#1051510). - alsa: i2c: ak4xxx-adda: Fix a possible null pointer dereference in build_adc_controls() (bsc#1051510). - alsa: line6: sizeof (byte) is always 1, use that fact (bsc#1051510). - alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510). - alsa: usb-audio: Add Pioneer DDJ-SX3 PCM quirck (bsc#1051510). - alsa: usb-audio: Disable quirks for BOSS Katana amplifiers (bsc#1051510). - alsa: usb-audio: Skip bSynchAddress endpoint check if it is invalid (bsc#1051510). - appletalk: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30). - asoc: Define a set of DAPM pre/post-up events (bsc#1051510). - asoc: Intel: Fix use of potentially uninitialized variable (bsc#1051510). - asoc: Intel: NHLT: Fix debug print format (bsc#1051510). - asoc: dmaengine: Make the pcm->name equal to pcm->id if the name is not set (bsc#1051510). - asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510). - asoc: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510). - asoc: sgtl5000: Fix charge pump source assignment (bsc#1051510). - auxdisplay: panel: need to delete scan_timer when misc_register fails in panel_attach (bsc#1051510). - ax25: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - blk-wbt: abstract out end IO completion handler (bsc#1135873). - blk-wbt: fix has-sleeper queueing check (bsc#1135873). - blk-wbt: improve waking of tasks (bsc#1135873). - blk-wbt: move disable check into get_limit() (bsc#1135873). - blk-wbt: use wq_has_sleeper() for wq active check (bsc#1135873). - block: add io timeout to sysfs (bsc#1148410). - block: do not show io_timeout if driver has no timeout handler (bsc#1148410). - bluetooth: btrtl: Additional Realtek 8822CE Bluetooth devices (bsc#1051510). - bnx2x: Fix VF's VLAN reconfiguration in reload (bsc#1086323 ). - boot: Sign non-x86 kernels when possible (boo#1134303) - bpf: fix use after free in prog symbol exposure (bsc#1083647). - bridge/mdb: remove wrong use of NLM_F_MULTI (networking-stable-19_09_15). - btrfs: Ensure btrfs_init_dev_replace_tgtdev sees up to date values (bsc#1154651). - btrfs: Ensure replaced device does not have pending chunk allocation (bsc#1154607). - btrfs: bail out gracefully rather than BUG_ON (bsc#1153646). - btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178). - btrfs: check for the full sync flag while holding the inode lock during fsync (bsc#1153713). - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - btrfs: remove wrong use of volume_mutex from btrfs_dev_replace_start (bsc#1154651). - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - can: mcp251x: mcp251x_hw_reset(): allow more time after a reset (bsc#1051510). - can: xilinx_can: xcan_probe(): skip error message on deferred probe (bsc#1051510). - cdc_ether: fix rndis support for Mediatek based smartphones (networking-stable-19_09_15). - cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize (bsc#1051510). - ceph: fix directories inode i_blkbits initialization (bsc#1153717). - ceph: reconnect connection if session hang in opening state (bsc#1153718). - ceph: update the mtime when truncating up (bsc#1153719). - cfg80211: Purge frame registrations on iftype change (bsc#1051510). - cfg80211: add and use strongly typed element iteration macros (bsc#1051510). - clk: at91: select parent if main oscillator or bypass is enabled (bsc#1051510). - clk: qoriq: Fix -Wunused-const-variable (bsc#1051510). - clk: sirf: Do not reference clk_init_data after registration (bsc#1051510). - clk: zx296718: Do not reference clk_init_data after registration (bsc#1051510). - crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737). - crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510). - crypto: af_alg - consolidation of duplicate code (bsc#1154737). - crypto: af_alg - fix race accessing cipher request (bsc#1154737). - crypto: af_alg - remove locking in async callback (bsc#1154737). - crypto: af_alg - update correct dst SGL entry (bsc#1051510). - crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737). - crypto: algif - return error code when no data was processed (bsc#1154737). - crypto: algif_aead - copy AAD from src to dst (bsc#1154737). - crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737). - crypto: algif_aead - overhaul memory management (bsc#1154737). - crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737). - crypto: algif_skcipher - overhaul memory management (bsc#1154737). - crypto: talitos - fix missing break in switch statement (bsc#1142635). - cxgb4: Signedness bug in init_one() (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584). - cxgb4: fix endianness for vlan value in cxgb4_tc_flower (bsc#1064802 bsc#1066129). - cxgb4: offload VLAN flows regardless of VLAN ethtype (bsc#1064802 bsc#1066129). - cxgb4: reduce kernel stack usage in cudbg_collect_mem_region() (bsc#1073513). - cxgb4: smt: Add lock for atomic_dec_and_test (bsc#1064802 bsc#1066129). - cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05). - dasd_fba: Display '00000000' for zero page when dumping sense (bsc#1123080). - drm/amd/powerplay/smu7: enforce minimal VBITimeout (v2) (bsc#1051510). - drm/amdgpu/si: fix ASIC tests (git-fixes). - drm/amdgpu: Check for valid number of registers to read (bsc#1051510). - drm/ast: Fixed reboot test may cause system hanged (bsc#1051510). - drm/bridge: tc358767: Increase AUX transfer length limit (bsc#1051510). - drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510). - drm/i915/cmdparser: Add support for backward jumps (bsc#1135967) - drm/i915/cmdparser: Ignore Length operands during command matching (bsc#1135967) - drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967) - drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967) - drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967) - drm/i915/gtt: Disable read-only support under GVT (bsc#1135967) - drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967) - drm/i915: Add gen9 BCS cmdparsing (bsc#1135967) - drm/i915: Add support for mandatory cmdparsing (bsc#1135967) - drm/i915: Allow parsing of unsized batches (bsc#1135967) - drm/i915: Disable Secure Batches for gen6+ - drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967) - drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#1135967) - drm/i915: Remove Master tables from cmdparser - drm/i915: Rename gen7 cmdparser tables (bsc#1135967) - drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967) - drm/msm/dsi: Implement reset correctly (bsc#1051510). - drm/panel: simple: fix AUO g185han01 horizontal blanking (bsc#1051510). - drm/radeon: Fix EEH during kexec (bsc#1051510). - drm/tilcdc: Register cpufreq notifier after we have initialized crtc (bsc#1051510). - drm/vmwgfx: Fix double free in vmw_recv_msg() (bsc#1051510). - drm: Flush output polling on shutdown (bsc#1051510). - e1000e: add workaround for possible stalled packet (bsc#1051510). - efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510). - efi: cper: print AER info of pcie fatal error (bsc#1051510). - efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510). - firmware: dmi: Fix unlikely out-of-bounds read in save_mem_devices (git-fixes). - gpu: drm: radeon: Fix a possible null-pointer dereference in radeon_connector_set_property() (bsc#1051510). - hid: apple: Fix stuck function keys when using FN (bsc#1051510). - hid: fix error message in hid_open_report() (bsc#1051510). - hid: hidraw: Fix invalid read in hidraw_ioctl (bsc#1051510). - hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510). - hid: logitech: Fix general protection fault caused by Logitech driver (bsc#1051510). - hid: prodikeys: Fix general protection fault during probe (bsc#1051510). - hid: sony: Fix memory corruption issue on cleanup (bsc#1051510). - hso: fix NULL-deref on tty open (bsc#1051510). - hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap' (bsc#1051510). - hwrng: core - do not wait on add_early_randomness() (git-fixes). - hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905). - i2c: riic: Clear NACK in tend isr (bsc#1051510). - ib/core, ipoib: Do not overreact to SM LID change event (bsc#1154108) - ib/core: Add mitigation for Spectre V1 (bsc#1155671) - ib/hfi1: Remove overly conservative VM_EXEC flag check (bsc#1144449). - ib/mlx5: Consolidate use_umr checks into single function (bsc#1093205). - ib/mlx5: Fix MR re-registration flow to use UMR properly (bsc#1093205). - ib/mlx5: Report correctly tag matching rendezvous capability (bsc#1046305). - ieee802154: atusb: fix use-after-free at disconnect (bsc#1051510). - ieee802154: ca8210: prevent memory leak (bsc#1051510). - ieee802154: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - iio: adc: ad799x: fix probe error handling (bsc#1051510). - iio: light: opt3001: fix mutex unlock race (bsc#1051510). - ima: always return negative code for error (bsc#1051510). - input: da9063 - fix capability and drop KEY_SLEEP (bsc#1051510). - input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510). - integrity: prevent deadlock during digsig verification (bsc#1090631). - iommu/amd: Apply the same IVRS IOAPIC workaround to Acer Aspire A315-41 (bsc#1137799). - iommu/amd: Check PM_LEVEL_SIZE() condition in locked section (bsc#1154608). - iommu/amd: Override wrong IVRS IOAPIC on Raven Ridge systems (bsc#1137799). - iommu/amd: Remove domain->updated (bsc#1154610). - iommu/amd: Wait for completion of IOTLB flush in attach_device (bsc#1154611). - ipmi_si: Only schedule continuously in the thread in maintenance mode (bsc#1051510). - ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' (networking-stable-19_09_15). - ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05). - ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05). - ixgbe: Prevent u8 wrapping of ITR value to something less than 10us (bsc#1101674). - ixgbe: sync the first fragment unconditionally (bsc#1133140). - kABI workaround for crypto/af_alg changes (bsc#1154737). - kABI workaround for drm_vma_offset_node readonly field addition (bsc#1135967) - kABI workaround for snd_hda_pick_pin_fixup() changes (bsc#1051510). - kabi/severities: Whitelist functions internal to radix mm. To call these functions you have to first detect if you are running in radix mm mode which can't be expected of OOT code. - kabi: net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05). - kernel-binary: Drop .kernel-binary.spec.buildenv (boo#1154578). - kernel-binary: check also bzImage on s390/s390x Starting with 4.19-rc1, uncompressed image is no longer built on s390x. - kernel-subpackage-build: create zero size ghost for uncompressed vmlinux (bsc#1154354). It is not strictly necessary to uncompress it so maybe the ghost file can be 0 size in this case. - kernel/sysctl.c: do not override max_threads provided by userspace (bnc#1150875). - ksm: cleanup stable_node chain collapse case (bnc#1144338). - ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338). - ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338). - ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338). - ksm: swap the two output parameters of chain/chain_prune (bnc#1144338). - kvm: Convert kvm_lock to a mutex (bsc#1117665). - kvm: MMU: drop vcpu param in gpte_access (bsc#1117665). - kvm: PPC: Book3S HV: use smp_mb() when setting/clearing host_ipi flag (bsc#1061840). - kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665). - kvm: x86, powerpc: do not allow clearing largepages debugfs entry (bsc#1117665). - kvm: x86: Do not release the page inside mmu_set_spte() (bsc#1117665). - kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (bsc#1117665). - kvm: x86: adjust kvm_mmu_page member to save 8 bytes (bsc#1117665). - kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (bsc#1117665). - kvm: x86: make FNAME(fetch) and __direct_map more similar (bsc#1117665). - kvm: x86: mmu: Recovery of shattered NX large pages (bsc#1117665, CVE-2018-12207). - kvm: x86: remove now unneeded hugepage gfn adjustment (bsc#1117665). - lib/mpi: Fix karactx leak in mpi_powm (bsc#1051510). - libertas: Add missing sentinel at end of if_usb.c fw_table (bsc#1051510). - mISDN: enforce CAP_NET_RAW for raw sockets (bsc#1051510). - mac80211: Reject malformed SSID elements (bsc#1051510). - mac80211: accept deauth frames in ibSS mode (bsc#1051510). - mac80211: fix txq null pointer dereference (bsc#1051510). - macsec: drop skb sk before calling gro_cells_receive (bsc#1051510). - md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090). - md/raid0: fix warning message for parameter default_layout (bsc#1140090). - media: atmel: atmel-isc: fix asd memory allocation (bsc#1135642). - media: cpia2_usb: fix memory leaks (bsc#1051510). - media: dvb-core: fix a memory leak bug (bsc#1051510). - media: exynos4-is: fix leaked of_node references (bsc#1051510). - media: gspca: zero usb_buf on error (bsc#1051510). - media: hdpvr: Add device num check and handling (bsc#1051510). - media: hdpvr: add terminating 0 at end of string (bsc#1051510). - media: i2c: ov5645: Fix power sequence (bsc#1051510). - media: iguanair: add sanity checks (bsc#1051510). - media: omap3isp: Do not set streaming state on random subdevs (bsc#1051510). - media: omap3isp: Set device on omap3isp subdevs (bsc#1051510). - media: ov9650: add a sanity check (bsc#1051510). - media: radio/si470x: kill urb on error (bsc#1051510). - media: saa7134: fix terminology around saa7134_i2c_eeprom_md7134_gate() (bsc#1051510). - media: saa7146: add cleanup in hexium_attach() (bsc#1051510). - media: sn9c20x: Add MSI MS-1039 laptop to flip_dmi_table (bsc#1051510). - media: stkwebcam: fix runtime PM after driver unbind (bsc#1051510). - media: ttusb-dec: Fix info-leak in ttusb_dec_send_command() (bsc#1051510). - mem: /dev/mem: Bail out upon SIGKILL (git-fixes). - memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' (bsc#1051510). - mfd: intel-lpss: Remove D3cold delay (bsc#1051510). - mld: fix memory leak in mld_del_delrec() (networking-stable-19_09_05). - mmc: sdhci-of-esdhc: set DMA snooping based on DMA coherence (bsc#1051510). - mmc: sdhci: Fix incorrect switch to HS mode (bsc#1051510). - mmc: sdhci: improve ADMA error reporting (bsc#1051510). - net/ibmvnic: Fix EOI when running in XIVE mode (bsc#1089644, ltc#166495, ltc#165544, git-fixes). - net/mlx4_en: fix a memory leak bug (bsc#1046299). - net/mlx5: Add device ID of upcoming BlueField-2 (bsc#1046303 ). - net/mlx5: Fix error handling in mlx5_load() (bsc#1046305 ). - net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30). - net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05). - net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848). - net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848). - net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30). - net: Fix null de-reference of device refcount (networking-stable-19_09_15). - net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612). - net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05). - net: fix skb use after free in netpoll (networking-stable-19_09_05). - net: gso: Fix skb_segment splat when splitting gso_size mangled skb having linear-headed frag_list (networking-stable-19_09_15). - net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes). - net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05). - net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30). - net: sched: act_sample: fix psample group handling on overwrite (networking-stable-19_09_05). - net: stmmac: dwmac-rk: Do not fail if phy regulator is absent (networking-stable-19_09_05). - net_sched: add policy validation for action attributes (networking-stable-19_09_30). - net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes). - netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612). - nfc: enforce CAP_NET_RAW for raw sockets (bsc#1152788 CVE-2019-17056). - nfc: fix attrs checks in netlink interface (bsc#1051510). - nfc: fix memory leak in llcp_sock_bind() (bsc#1051510). - nfc: pn533: fix use-after-free and memleaks (bsc#1051510). - nfs: NFSv4 Check the return value of update_open_stateid (boo#1154189 bsc#1154747). - nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624). - nl80211: fix null pointer dereference (bsc#1051510). - objtool: Clobber user CFLAGS variable (bsc#1153236). - openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30). - packaging: add support for riscv64 - pci: Correct pci=resource_alignment parameter example (bsc#1051510). - pci: PM: Fix pci_power_up() (bsc#1051510). - pci: dra7xx: Fix legacy INTD IRQ handling (bsc#1087092). - pci: hv: Use bytes 4 and 5 from instance ID as the pci domain numbers (bsc#1153263). - pinctrl: tegra: Fix write barrier placement in pmx_writel (bsc#1051510). - platform/x86: classmate-laptop: remove unused variable (bsc#1051510). - platform/x86: pmc_atom: Add Siemens SIMATIC IPC277E to critclk_systems DMI table (bsc#1051510). - power: supply: sysfs: ratelimit property read error message (bsc#1051510). - powerpc/64s/pseries: radix flush translations before MMU is enabled at boot (bsc#1055186). - powerpc/64s/radix: keep kernel ERAT over local process/guest invalidates (bsc#1055186). - powerpc/64s/radix: tidy up TLB flushing code (bsc#1055186). - powerpc/64s: Rename PPC_INVALIDATE_ERAT to PPC_ISA_3_0_INVALIDATE_ERAT (bsc#1055186). - powerpc/mm/book3s64: Move book3s64 code to pgtable-book3s64 (bsc#1055186). - powerpc/mm/radix: mark __radix__flush_tlb_range_psize() as __always_inline (bsc#1055186). - powerpc/mm/radix: mark as __tlbie_pid() and friends as__always_inline (bsc#1055186). - powerpc/mm: Properly invalidate when setting process table base (bsc#1055186). - powerpc/mm: mark more tlb functions as __always_inline (bsc#1055186). - powerpc/pseries/mobility: use cond_resched when updating device tree (bsc#1153112 ltc#181778). - powerpc/pseries: Remove confusing warning message (bsc#1109158). - powerpc/rtas: allow rescheduling while changing cpu states (bsc#1153112 ltc#181778). - qed: iWARP - Fix default window size to be based on chip (bsc#1050536 bsc#1050545). - qed: iWARP - Fix tc for MPA ll2 connection (bsc#1050536 bsc#1050545). - qed: iWARP - Use READ_ONCE and smp_store_release to access ep->state (bsc#1050536 bsc#1050545). - qed: iWARP - fix uninitialized callback (bsc#1050536 bsc#1050545). - qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05). - r8152: Set macpassthru in reset_resume callback (bsc#1051510). - rdma/bnxt_re: Fix spelling mistake 'missin_resp' -> 'missing_resp' (bsc#1050244). - rdma: Fix goto target to release the allocated memory (bsc#1050244). - rds: Fix warning (bsc#1154848). - rpm/config.sh: Enable livepatch. - rpm/constraints.in: lower disk space required for ARM With a requirement of 35GB, only 2 slow workers are usable for ARM. Current aarch64 build requires 27G and armv6/7 requires 14G. Set requirements respectively to 30GB and 20GB. - rpm/dtb.spec.in.in: do not make dtb directory inaccessible There is no reason to lock down the dtb directory for ordinary users. - rpm/kernel-binary.spec.in: Fix kernel-livepatch description typo. - rpm/kernel-binary.spec.in: build kernel-*-kgraft only for default SLE kernel RT and Azure variants are excluded for the moment. (bsc#1141600) - rpm/kernel-binary.spec.in: handle modules.builtin.modinfo It was added in 5.2. - rpm/kernel-binary.spec.in: support partial rt debug config. - rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119). - rpm/macros.kernel-source: KMPs should depend on kmod-compat to build. kmod-compat links are used in find-provides.ksyms, find-requires.ksyms, and find-supplements.ksyms in rpm-config-SUSE. - rpm/mkspec: Correct tarball URL for rc kernels. - rpm/mkspec: Make building DTBs optional. - rpm/modflist: Simplify compression support. - rpm: raise required disk space for binary packages Current disk space constraints (10 GB on s390x, 25 GB on other architectures) no longer suffice for 5.3 kernel builds. The statistics show ~30 GB of disk consumption on x86_64 and ~11 GB on s390x so raise the constraints to 35 GB in general and 14 GB on s390x. - rpm: support compressed modules Some of our scripts and scriptlets in rpm/ do not expect module files not ending with '.ko' which currently leads to failure in preuninstall scriptlet of cluster-md-kmp-default (and probably also other subpackages). Let those which could be run on compressed module files recognize '.ko.xz' in addition to '.ko'. - rtlwifi: rtl8192cu: Fix value set in descriptor (bsc#1142635). - s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476). - sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05). - sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05). - sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (networking-stable-19_09_15). - sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30). - sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254). - scripts/arch-symbols: add missing link. - scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040). - scsi: lpfc: Fix null ptr oops updating lpfc_devloss_tmo via sysfs attribute (bsc#1140845). - scsi: lpfc: Fix propagation of devloss_tmo setting to nvme transport (bsc#1140883). - scsi: lpfc: Remove bg debugfs buffers (bsc#1144375). - scsi: qedf: Modify abort and tmf handler to handle edge condition and flush (bsc#1098291). - scsi: qedf: fc_rport_priv reference counting fixes (bsc#1098291). - scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457 CVE-2019-16233). - scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#1123034). - scsi: storvsc: setup 1:1 mapping between hardware queue and CPU queue (bsc#1140729). - sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (networking-stable-19_09_15). - sctp: use transport pf_retrans in sctp_do_8_2_transport_strike (networking-stable-19_09_15). - skge: fix checksum byte order (networking-stable-19_09_30). - sock_diag: fix autoloading of the raw_diag module (bsc#1152791). - sock_diag: request _diag module only when the family or proto has been registered (bsc#1152791). - staging: vt6655: Fix memory leak in vt6655_probe (bsc#1051510). - staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#1051510). - supporte.conf: add efivarfs to kernel-default-base (bsc#1154858). - tcp: Do not dequeue SYN/FIN-segments from write-queue (git-gixes). - tcp: fix tcp_ecn_withdraw_cwr() to clear TCP_ECN_QUEUE_CWR (networking-stable-19_09_15). - tcp: inherit timestamp on mtu probe (networking-stable-19_09_05). - tcp: remove empty skb from write queue in error cases (networking-stable-19_09_05). - thermal: Fix use-after-free when unregistering thermal zone device (bsc#1051510). - thermal_hwmon: Sanitize thermal_zone type (bsc#1051510). - tipc: add NULL pointer check before calling kfree_rcu (networking-stable-19_09_15). - tipc: fix unlimited bundling of small messages (networking-stable-19_10_05). - tracing: Initialize iter->seq after zeroing in tracing_read_pipe() (bsc#1151508). - tun: fix use-after-free when register netdev failed (networking-stable-19_09_15). - tuntap: correctly set SOCKWQ_ASYNC_NOSPACE (bsc#1145099). - usb: adutux: fix NULL-derefs on disconnect (bsc#1142635). - usb: adutux: fix use-after-free on disconnect (bsc#1142635). - usb: adutux: fix use-after-free on release (bsc#1051510). - usb: chaoskey: fix use-after-free on release (bsc#1051510). - usb: dummy-hcd: fix power budget for SuperSpeed mode (bsc#1051510). - usb: iowarrior: fix use-after-free after driver unbind (bsc#1051510). - usb: iowarrior: fix use-after-free on disconnect (bsc#1051510). - usb: iowarrior: fix use-after-free on release (bsc#1051510). - usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510). - usb: ldusb: fix memleak on disconnect (bsc#1051510). - usb: ldusb: fix read info leaks (bsc#1051510). - usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510). - usb: legousbtower: fix deadlock on disconnect (bsc#1142635). - usb: legousbtower: fix memleak on disconnect (bsc#1051510). - usb: legousbtower: fix open after failed reset request (bsc#1142635). - usb: legousbtower: fix potential NULL-deref on disconnect (bsc#1142635). - usb: legousbtower: fix slab info leak at probe (bsc#1142635). - usb: legousbtower: fix use-after-free on release (bsc#1051510). - usb: microtek: fix info-leak at probe (bsc#1142635). - usb: serial: fix runtime PM after driver unbind (bsc#1051510). - usb: serial: ftdi_sio: add device IDs for Sienna and Echelon PL-20 (bsc#1051510). - usb: serial: keyspan: fix NULL-derefs on open() and write() (bsc#1051510). - usb: serial: option: add Telit FN980 compositions (bsc#1051510). - usb: serial: option: add support for Cinterion CLS8 devices (bsc#1051510). - usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510). - usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510). - usb: usb-skeleton: fix NULL-deref on disconnect (bsc#1051510). - usb: usb-skeleton: fix runtime PM after driver unbind (bsc#1051510). - usb: usb-skeleton: fix use-after-free after driver unbind (bsc#1051510). - usb: usblcd: fix I/O after disconnect (bsc#1142635). - usb: usblp: fix runtime PM after driver unbind (bsc#1051510). - usb: usblp: fix use-after-free on disconnect (bsc#1051510). - usb: xhci: wait for CNR controller not ready bit in xhci resume (bsc#1051510). - usb: yurex: Do not retry on unexpected errors (bsc#1051510). - usb: yurex: fix NULL-derefs on disconnect (bsc#1051510). - usbnet: ignore endpoints with invalid wMaxPacketSize (bsc#1051510). - usbnet: sanity checking of packet sizes and device mtu (bsc#1051510). - vfio_pci: Restore original state on release (bsc#1051510). - vfs: Make filldir[64]() verify the directory entry filename is valid (bsc#1144903). - vhost_net: conditionally enable tx polling (bsc#1145099). - video: of: display_timing: Add of_node_put() in of_get_display_timing() (bsc#1051510). - vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05). - watchdog: imx2_wdt: fix min() calculation in imx2_wdt_set_timeout (bsc#1051510). - x86/asm: Fix MWAITX C-state hint value (bsc#1114279). - x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969). - x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969). - x86/mm: Use WRITE_ONCE() when setting PTEs (bsc#1114279). - x86/tsx: Add config options to set tsx=on|off|auto (bsc#1139073, CVE-2019-11135). - xen/netback: fix error path of xenvif_connect_data() (bsc#1065600). - xen/pv: Fix Xen PV guest int3 handling (bsc#1153811). - xhci: Check all endpoints for LPM timeout (bsc#1051510). - xhci: Fix false warning message about wrong bounce buffer write length (bsc#1051510). - xhci: Increase STS_SAVE timeout in xhci_suspend() (bsc#1051510). - xhci: Prevent device initiated U1/U2 link pm if exit latency is too long (bsc#1051510).
Family:unixClass:patch
Status:Reference(s):1046299
1046303
1046305
1050244
1050536
1050545
1051510
1055186
1058115
1061840
1064802
1065600
1065729
1066129
1073513
1082635
1083647
1086323
1087092
1089644
1090631
1093205
1094244
1096254
1097583
1097584
1097585
1097586
1097587
1097588
1098291
1101674
1109158
1114279
1117665
1119461
1119465
1123034
1123080
1133140
1134303
1135642
1135854
1135873
1135966
1135967
1136666
1137040
1137799
1138190
1139073
1140090
1140729
1140845
1140883
1141600
1142635
1142667
1143706
1144338
1144375
1144449
1144903
1145099
1146612
1148410
1149119
1150452
1150457
1150465
1150875
1151508
1152148
1152472
1152489
1152624
1152685
1152788
1152791
1153112
1153158
1153236
1153263
1153274
1153476
1153509
1153646
1153713
1153717
1153718
1153719
1153811
1153969
1154108
1154189
1154353
1154354
1154372
1154578
1154607
1154608
1154610
1154611
1154651
1154737
1154747
1154848
1154858
1154905
1155178
1155179
1155184
1155186
1155518
1155671
1155798
1156395
1167527
1170232
1170774
1171000
1171068
1171073
1171558
1171688
1171742
1172419
1172757
1172873
1173017
1173060
1173115
1173267
1173746
1174029
1174110
1174111
1174358
1174484
1174486
1174899
1175263
1175667
1175718
1175749
1175787
1175882
1175952
1175996
1175997
1175998
1175999
1176000
1176001
1176019
1176022
1176038
1176063
1176137
1176235
1176236
1176237
1176242
1176278
1176357
1176358
1176359
1176360
1176361
1176362
1176363
1176364
1176365
1176366
1176367
1176381
1176423
1176449
1176482
1176486
1176507
1176536
1176537
1176538
1176539
1176540
1176541
1176542
1176544
1176545
1176546
1176548
1176558
1176559
1176587
1176588
1176659
1176698
1176699
1176700
1176721
1176722
1176725
1176732
1176763
1176775
1176788
1176789
1176833
1176869
1176877
1176925
1176962
1176980
1176990
1177021
1177030
897890
898572
900941
908009
CVE-2009-0758
CVE-2010-2244
CVE-2011-0020
CVE-2011-0064
CVE-2011-1002
CVE-2012-0247
CVE-2012-0248
CVE-2012-1185
CVE-2012-1186
CVE-2013-1989
CVE-2013-2066
CVE-2013-3571
CVE-2013-4282
CVE-2013-6369
CVE-2014-0004
CVE-2014-0019
CVE-2014-1568
CVE-2014-1574
CVE-2014-1575
CVE-2014-1576
CVE-2014-1577
CVE-2014-1578
CVE-2014-1581
CVE-2014-1583
CVE-2014-1585
CVE-2014-1586
CVE-2014-1587
CVE-2014-1588
CVE-2014-1590
CVE-2014-1592
CVE-2014-1593
CVE-2014-1594
CVE-2014-1595
CVE-2014-3564
CVE-2014-7185
CVE-2014-8354
CVE-2014-8355
CVE-2014-8562
CVE-2014-8716
CVE-2014-9805
CVE-2014-9806
CVE-2014-9807
CVE-2014-9808
CVE-2014-9809
CVE-2014-9810
CVE-2014-9811
CVE-2014-9812
CVE-2014-9813
CVE-2014-9814
CVE-2014-9815
CVE-2014-9816
CVE-2014-9817
CVE-2014-9818
CVE-2014-9819
CVE-2014-9820
CVE-2014-9821
CVE-2014-9822
CVE-2014-9823
CVE-2014-9824
CVE-2014-9825
CVE-2014-9826
CVE-2014-9828
CVE-2014-9829
CVE-2014-9830
CVE-2014-9831
CVE-2014-9832
CVE-2014-9833
CVE-2014-9834
CVE-2014-9835
CVE-2014-9836
CVE-2014-9837
CVE-2014-9838
CVE-2014-9839
CVE-2014-9840
CVE-2014-9841
CVE-2014-9842
CVE-2014-9843
CVE-2014-9844
CVE-2014-9845
CVE-2014-9846
CVE-2014-9847
CVE-2014-9848
CVE-2014-9849
CVE-2014-9850
CVE-2014-9851
CVE-2014-9852
CVE-2014-9853
CVE-2014-9854
CVE-2014-9907
CVE-2015-3247
CVE-2015-5260
CVE-2015-5261
CVE-2015-8894
CVE-2015-8895
CVE-2015-8896
CVE-2015-8897
CVE-2015-8898
CVE-2015-8900
CVE-2015-8901
CVE-2015-8902
CVE-2015-8903
CVE-2015-8957
CVE-2015-8958
CVE-2015-8959
CVE-2016-0749
CVE-2016-10046
CVE-2016-10048
CVE-2016-10049
CVE-2016-10050
CVE-2016-10051
CVE-2016-10052
CVE-2016-10059
CVE-2016-10060
CVE-2016-10061
CVE-2016-10062
CVE-2016-10063
CVE-2016-10064
CVE-2016-10065
CVE-2016-10068
CVE-2016-10069
CVE-2016-10070
CVE-2016-10071
CVE-2016-10144
CVE-2016-10145
CVE-2016-10146
CVE-2016-2150
CVE-2016-3714
CVE-2016-3715
CVE-2016-3716
CVE-2016-3717
CVE-2016-3718
CVE-2016-4562
CVE-2016-4563
CVE-2016-4564
CVE-2016-5010
CVE-2016-5118
CVE-2016-5384
CVE-2016-5687
CVE-2016-5688
CVE-2016-5689
CVE-2016-5690
CVE-2016-5691
CVE-2016-5841
CVE-2016-5842
CVE-2016-6153
CVE-2016-6491
CVE-2016-6520
CVE-2016-6823
CVE-2016-7101
CVE-2016-7513
CVE-2016-7514
CVE-2016-7515
CVE-2016-7516
CVE-2016-7517
CVE-2016-7518
CVE-2016-7519
CVE-2016-7520
CVE-2016-7521
CVE-2016-7522
CVE-2016-7523
CVE-2016-7524
CVE-2016-7525
CVE-2016-7526
CVE-2016-7527
CVE-2016-7528
CVE-2016-7529
CVE-2016-7530
CVE-2016-7531
CVE-2016-7532
CVE-2016-7533
CVE-2016-7534
CVE-2016-7535
CVE-2016-7537
CVE-2016-7538
CVE-2016-7539
CVE-2016-7540
CVE-2016-7799
CVE-2016-7800
CVE-2016-7996
CVE-2016-7997
CVE-2016-8677
CVE-2016-8682
CVE-2016-8683
CVE-2016-8684
CVE-2016-8707
CVE-2016-8862
CVE-2016-8866
CVE-2016-9556
CVE-2016-9559
CVE-2016-9773
CVE-2017-1000445
CVE-2017-1000476
CVE-2017-10800
CVE-2017-10928
CVE-2017-10995
CVE-2017-11141
CVE-2017-11166
CVE-2017-11170
CVE-2017-11188
CVE-2017-11403
CVE-2017-11446
CVE-2017-11448
CVE-2017-11449
CVE-2017-11450
CVE-2017-11478
CVE-2017-11505
CVE-2017-11523
CVE-2017-11524
CVE-2017-11525
CVE-2017-11526
CVE-2017-11527
CVE-2017-11528
CVE-2017-11529
CVE-2017-11530
CVE-2017-11531
CVE-2017-11532
CVE-2017-11533
CVE-2017-11534
CVE-2017-11535
CVE-2017-11537
CVE-2017-11539
CVE-2017-11638
CVE-2017-11639
CVE-2017-11640
CVE-2017-11642
CVE-2017-11644
CVE-2017-11724
CVE-2017-11750
CVE-2017-11751
CVE-2017-11752
CVE-2017-12140
CVE-2017-12418
CVE-2017-12427
CVE-2017-12428
CVE-2017-12429
CVE-2017-12430
CVE-2017-12431
CVE-2017-12432
CVE-2017-12433
CVE-2017-12434
CVE-2017-12435
CVE-2017-12563
CVE-2017-12564
CVE-2017-12565
CVE-2017-12566
CVE-2017-12587
CVE-2017-12640
CVE-2017-12641
CVE-2017-12642
CVE-2017-12643
CVE-2017-12644
CVE-2017-12654
CVE-2017-12662
CVE-2017-12663
CVE-2017-12664
CVE-2017-12665
CVE-2017-12667
CVE-2017-12668
CVE-2017-12669
CVE-2017-12670
CVE-2017-12671
CVE-2017-12672
CVE-2017-12673
CVE-2017-12674
CVE-2017-12675
CVE-2017-12676
CVE-2017-12691
CVE-2017-12692
CVE-2017-12693
CVE-2017-12935
CVE-2017-12983
CVE-2017-13058
CVE-2017-13059
CVE-2017-13060
CVE-2017-13061
CVE-2017-13062
CVE-2017-13131
CVE-2017-13133
CVE-2017-13134
CVE-2017-13139
CVE-2017-13141
CVE-2017-13142
CVE-2017-13146
CVE-2017-13147
CVE-2017-13648
CVE-2017-13658
CVE-2017-13758
CVE-2017-13768
CVE-2017-13769
CVE-2017-14042
CVE-2017-14060
CVE-2017-14103
CVE-2017-14138
CVE-2017-14139
CVE-2017-14172
CVE-2017-14173
CVE-2017-14174
CVE-2017-14175
CVE-2017-14224
CVE-2017-14249
CVE-2017-14314
CVE-2017-14325
CVE-2017-14326
CVE-2017-14341
CVE-2017-14342
CVE-2017-14343
CVE-2017-14505
CVE-2017-14531
CVE-2017-14533
CVE-2017-14607
CVE-2017-14649
CVE-2017-14682
CVE-2017-14733
CVE-2017-14739
CVE-2017-14989
CVE-2017-14997
CVE-2017-15016
CVE-2017-15017
CVE-2017-15033
CVE-2017-15217
CVE-2017-15218
CVE-2017-15277
CVE-2017-15281
CVE-2017-15930
CVE-2017-16352
CVE-2017-16353
CVE-2017-16545
CVE-2017-16546
CVE-2017-16669
CVE-2017-17504
CVE-2017-17680
CVE-2017-17681
CVE-2017-17682
CVE-2017-17879
CVE-2017-17881
CVE-2017-17882
CVE-2017-17884
CVE-2017-17885
CVE-2017-17887
CVE-2017-17914
CVE-2017-17934
CVE-2017-18008
CVE-2017-18022
CVE-2017-18027
CVE-2017-18028
CVE-2017-18029
CVE-2017-18209
CVE-2017-18211
CVE-2017-18250
CVE-2017-18251
CVE-2017-18252
CVE-2017-18254
CVE-2017-18271
CVE-2017-5506
CVE-2017-5507
CVE-2017-5508
CVE-2017-5510
CVE-2017-5511
CVE-2017-6502
CVE-2017-7436
CVE-2017-7606
CVE-2017-7941
CVE-2017-7942
CVE-2017-7943
CVE-2017-8343
CVE-2017-8344
CVE-2017-8345
CVE-2017-8346
CVE-2017-8347
CVE-2017-8348
CVE-2017-8349
CVE-2017-8350
CVE-2017-8351
CVE-2017-8352
CVE-2017-8353
CVE-2017-8354
CVE-2017-8355
CVE-2017-8356
CVE-2017-8357
CVE-2017-8765
CVE-2017-8830
CVE-2017-9098
CVE-2017-9141
CVE-2017-9142
CVE-2017-9143
CVE-2017-9144
CVE-2017-9261
CVE-2017-9262
CVE-2017-9269
CVE-2017-9405
CVE-2017-9407
CVE-2017-9409
CVE-2017-9439
CVE-2017-9440
CVE-2017-9500
CVE-2017-9501
CVE-2018-10177
CVE-2018-10804
CVE-2018-10805
CVE-2018-11251
CVE-2018-11655
CVE-2018-11656
CVE-2018-12207
CVE-2018-12599
CVE-2018-12600
CVE-2018-14434
CVE-2018-14435
CVE-2018-14436
CVE-2018-14437
CVE-2018-16323
CVE-2018-16329
CVE-2018-16413
CVE-2018-16640
CVE-2018-16642
CVE-2018-16643
CVE-2018-16644
CVE-2018-16645
CVE-2018-16749
CVE-2018-16750
CVE-2018-17965
CVE-2018-17966
CVE-2018-18016
CVE-2018-18024
CVE-2018-5246
CVE-2018-5247
CVE-2018-5357
CVE-2018-5685
CVE-2018-6405
CVE-2018-7443
CVE-2018-7470
CVE-2018-8804
CVE-2018-8960
CVE-2018-9018
CVE-2018-9133
CVE-2018-9135
CVE-2019-0154
CVE-2019-0155
CVE-2019-10220
CVE-2019-11135
CVE-2019-16232
CVE-2019-16233
CVE-2019-16234
CVE-2019-16995
CVE-2019-17056
CVE-2019-17133
CVE-2019-17666
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-14385
CVE-2020-14390
CVE-2020-25212
CVE-2020-25284
CVE-2020-26088
SUSE-SU-2020:2879-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Legacy Software 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ImageMagick-7.0.7.29-lp150.1 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bluez-5.48-lp151.8.6 is installed
  • OR bluez-auto-enable-devices-5.48-lp151.8.6 is installed
  • OR bluez-cups-5.48-lp151.8.6 is installed
  • OR bluez-devel-5.48-lp151.8.6 is installed
  • OR bluez-devel-32bit-5.48-lp151.8.6 is installed
  • OR bluez-test-5.48-lp151.8.6 is installed
  • OR libbluetooth3-5.48-lp151.8.6 is installed
  • OR libbluetooth3-32bit-5.48-lp151.8.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • strongswan-4.4.0-6.21 is installed
  • OR strongswan-doc-4.4.0-6.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gimp-2.6.2-3.34.45 is installed
  • OR gimp-lang-2.6.2-3.34.45 is installed
  • OR gimp-plugins-python-2.6.2-3.34.45 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.2_12-23 is installed
  • OR xen-doc-html-4.4.2_12-23 is installed
  • OR xen-kmp-default-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-kmp-pae-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-libs-4.4.2_12-23 is installed
  • OR xen-libs-32bit-4.4.2_12-23 is installed
  • OR xen-tools-4.4.2_12-23 is installed
  • OR xen-tools-domU-4.4.2_12-23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • avahi-0.6.31-20 is installed
  • OR avahi-lang-0.6.31-20 is installed
  • OR libavahi-client3-0.6.31-20 is installed
  • OR libavahi-client3-32bit-0.6.31-20 is installed
  • OR libavahi-common3-0.6.31-20 is installed
  • OR libavahi-common3-32bit-0.6.31-20 is installed
  • OR libavahi-core7-0.6.31-20 is installed
  • OR libdns_sd-0.6.31-20 is installed
  • OR libdns_sd-32bit-0.6.31-20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gpgme-1.5.1-1 is installed
  • OR libgpgme11-1.5.1-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND libspice-server1-0.12.7-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • fontconfig-2.11.1-7 is installed
  • OR fontconfig-32bit-2.11.1-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.85 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.41 is installed
  • OR reiserfs-kmp-default-4.12.14-150.41 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.24 is installed
  • OR reiserfs-kmp-default-5.3.18-24.24 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND python-pywbem-0.7.0-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_66-default-5-2 is installed
  • OR kgraft-patch-3_12_74-60_64_66-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_23-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • gnome-shell-3.20.4-70 is installed
  • OR gnome-shell-browser-plugin-3.20.4-70 is installed
  • OR gnome-shell-lang-3.20.4-70 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND shadow-4.2.1-27.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • gpg2-2.0.24-9.3 is installed
  • OR gpg2-lang-2.0.24-9.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ant-1.9.4-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND sudo-1.8.20p2-3.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.62 is installed
  • OR libgcrypt20-1.6.1-16.62 is installed
  • OR libgcrypt20-32bit-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-cryptography-2.0.3-3.3 is installed
  • BACK