Oval Definition:oval:org.opensuse.security:def:52933
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Critical)
Description:

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724). - CVE-2020-24490: Fixed a heap buffer overflow when processing extended advertising report events aka 'BleedingTooth' aka 'BadVibes' (bsc#1177726). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725). - CVE-2020-25641: Fixed a zero-length biovec request issued by the block subsystem could have caused the kernel to enter an infinite loop, causing a denial of service (bsc#1177121). - CVE-2020-25643: Fixed a memory corruption and a read overflow which could have caused by improper input validation in the ppp_cp_parse_cr function (bsc#1177206). - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511).

The following non-security bugs were fixed:

- 9p: Fix memory leak in v9fs_mount (git-fixes). - ACPI: EC: Reference count query handlers under lock (git-fixes). - airo: Fix read overflows sending packets (git-fixes). - ar5523: Add USB ID of SMCWUSBT-G2 wireless adapter (git-fixes). - arm64: Enable PCI write-combine resources under sysfs (bsc#1175807). - ASoC: img-i2s-out: Fix runtime PM imbalance on error (git-fixes). - ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 (git-fixes). - ASoC: kirkwood: fix IRQ error handling (git-fixes). - ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions (git-fixes). - ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 (git-fixes). - ata: ahci: mvebu: Make SATA PHY optional for Armada 3720 (git-fixes). - ath10k: fix array out-of-bounds access (git-fixes). - ath10k: fix memory leak for tpc_stats_final (git-fixes). - ath10k: use kzalloc to read for ath10k_sdio_hif_diag_read (git-fixes). - Bluetooth: Fix refcount use-after-free issue (git-fixes). - Bluetooth: guard against controllers sending zero'd events (git-fixes). - Bluetooth: Handle Inquiry Cancel error after Inquiry Complete (git-fixes). - Bluetooth: L2CAP: handle l2cap config request during open state (git-fixes). - Bluetooth: prefetch channel before killing sock (git-fixes). - brcmfmac: Fix double freeing in the fmac usb data path (git-fixes). - btrfs: block-group: do not set the wrong READA flag for btrfs_read_block_groups() (bsc#1176019). - btrfs: block-group: fix free-space bitmap threshold (bsc#1176019). - btrfs: block-group: refactor how we delete one block group item (bsc#1176019). - btrfs: block-group: refactor how we insert a block group item (bsc#1176019). - btrfs: block-group: refactor how we read one block group item (bsc#1176019). - btrfs: block-group: rename write_one_cache_group() (bsc#1176019). - btrfs: check the right error variable in btrfs_del_dir_entries_in_log (bsc#1177687). - btrfs: do not set the full sync flag on the inode during page release (bsc#1177687). - btrfs: do not take an extra root ref at allocation time (bsc#1176019). - btrfs: drop logs when we've aborted a transaction (bsc#1176019). - btrfs: fix a race between scrub and block group removal/allocation (bsc#1176019). - Btrfs: fix crash during unmount due to race with delayed inode workers (bsc#1176019). - btrfs: fix race between page release and a fast fsync (bsc#1177687). - btrfs: free block groups after free'ing fs trees (bsc#1176019). - btrfs: hold a ref on the root on the dead roots list (bsc#1176019). - btrfs: kill the subvol_srcu (bsc#1176019). - btrfs: make btrfs_cleanup_fs_roots use the radix tree lock (bsc#1176019). - btrfs: make inodes hold a ref on their roots (bsc#1176019). - btrfs: make the extent buffer leak check per fs info (bsc#1176019). - btrfs: move ino_cache_inode dropping out of btrfs_free_fs_root (bsc#1176019). - btrfs: move the block group freeze/unfreeze helpers into block-group.c (bsc#1176019). - btrfs: move the root freeing stuff into btrfs_put_root (bsc#1176019). - btrfs: only commit delayed items at fsync if we are logging a directory (bsc#1177687). - btrfs: only commit the delayed inode when doing a full fsync (bsc#1177687). - btrfs: reduce contention on log trees when logging checksums (bsc#1177687). - btrfs: release old extent maps during page release (bsc#1177687). - btrfs: remove no longer necessary chunk mutex locking cases (bsc#1176019). - btrfs: remove no longer needed use of log_writers for the log root tree (bsc#1177687). - btrfs: rename member 'trimming' of block group to a more generic name (bsc#1176019). - btrfs: scrub, only lookup for csums if we are dealing with a data extent (bsc#1176019). - btrfs: stop incremening log_batch for the log root tree when syncing log (bsc#1177687). - bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal (git-fixes). - clk: samsung: exynos4: mark 'chipid' clock as CLK_IGNORE_UNUSED (git-fixes). - clk: socfpga: stratix10: fix the divider for the emac_ptp_free_clk (git-fixes). - clk: tegra: Always program PLL_E when enabled (git-fixes). - clk/ti/adpll: allocate room for terminating null (git-fixes). - clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() (git-fixes). - clocksource/drivers/timer-gx6605s: Fixup counter reload (git-fixes). - create Storage / NVMe subsection - crypto: algif_aead - Do not set MAY_BACKLOG on the async path (git-fixes). - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes). - crypto: bcm - Verify GCM/CCM key length in setkey (git-fixes). - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes). - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes). - crypto: omap-sham - fix digcnt register handling with export/import (git-fixes). - crypto: picoxcell - Fix potential race condition bug (git-fixes). - crypto: qat - check cipher length for aead AES-CBC-HMAC-SHA (git-fixes). - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes). - Disable CONFIG_LIVEPATCH_IPA_CLONES where not needed Explicitly disable CONFIG_LIVEPATCH_IPA_CLONES in configs where it is not needed to avoid confusion and unwanted values due to fragment config files. - dmaengine: mediatek: hsdma_probe: fixed a memory leak when devm_request_irq fails (git-fixes). - dmaengine: stm32-dma: use vchan_terminate_vdesc() in .terminate_all (git-fixes). - dmaengine: stm32-mdma: use vchan_terminate_vdesc() in .terminate_all (git-fixes). - dmaengine: tegra-apb: Prevent race conditions on channel's freeing (git-fixes). - dmaengine: zynqmp_dma: fix burst length configuration (git-fixes). - dma-fence: Serialise signal enabling (dma_fence_enable_sw_signaling) (git-fixes). - drivers: char: tlclk.c: Avoid data race between init and interrupt handler (git-fixes). - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config (git-fixes). - drm/radeon: revert 'Prefer lower feedback dividers' (bsc#1177384). - drop Storage / bsc#1171688 subsection No effect on expanded tree. - e1000: Do not perform reset in reset_task if we are already down (git-fixes). - ftrace: Move RCU is watching check after recursion check (git-fixes). - fuse: do not ignore errors from fuse_writepages_fill() (bsc#1177193). - gpio: mockup: fix resource leak in error path (git-fixes). - gpio: rcar: Fix runtime PM imbalance on error (git-fixes). - gpio: siox: explicitly support only threaded irqs (git-fixes). - gpio: sprd: Clear interrupt when setting the type as edge (git-fixes). - gpio: tc35894: fix up tc35894 interrupt configuration (git-fixes). - hwmon: (applesmc) check status earlier (git-fixes). - hwmon: (mlxreg-fan) Fix double 'Mellanox' (git-fixes). - hwmon: (pmbus/max34440) Fix status register reads for MAX344{51,60,61} (git-fixes). - i2c: aspeed: Mask IRQ status to relevant bits (git-fixes). - i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() (git-fixes). - i2c: cpm: Fix i2c_ram structure (git-fixes). - i2c: i801: Exclude device from suspend direct complete optimization (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - i2c: meson: fixup rate calculation with filter delay (git-fixes). - i2c: owl: Clear NACK and BUS error bits (git-fixes). - i2c: tegra: Prevent interrupt triggering after transfer timeout (git-fixes). - i2c: tegra: Restore pinmux on system resume (git-fixes). - ieee802154/adf7242: check status of adf7242_read_reg (git-fixes). - ieee802154: fix one possible memleak in ca8210_dev_com_init (git-fixes). - iio: adc: qcom-spmi-adc5: fix driver name (git-fixes). - ima: extend boot_aggregate with kernel measurements (bsc#1177617). - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515 (bsc#954532). - iommu/amd: Fix IOMMU AVIC not properly update the is_run bit in IRTE (bsc#1177297). - iommu/amd: Fix potential @entry null deref (bsc#1177283). - iommu/amd: Re-factor guest virtual APIC (de-)activation code (bsc#1177284). - iommu/amd: Restore IRTE.RemapEn bit for amd_iommu_activate_guest_mode (bsc#1177285). - iommu/exynos: add missing put_device() call in exynos_iommu_of_xlate() (bsc#1177286). - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - kabi fix for NFS: Fix flexfiles read failover (git-fixes). - kabi: Fix kABI for 12856e7acde4 PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - kabi/severities: ignore kABI for target_core_rbd Match behaviour for all other Ceph specific modules. - kernel-binary.spec.in: Exclude .config.old from kernel-devel - use tar excludes for .kernel-binary.spec.buildenv - kernel-binary.spec.in: Package the obj_install_dir as explicit filelist. - leds: mlxreg: Fix possible buffer overflow (git-fixes). - libceph-add-support-for-CMPEXT-compare-extent-reques.patch: (bsc#1177090). - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - mac80211: skip mpath lookup also for control port tx (git-fixes). - mac802154: tx: fix use-after-free (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - media: camss: Fix a reference count leak (git-fixes). - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes). - media: mc-device.c: fix memleak in media_device_register_entity (git-fixes). - media: mx2_emmaprp: Fix memleak in emmaprp_probe (git-fixes). - media: omap3isp: Fix memleak in isp_probe (git-fixes). - media: ov5640: Correct Bit Div register in clock tree diagram (git-fixes). - media: platform: fcp: Fix a reference count leak (git-fixes). - media: rcar-csi2: Allocate v4l2_async_subdev dynamically (git-fixes). - media: rcar-vin: Fix a reference count leak (git-fixes). - media: rc: do not access device via sysfs after rc_unregister_device() (git-fixes). - media: rc: uevent sysfs file races with rc_unregister_device() (git-fixes). - media: Revert 'media: exynos4-is: Add missed check for pinctrl_lookup_state()' (git-fixes). - media: rockchip/rga: Fix a reference count leak (git-fixes). - media: s5p-mfc: Fix a reference count leak (git-fixes). - media: smiapp: Fix error handling at NVM reading (git-fixes). - media: staging/intel-ipu3: css: Correctly reset some memory (git-fixes). - media: stm32-dcmi: Fix a reference count leak (git-fixes). - media: tc358743: cleanup tc358743_cec_isr (git-fixes). - media: tc358743: initialize variable (git-fixes). - media: ti-vpe: cal: Restrict DMA to avoid memory corruption (git-fixes). - media: ti-vpe: Fix a missing check and reference count leak (git-fixes). - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes). - media: usbtv: Fix refcounting mixup (git-fixes). - media: uvcvideo: Set media controller entity functions (git-fixes). - media: uvcvideo: Silence shift-out-of-bounds warning (git-fixes). - media: v4l2-async: Document asd allocation requirements (git-fixes). - mfd: mfd-core: Protect against NULL call-back function pointer (git-fixes). - mm: call cond_resched() from deferred_init_memmap() (git fixes (mm/init), bsc#1177697). - mmc: core: do not set limits.discard_granularity as 0 (git-fixes). - mmc: core: Rework wp-gpio handling (git-fixes). - mm, compaction: fully assume capture is not NULL in compact_zone_order() (git fixes (mm/compaction), bsc#1177681). - mm, compaction: make capture control handling safe wrt interrupts (git fixes (mm/compaction), bsc#1177681). - mmc: sdhci-acpi: AMDI0040: Set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes). - mmc: sdhci: Add LTR support for some Intel BYT based controllers (git-fixes). - mmc: sdhci: Workaround broken command queuing on Intel GLK based IRBIS models (git-fixes). - mm/debug.c: always print flags in dump_page() (git fixes (mm/debug)). - mm: initialize deferred pages with interrupts enabled (git fixes (mm/init), bsc#1177697). - mm/memcontrol.c: lost css_put in memcg_expand_shrinker_maps() (bsc#1177694). - mm/migrate.c: also overwrite error when it is bigger than zero (git fixes (mm/move_pages), bsc#1177683). - mm: move_pages: report the number of non-attempted pages (git fixes (mm/move_pages), bsc#1177683). - mm: move_pages: return valid node id in status if the page is already on the target node (git fixes (mm/move_pages), bsc#1177683). - mm/pagealloc.c: call touch_nmi_watchdog() on max order boundaries in deferred init (git fixes (mm/init), bsc#1177697). - mm, slab/slub: move and improve cache_from_obj() (mm/slub bsc#1165692). mm, slab/slub: improve error reporting and overhead of cache_from_obj() (mm/slub bsc#1165692). - mm, slub: extend checks guarded by slub_debug static key (mm/slub bsc#1165692). - mm, slub: extend slub_debug syntax for multiple blocks (mm/slub bsc#1165692). - mm, slub: introduce kmem_cache_debug_flags() (mm/slub bsc#1165692). - mm, slub: introduce static key for slub_debug() (mm/slub bsc#1165692). - mm, slub: make reclaim_account attribute read-only (mm/slub bsc#1165692). - mm, slub: make remaining slub_debug related attributes read-only (mm/slub bsc#1165692). - mm, slub: make some slub_debug related attributes read-only (mm/slub bsc#1165692). - mm, slub: remove runtime allocation order changes (mm/slub bsc#1165692). - mm, slub: restore initial kmem_cache flags (mm/slub bsc#1165692). - Move upstreamed intel-vbtn patch into sorted section - mt76: add missing locking around ampdu action (git-fixes). - mt76: clear skb pointers from rx aggregation reorder buffer during cleanup (git-fixes). - mt76: do not use devm API for led classdev (git-fixes). - mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw (git-fixes). - mt76: fix LED link time failure (git-fixes). - mtd: cfi_cmdset_0002: do not free cfi->cfiq in error path of cfi_amdstd_setup() (git-fixes). - mtd: rawnand: gpmi: Fix runtime PM imbalance on error (git-fixes). - mtd: rawnand: omap_elm: Fix runtime PM imbalance on error (git-fixes). - net: phy: realtek: fix rtl8211e rx/tx delay config (git-fixes). - nfsd4: fix NULL dereference in nfsd/clients display code (git-fixes). - NFS: Do not move layouts to plh_return_segs list while in use (git-fixes). - NFS: Do not return layout segments that are in use (git-fixes). - NFS: ensure correct writeback errors are returned on close() (git-fixes). - NFS: Fix flexfiles read failover (git-fixes). - NFS: Fix security label length not being reset (bsc#1176381). - NFS: nfs_file_write() should check for writeback errors (git-fixes). - NFSv4.2: fix client's attribute cache management for copy_file_range (git-fixes). - nvme-multipath: retry commands for dying queues (bsc#1171688). - patches.suse/target-compare-and-write-backend-driver-sense-handli.patch: (bsc#1177719). - patches.suse/target-rbd-detect-stripe_unit-SCSI-block-size-misali.patch (bsc#1177090). - patches.suse/target-rbd-support-COMPARE_AND_WRITE.patch: (fate#318836, bsc#1177090). - PCI: Avoid double hpmemsize MMIO window assignment (git-fixes). - PCI/IOV: Mark VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - PCI: tegra194: Fix runtime PM imbalance on error (git-fixes). - PCI: tegra: Fix runtime PM imbalance on error (git-fixes). - phy: ti: am654: Fix a leak in serdes_am654_probe() (git-fixes). - pinctrl: bcm: fix kconfig dependency warning when !GPIOLIB (git-fixes). - pinctrl: mvebu: Fix i2c sda definition for 98DX3236 (git-fixes). - Platform: OLPC: Fix memleak in olpc_ec_probe (git-fixes). - platform/x86: fix kconfig dependency warning for FUJITSU_LAPTOP (git-fixes). - platform/x86: fix kconfig dependency warning for LG_LAPTOP (git-fixes). - platform/x86: intel_pmc_core: do not create a static struct device (git-fixes). - platform/x86: intel-vbtn: Switch to an allow-list for SW_TABLET_MODE reporting (bsc#1175599). - platform/x86: thinkpad_acpi: initialize tp_nvram_state variable (git-fixes). - platform/x86: thinkpad_acpi: re-initialize ACPI buffer size when reuse (git-fixes). - pNFS/flexfiles: Ensure we initialise the mirror bsizes correctly on read (git-fixes). - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - power: supply: max17040: Correct voltage reading (git-fixes). - qla2xxx: Return EBUSY on fcport deletion (bsc#1171688). - r8169: fix data corruption issue on RTL8402 (bsc#1174098). - rbd-add-rbd_img_fill_cmp_and_write_from_bvecs.patch: (bsc#1177090). - rbd-add-support-for-COMPARE_AND_WRITE-CMPEXT.patch: (bsc#1177090). - RDMA/hfi1: Correct an interlock issue for TID RDMA WRITE request (bsc#1175621). - Refresh patches.suse/fnic-to-not-call-scsi_done-for-unhandled-commands.patch (bsc#1168468, bsc#1171675). - regulator: axp20x: fix LDO2/4 description (git-fixes). - regulator: resolve supply after creating regulator (git-fixes). - rename Other drivers / Intel IOMMU subsection to IOMMU - Rename patches to the same name as in SLE15-SP3. - Rename scsi-fnic-do-not-call-scsi_done-for-unhandled-commands.patch Fix typo in patch file name. - rtc: ds1374: fix possible race condition (git-fixes). - rtc: sa1100: fix possible race condition (git-fixes). - s390/pci: Mark all VFs as not implementing PCI_COMMAND_MEMORY (bsc#1176979). - sched/fair: Ignore cache hotness for SMT migration (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/fair: Use dst group while checking imbalance for NUMA balancer (bnc#1155798 (CPU scheduler functional and performance backports)). - sched/numa: Use runnable_avg to classify node (bnc#1155798 (CPU scheduler functional and performance backports)). - scsi: iscsi: iscsi_tcp: Avoid holding spinlock while calling getpeername() (bsc#1177258). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Add SLER and PI control support (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix memory size truncation (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Performance tweak (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1171688 bsc#1174003). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1171688 bsc#1174003). - serial: 8250: 8250_omap: Terminate DMA before pushing data on RX timeout (git-fixes). - serial: 8250_omap: Fix sleeping function called from invalid context during probe (git-fixes). - serial: 8250_port: Do not service RX FIFO if throttled (git-fixes). - serial: uartps: Wait for tx_empty in console setup (git-fixes). - spi: dw-pci: free previously allocated IRQs if desc->setup() fails (git-fixes). - spi: fsl-espi: Only process interrupts for expected events (git-fixes). - spi: omap2-mcspi: Improve performance waiting for CHSTAT (git-fixes). - spi: sprd: Release DMA channel also on probe deferral (git-fixes). - spi: stm32: Rate-limit the 'Communication suspended' message (git-fixes). - svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (git-fixes). - target-rbd-add-emulate_legacy_capacity-dev-attribute.patch: (bsc#1177109). - target-rbd-add-WRITE-SAME-support.patch: (bsc#1177090). - target-rbd-conditionally-fix-off-by-one-bug-in-get_b.patch: (bsc#1177109). - target-rbd-fix-unmap-discard-block-size-conversion.patch: (bsc#1177271). - target-rbd-fix-unmap-handling-with-unmap_zeroes_data.patch: (bsc#1177271). - thermal: rcar_thermal: Handle probe error gracefully (git-fixes). - Update config files. Enable ACPI_PCI_SLOT and HOTPLUG_PCI_ACPI (bsc#1177194). - USB: dwc3: Increase timeout for CmdAct cleared by device controller (git-fixes). - USB: EHCI: ehci-mv: fix error handling in mv_ehci_probe() (git-fixes). - USB: EHCI: ehci-mv: fix less than zero comparison of an unsigned int (git-fixes). - USB: gadget: f_ncm: Fix NDP16 datagram validation (git-fixes). - vfio/pci: Decouple PCI_COMMAND_MEMORY bit checks from is_virtfn (bsc#1176979). - virtio-net: do not disable guest csum when disable LRO (git-fixes). - vmxnet3: fix cksum offload issues for non-udp tunnels (git-fixes). - wlcore: fix runtime pm imbalance in wl1271_tx_work (git-fixes). - wlcore: fix runtime pm imbalance in wlcore_regdomain_config (git-fixes). - x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (bsc#1176907). - xen/events: do not use chip_data for legacy IRQs (bsc#1065600). - xprtrdma: fix incorrect header size calculations (git-fixes). - yam: fix possible memory leak in yam_init_driver (git-fixes).
Family:unixClass:patch
Status:Reference(s):1065600
1065729
1109412
1109413
1109414
1111996
1112534
1112535
1113247
1113252
1113255
1116827
1118644
1118830
1118831
1120640
1121034
1121035
1121056
1133131
1133232
1141913
1142772
1152590
1154016
1154025
1155798
1165692
1168468
1171675
1171688
1174003
1174098
1175599
1175621
1175807
1176019
1176400
1176907
1176979
1177090
1177109
1177121
1177193
1177194
1177206
1177258
1177271
1177283
1177284
1177285
1177286
1177297
1177384
1177511
1177617
1177681
1177683
1177687
1177694
1177697
1177719
1177724
1177725
1177726
947337
950998
951844
953048
954210
954532
954847
956491
957990
958324
962742
963655
963762
965087
966245
968667
970114
970506
971770
972933
973378
973499
974165
974308
974620
975531
975533
975772
975788
977417
978401
978469
978822
979074
979213
979419
979475
979485
979489
979521
979548
979681
979867
979879
979922
980348
980363
980371
980856
980883
981038
981143
981344
981597
982282
982354
982544
982575
982698
982745
983143
983213
983249
983318
983721
983904
983977
984148
984456
984755
984764
985232
985978
986362
986365
986569
986572
986573
986811
988215
988498
988552
988591
990058
990419
990856
993819
994749
994844
995075
995324
995359
995377
998190
999665
999666
999668
CVE-2008-4989
CVE-2009-4029
CVE-2011-0904
CVE-2011-0905
CVE-2011-1164
CVE-2011-4128
CVE-2011-4405
CVE-2012-0390
CVE-2012-1569
CVE-2012-1573
CVE-2014-0092
CVE-2014-1959
CVE-2014-2892
CVE-2014-3466
CVE-2014-3686
CVE-2014-5461
CVE-2014-8564
CVE-2014-9904
CVE-2015-0210
CVE-2015-0294
CVE-2015-1863
CVE-2015-3228
CVE-2015-3622
CVE-2015-5185
CVE-2015-6251
CVE-2015-7833
CVE-2015-8045
CVE-2015-8047
CVE-2015-8048
CVE-2015-8049
CVE-2015-8050
CVE-2015-8055
CVE-2015-8056
CVE-2015-8057
CVE-2015-8058
CVE-2015-8059
CVE-2015-8060
CVE-2015-8061
CVE-2015-8062
CVE-2015-8063
CVE-2015-8064
CVE-2015-8065
CVE-2015-8066
CVE-2015-8067
CVE-2015-8068
CVE-2015-8069
CVE-2015-8070
CVE-2015-8071
CVE-2015-8079
CVE-2015-8401
CVE-2015-8402
CVE-2015-8403
CVE-2015-8404
CVE-2015-8405
CVE-2015-8406
CVE-2015-8407
CVE-2015-8408
CVE-2015-8409
CVE-2015-8410
CVE-2015-8411
CVE-2015-8412
CVE-2015-8413
CVE-2015-8414
CVE-2015-8415
CVE-2015-8416
CVE-2015-8417
CVE-2015-8418
CVE-2015-8419
CVE-2015-8420
CVE-2015-8421
CVE-2015-8422
CVE-2015-8423
CVE-2015-8424
CVE-2015-8425
CVE-2015-8426
CVE-2015-8427
CVE-2015-8428
CVE-2015-8429
CVE-2015-8430
CVE-2015-8431
CVE-2015-8432
CVE-2015-8433
CVE-2015-8434
CVE-2015-8435
CVE-2015-8436
CVE-2015-8437
CVE-2015-8438
CVE-2015-8439
CVE-2015-8440
CVE-2015-8441
CVE-2015-8442
CVE-2015-8443
CVE-2015-8444
CVE-2015-8445
CVE-2015-8446
CVE-2015-8447
CVE-2015-8448
CVE-2015-8449
CVE-2015-8450
CVE-2015-8451
CVE-2015-8452
CVE-2015-8453
CVE-2015-8454
CVE-2015-8455
CVE-2015-8551
CVE-2015-8552
CVE-2015-8845
CVE-2016-0758
CVE-2016-1583
CVE-2016-2053
CVE-2016-2177
CVE-2016-2178
CVE-2016-2179
CVE-2016-2180
CVE-2016-2181
CVE-2016-2182
CVE-2016-2183
CVE-2016-3672
CVE-2016-4470
CVE-2016-4482
CVE-2016-4486
CVE-2016-4565
CVE-2016-4569
CVE-2016-4578
CVE-2016-4805
CVE-2016-4997
CVE-2016-5244
CVE-2016-5828
CVE-2016-5829
CVE-2016-6302
CVE-2016-6303
CVE-2016-6304
CVE-2016-6306
CVE-2016-6354
CVE-2016-7444
CVE-2016-8610
CVE-2017-10790
CVE-2017-13738
CVE-2017-13739
CVE-2017-13740
CVE-2017-13741
CVE-2017-13743
CVE-2017-13744
CVE-2017-5335
CVE-2017-5336
CVE-2017-5337
CVE-2018-1000876
CVE-2018-10844
CVE-2018-10845
CVE-2018-10846
CVE-2018-11440
CVE-2018-11577
CVE-2018-11683
CVE-2018-11684
CVE-2018-11685
CVE-2018-12085
CVE-2018-17358
CVE-2018-17359
CVE-2018-17360
CVE-2018-17985
CVE-2018-18309
CVE-2018-18483
CVE-2018-18484
CVE-2018-18605
CVE-2018-18606
CVE-2018-18607
CVE-2018-19931
CVE-2018-19932
CVE-2018-20623
CVE-2018-20651
CVE-2018-20671
CVE-2018-6323
CVE-2018-6543
CVE-2018-6759
CVE-2018-6872
CVE-2018-7208
CVE-2018-7568
CVE-2018-7569
CVE-2018-7570
CVE-2018-7642
CVE-2018-7643
CVE-2018-8945
CVE-2019-1010180
CVE-2020-12351
CVE-2020-12352
CVE-2020-24490
CVE-2020-25641
CVE-2020-25643
CVE-2020-25645
SUSE-SU-2015:2247-1
SUSE-SU-2016:2105-1
SUSE-SU-2016:2394-1
SUSE-SU-2016:2397-1
SUSE-SU-2019:2779-1
SUSE-SU-2020:2980-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • flatpak-0.10.4-lp150.2 is installed
  • OR libflatpak0-0.10.4-lp150.2 is installed
  • OR typelib-1_0-Flatpak-1_0-0.10.4-lp150.2 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • SDL2-2.0.8-lp151.4.3 is installed
  • OR libSDL2-2_0-0-2.0.8-lp151.4.3 is installed
  • OR libSDL2-2_0-0-32bit-2.0.8-lp151.4.3 is installed
  • OR libSDL2-devel-2.0.8-lp151.4.3 is installed
  • OR libSDL2-devel-32bit-2.0.8-lp151.4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libreoffice-3.5.4.13-0.3 is installed
  • OR libreoffice-base-3.5.4.13-0.3 is installed
  • OR libreoffice-base-drivers-postgresql-3.5.4.13-0.3 is installed
  • OR libreoffice-base-extensions-3.5.4.13-0.3 is installed
  • OR libreoffice-calc-3.5.4.13-0.3 is installed
  • OR libreoffice-calc-extensions-3.5.4.13-0.3 is installed
  • OR libreoffice-draw-3.5.4.13-0.3 is installed
  • OR libreoffice-draw-extensions-3.5.4.13-0.3 is installed
  • OR libreoffice-filters-optional-3.5.4.13-0.3 is installed
  • OR libreoffice-gnome-3.5.4.13-0.3 is installed
  • OR libreoffice-help-cs-3.5.4.13-0.3 is installed
  • OR libreoffice-help-da-3.5.4.13-0.3 is installed
  • OR libreoffice-help-de-3.5.4.13-0.3 is installed
  • OR libreoffice-help-en-GB-3.5.4.13-0.3 is installed
  • OR libreoffice-help-en-US-3.5.4.13-0.3 is installed
  • OR libreoffice-help-es-3.5.4.13-0.3 is installed
  • OR libreoffice-help-fr-3.5.4.13-0.3 is installed
  • OR libreoffice-help-gu-IN-3.5.4.13-0.3 is installed
  • OR libreoffice-help-hi-IN-3.5.4.13-0.3 is installed
  • OR libreoffice-help-hu-3.5.4.13-0.3 is installed
  • OR libreoffice-help-it-3.5.4.13-0.3 is installed
  • OR libreoffice-help-ja-3.5.4.13-0.3 is installed
  • OR libreoffice-help-ko-3.5.4.13-0.3 is installed
  • OR libreoffice-help-nl-3.5.4.13-0.3 is installed
  • OR libreoffice-help-pl-3.5.4.13-0.3 is installed
  • OR libreoffice-help-pt-3.5.4.13-0.3 is installed
  • OR libreoffice-help-pt-BR-3.5.4.13-0.3 is installed
  • OR libreoffice-help-ru-3.5.4.13-0.3 is installed
  • OR libreoffice-help-sv-3.5.4.13-0.3 is installed
  • OR libreoffice-help-zh-CN-3.5.4.13-0.3 is installed
  • OR libreoffice-help-zh-TW-3.5.4.13-0.3 is installed
  • OR libreoffice-icon-themes-3.5.4.13-0.3 is installed
  • OR libreoffice-impress-3.5.4.13-0.3 is installed
  • OR libreoffice-impress-extensions-3.5.4.13-0.3 is installed
  • OR libreoffice-kde-3.5.4.13-0.3 is installed
  • OR libreoffice-kde4-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-af-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-ar-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-ca-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-cs-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-da-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-de-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-en-GB-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-es-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-fi-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-fr-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-gu-IN-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-hi-IN-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-hu-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-it-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-ja-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-ko-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-nb-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-nl-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-nn-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-pl-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-pt-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-pt-BR-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-ru-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-sk-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-sv-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-xh-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-zh-CN-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-zh-TW-3.5.4.13-0.3 is installed
  • OR libreoffice-l10n-zu-3.5.4.13-0.3 is installed
  • OR libreoffice-mailmerge-3.5.4.13-0.3 is installed
  • OR libreoffice-math-3.5.4.13-0.3 is installed
  • OR libreoffice-mono-3.5.4.13-0.3 is installed
  • OR libreoffice-officebean-3.5.4.13-0.3 is installed
  • OR libreoffice-pyuno-3.5.4.13-0.3 is installed
  • OR libreoffice-writer-3.5.4.13-0.3 is installed
  • OR libreoffice-writer-extensions-3.5.4.13-0.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND libaugeas0-0.9.0-3.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • bytefx-data-mysql-2.6.7-0.16 is installed
  • OR ibm-data-db2-2.6.7-0.16 is installed
  • OR mono-core-2.6.7-0.16 is installed
  • OR mono-data-2.6.7-0.16 is installed
  • OR mono-data-firebird-2.6.7-0.16 is installed
  • OR mono-data-oracle-2.6.7-0.16 is installed
  • OR mono-data-postgresql-2.6.7-0.16 is installed
  • OR mono-data-sqlite-2.6.7-0.16 is installed
  • OR mono-data-sybase-2.6.7-0.16 is installed
  • OR mono-devel-2.6.7-0.16 is installed
  • OR mono-extras-2.6.7-0.16 is installed
  • OR mono-jscript-2.6.7-0.16 is installed
  • OR mono-locale-extras-2.6.7-0.16 is installed
  • OR mono-nunit-2.6.7-0.16 is installed
  • OR mono-wcf-2.6.7-0.16 is installed
  • OR mono-web-2.6.7-0.16 is installed
  • OR mono-winforms-2.6.7-0.16 is installed
  • OR monodoc-core-2.6.7-0.16 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • flash-player-11.2.202.554-114 is installed
  • OR flash-player-gnome-11.2.202.554-114 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND libmms0-0.6.2-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • ghostscript-9.15-6 is installed
  • OR ghostscript-x11-9.15-6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND m4-1.4.16-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gnutls-3.3.27-3.3 is installed
  • OR libgnutls28-3.3.27-3.3 is installed
  • OR libgnutls28-32bit-3.3.27-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • binutils-2.32-7.5 is installed
  • OR binutils-gold-2.32-7.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-default-5.3.18-24.29 is installed
  • OR kernel-default-livepatch-5.3.18-24.29 is installed
  • OR kernel-default-livepatch-devel-5.3.18-24.29 is installed
  • OR kernel-livepatch-5_3_18-24_29-default-1-5.3 is installed
  • OR kernel-livepatch-SLE15-SP2_Update_5-1-5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.40.2-1 is installed
  • OR librsvg-2-2-2.40.2-1 is installed
  • OR librsvg-2-2-32bit-2.40.2-1 is installed
  • OR rsvg-view-2.40.2-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_99-default-9-2 is installed
  • OR kgraft-patch-3_12_74-60_64_99-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_30-9-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-10 is installed
  • OR libcolord2-32bit-1.3.3-10 is installed
  • OR libcolorhug2-1.3.3-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • gstreamer-0_10-plugins-base-0.10.36-18.3 is installed
  • OR gstreamer-0_10-plugins-base-32bit-0.10.36-18.3 is installed
  • OR libgstapp-0_10-0-32bit-0.10.36-18.3 is installed
  • OR libgstinterfaces-0_10-0-32bit-0.10.36-18.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • openslp-2.0.0-18.15 is installed
  • OR openslp-32bit-2.0.0-18.15 is installed
  • OR openslp-server-2.0.0-18.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache-commons-httpclient-3.1-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_178-94_91-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_25-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.58 is installed
  • OR libgcrypt20-1.6.1-16.58 is installed
  • OR libgcrypt20-32bit-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-1.6.1-16.58 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.58 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR bzip2-doc-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND memcached-1.4.15-1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.6 is installed
  • OR libssh2-1-32bit-1.4.3-20.6 is installed
  • OR libssh2_org-1.4.3-20.6 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND git-2.12.3-27.17 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
  • BACK