Revision Date: | 2021-06-08 | Version: | 1 |
Title: | Security update for the Linux Kernel (Important) |
Description: |
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic operations by the BPF verifier could be abused to perform out-of-bounds reads and writes in kernel memory (bsc#1186484). - CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This could lead to writing an arbitrary values. (bsc#1186111) - CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. (bnc#1186062) - CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed local attackers to elevate their privileges. (bnc#1186060) - CVE-2021-3491: Fixed a potential heap overflow in mem_rw(). This vulnerability is related to the PROVIDE_BUFFERS operation, which allowed the MAX_RW_COUNT limit to be bypassed (bsc#1185642). - CVE-2021-32399: Fixed a race condition when removing the HCI controller (bnc#1184611). - CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances this can be abused to inject arbitrary network packets and/or exfiltrate user data (bnc#1185859). - CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed (bnc#1185859 bnc#1185862). - CVE-2020-26147: The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments, even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used (bnc#1185859). - CVE-2020-26145: An issue was discovered with Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. (bnc#1185860) - CVE-2020-26141: An issue was discovered in the ALFA driver for AWUS036H, where the Message Integrity Check (authenticity) of fragmented TKIP frames was not verified. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. (bnc#1185987) - CVE-2021-23133: Fixed a race condition in SCTP sockets, which could lead to privilege escalation from the context of a network service or an unprivileged process. (bnc#1184675)
The following non-security bugs were fixed:
- ACPI / hotplug / PCI: Fix reference count leak in enable_slot() (git-fixes). - ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes). - ACPI: GTDT: Do not corrupt interrupt mappings on watchdow probe failure (git-fixes). - ACPI: custom_method: fix a possible memory leak (git-fixes). - ACPI: custom_method: fix potential use-after-free issue (git-fixes). - ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383). - ALSA: aloop: Fix initialization of controls (git-fixes). - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (git-fixes). - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect (git-fixes). - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer (git-fixes). - ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes). - ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes). - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices (git-fixes). - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (git-fixes). - ALSA: hdsp: do not disable if not enabled (git-fixes). - ALSA: hdspm: do not disable if not enabled (git-fixes). - ALSA: line6: Fix racy initialization of LINE6 MIDI (git-fixes). - ALSA: rme9652: do not disable if not enabled (git-fixes). - ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes). - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes). - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls (git-fixes). - ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails (git-fixes). - ARM: footbridge: fix PCI interrupt mapping (git-fixes). - ASoC: cs35l33: fix an error code in probe() (git-fixes). - ASoC: cs42l42: Regmap must use_single_read/write (git-fixes). - ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes). - ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes). - ASoC: rt286: Generalize support for ALC3263 codec (git-fixes). - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (git-fixes). - ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes). - Avoid potentially erroneos RST drop (bsc#1183947). - Bluetooth: SMP: Fail if remote and local public keys are identical (git-fixes). - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (git-fixes). - Bluetooth: initialize skb_queue_head at l2cap_chan_create() (git-fixes). - Do not drop out of segments RST if tcp_be_liberal is set (bsc#1183947). - Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185724). - Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185724). - Drivers: hv: vmbus: Use after free in __vmbus_open() (git-fixes). - EDAC/amd64: Gather hardware information early (bsc#1180552). - EDAC/amd64: Make struct amd64_family_type global (bsc#1180552). - EDAC/amd64: Save max number of controllers to family type (bsc#1180552). - HID: alps: fix error return code in alps_input_configured() (git-fixes). - HID: plantronics: Workaround for double volume key presses (git-fixes). - HID: wacom: Assign boolean values to a bool variable (git-fixes). - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (git-fixes). - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices (git-fixes). - Input: i8042 - fix Pegatron C15B ID entry (git-fixes). - Input: nspire-keypad - enable interrupts only when opened (git-fixes). - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state (git-fixes). - KVM: s390: fix guarded storage control register handling (bsc#1133021). - NFC: fix possible resource leak (git-fixes). - NFC: fix resource leak when target index is invalid (git-fixes). - NFC: nci: fix memory leak in nci_allocate_device (git-fixes). - NFSv4: Replace closed stateids with the 'invalid special stateid' (bsc#1185481). - PCI: PM: Do not read power state in pci_enable_device_flags() (git-fixes). - PCI: Release OF node in pci_scan_device()'s error path (git-fixes). - RDMA/hns: Delete redundant condition judgment related to eq (bsc#1104427). - RDMA/srpt: Fix error return code in srpt_cm_req_recv() (bsc#1103992). - SUNRPC in case of backlog, hand free slots directly to waiting task (bsc#1185428). - SUNRPC: More fixes for backlog congestion (bsc#1185428). - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet (git-fixes). - USB: Add reset-resume quirk for WD19's Realtek Hub (git-fixes). - USB: serial: fix return value for unsupported ioctls (git-fixes). - USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes). - USB: trancevibrator: fix control-request direction (git-fixes). - af_packet: fix the tx skb protocol in raw sockets with ETH_P_ALL (bsc#1176081). - ata: libahci_platform: fix IRQ check (git-fixes). - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices (git-fixes). - backlight: journada720: Fix Wmisleading-indentation warning (git-fixes). - batman-adv: Do not always reallocate the fragmentation skb head (git-fixes). - bluetooth: eliminate the potential race condition when removing the HCI controller (git-fixes). - bnxt_en: Fix PCI AER error recovery flow (git-fixes). - bnxt_en: fix ternary sign extension bug in bnxt_show_temp() (bsc#1104745). - bpf: Fix masking negation logic upon negative dst register (git-fixes). - btrfs: fix race between transaction aborts and fsyncs leading to use-after-free (bsc#1186441). - btrfs: fix race when picking most recent mod log operation for an old root (bsc#1186439). - bus: qcom: Put child node before return (git-fixes). - cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes). - cfg80211: scan: drop entry from hidden_list on overflow (git-fixes). - clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes). - clk: fix invalid usage of list cursor in register (git-fixes). - clk: fix invalid usage of list cursor in unregister (git-fixes). - clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1 GHz (git-fixes). - clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to L0 (git-fixes). - clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM clock (git-fixes). - clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes). - clk: uniphier: Fix potential infinite loop (git-fixes). - cpufreq: Add NULL checks to show() and store() methods of cpufreq (bsc#1184040). - cpufreq: Avoid cpufreq_suspend() deadlock on system shutdown (bsc#1184040). - cpufreq: Kconfig: fix documentation links (git-fixes). - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758). - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (git-fixes). - crypto: qat - Fix a double free in adf_create_ring (git-fixes). - crypto: qat - do not release uninitialized resources (git-fixes). - crypto: qat - fix error path in adf_isr_resource_alloc() (git-fixes). - cxgb4: Fix unintentional sign extension issues (bsc#1064802 bsc#1066129). - dm: fix redundant IO accounting for bios that need splitting (bsc#1183738). - dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes). - docs: kernel-parameters: Add gpio_mockup_named_lines (git-fixes). - docs: kernel-parameters: Move gpio-mockup for alphabetic order (git-fixes). - drivers: net: fix memory leak in atusb_probe (git-fixes). - drivers: net: fix memory leak in peak_usb_create_dev (git-fixes). - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f (git-fixes). - drm/amdgpu: fix NULL pointer dereference (git-fixes). - drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes). - drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes). - drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes). - drm/meson: fix shutdown crash when component not probed (git-fixes). - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (git-fixes). - drm/omap: fix misleading indentation in pixinc() (git-fixes). - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (git-fixes). - drm/radeon: Fix off-by-one power_state index heap overwrite (git-fixes). - drm/radeon: fix copy of uninitialized variable back to userspace (git-fixes). - e1000e: Fix duplicate include guard (git-fixes). - e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes). - e1000e: add rtnl_lock() to e1000_reset_task (git-fixes). - ethernet:enic: Fix a use after free bug in enic_hard_start_xmit (bsc#1113431). - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged (git-fixes). - fbdev: zero-fill colormap in fbcmap.c (git-fixes). - ftrace: Handle commands when closing set_ftrace_filter file (git-fixes). - genirq: Reduce irqdebug cacheline bouncing (bsc#1185703 ltc#192641). - gianfar: Handle error code at MAC address change (git-fixes). - gpio: xilinx: Correct kernel doc for xgpio_probe() (git-fixes). - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 (git-fixes). - i2c: cadence: add IRQ check (git-fixes). - i2c: emev2: add IRQ check (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: i801: Do not generate an interrupt on bus reset (git-fixes). - i2c: jz4780: add IRQ check (git-fixes). - i2c: s3c2410: fix possible NULL pointer deref on read message after write (git-fixes). - i2c: sh7760: add IRQ check (git-fixes). - i2c: sh7760: fix IRQ error path (git-fixes). - i40e: Added Asym_Pause to supported link modes (git-fixes). - i40e: Fix PHY type identifiers for 2.5G and 5G adapters (jsc#SLE-4797). - i40e: Fix sparse errors in i40e_txrx.c (git-fixes). - i40e: Fix use-after-free in i40e_client_subtask() (bsc#1101816 ). - i40e: fix broken XDP support (git-fixes). - i40e: fix the panic when running bpf in xdpdrv mode (git-fixes). - i40e: fix the restart auto-negotiation after FEC modified (jsc#SLE-4797). - ibmvfc: Avoid move login if fast fail is enabled (bsc#1185938 ltc#192043). - ibmvfc: Handle move login failure (bsc#1185938 ltc#192043). - ibmvfc: Reinit target retries (bsc#1185938 ltc#192043). - ibmvnic: remove default label from to_string switch (bsc#1152457 ltc#174432 git-fixes). - igb: Fix duplicate include guard (git-fixes). - igb: check timestamp validity (git-fixes). - iio: adc: ad7793: Add missing error code in ad7793_setup() (git-fixes). - iio: gyro: mpu3050: Fix reported temperature value (git-fixes). - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error (git-fixes). - iio: tsl2583: Fix division by a zero lux_val (git-fixes). - intel_th: Consistency and off-by-one fix (git-fixes). - ipmi/watchdog: Stop watchdog timer when the current action is 'none' (bsc#1184855). - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() (git-fixes). - kABI: powerpc/64: add back start_tb and accum_tb to thread_struct. - kabi: preserve struct header_ops after bsc#1176081 fix (bsc#1176081). - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (git-fixes). - liquidio: Fix unintented sign extension of a left shift of a u16 (git-fixes). - mac80211: bail out if cipher schemes are invalid (git-fixes). - mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN (git-fixes). - mac80211: clear the beacon's CRC after channel switch (git-fixes). - macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes). - md-cluster: fix use-after-free issue when removing rdev (bsc#1184082). - md/raid1: properly indicate failure when ending a failed write request (bsc#1185680). - md: do not flush workqueue unconditionally in md_open (bsc#1184081). - md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081). - md: md_open returns -EBUSY when entering racing area (bsc#1184081). - md: split mddev_find (bsc#1184081). - media: adv7604: fix possible use-after-free in adv76xx_remove() (git-fixes). - media: dvb-usb: fix memory leak in dvb_usb_adapter_init (git-fixes). - media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes). - media: em28xx: fix memory leak (git-fixes). - media: gspca/sq905.c: fix uninitialized variable (git-fixes). - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() (git-fixes). - media: ite-cir: check for receive overflow (git-fixes). - media: m88rs6000t: avoid potential out-of-bounds reads on arrays (git-fixes). - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs (git-fixes). - media: omap4iss: return error code when omap4iss_get() failed (git-fixes). - mfd: lpc_sch: Partially revert 'Add support for Intel Quark X1000' (git-fixes). - mfd: stm32-timers: Avoid clearing auto reload register (git-fixes). - misc/uss720: fix memory leak in uss720_probe (git-fixes). - misc: lis3lv02d: Fix false-positive WARN on various HP models (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes). - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct (git-fixes). - mlxsw: spectrum_mr: Update egress RIF list before route's action (bsc#1112374). - mm: mempolicy: fix potential pte_unmap_unlock pte error (bsc#1185906). - mm: mempolicy: make mbind() return -EIO when MPOL_MF_STRICT is specified (bsc#1185906). - mmc: block: Update ext_csd.cache_ctrl if it was written (git-fixes). - mmc: core: Correct descriptions in mmc_of_parse() (git-fixes). - mmc: core: Do a power cycle when the CMD11 fails (git-fixes). - mmc: core: Set read only for SD cards with permanent write protect bit (git-fixes). - mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes). - mt7601u: fix always true expression (git-fixes). - mtd: require write permissions for locking and badblock ioctls (git-fixes). - net, xdp: Update pkt_type if generic XDP changes unicast MAC (bsc#1109837). - net/ethernet: Add parse_protocol header_ops support (bsc#1176081). - net/mlx4_en: update moderation when config reset (git-fixes). - net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes). - net/mlx5e: Remove the wrong assumption about transport offset (bsc#1176081). - net/mlx5e: Trust kernel regarding transport offset (bsc#1176081). - net/packet: Ask driver for protocol if not provided by user (bsc#1176081). - net/packet: Remove redundant skb->protocol set (bsc#1176081). - net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template (git-fixes). - net: Do not set transport offset to invalid value (bsc#1176081). - net: Introduce parse_protocol header_ops callback (bsc#1176081). - net: enic: Cure the enic api locking trainwreck (git-fixes). - net: hns3: Fix for geneve tx checksum bug (bsc#1104353 ). - net: hns3: add check for HNS3_NIC_STATE_INITED in hns3_reset_notify_up_enet() (bsc#1104353). - net: hns3: disable phy loopback setting in hclge_mac_start_phy (bsc#1104353). - net: hns3: fix for vxlan gpe tx checksum bug (bsc#1104353 ). - net: hns3: fix incorrect configuration for igu_egu_hw_err (bsc#1104353). - net: hns3: initialize the message content in hclge_get_link_mode() (bsc#1126390). - net: hns3: use netif_tx_disable to stop the transmit queue (bsc#1104353). - net: phy: intel-xway: enable integrated led functions (git-fixes). - net: qed: RDMA personality shouldn't fail VF load (git-fixes). - net: thunderx: Fix unintentional sign extension issue (git-fixes). - net: usb: fix memory leak in smsc75xx_bind (git-fixes). - netdevice: Add missing IFF_PHONY_HEADROOM self-definition (git-fixes). - netfilter: conntrack: add new sysctl to disable RST check (bsc#1183947 bsc#1185950). - netfilter: conntrack: avoid misleading 'invalid' in log message (bsc#1183947 bsc#1185950). - netfilter: conntrack: improve RST handling when tuple is re-used (bsc#1183947 bsc#1185950). - netfilter: conntrack: tcp: only close if RST matches exact sequence (bsc#1183947 bsc#1185950). - nfc: pn533: prevent potential memory corruption (git-fixes). - nvme-fc: clear q_live at beginning of association teardown (git-fixes). - nvme-loop: Introduce no merge flag for biovec (bsc#1174682). - pata_arasan_cf: fix IRQ check (git-fixes). - pata_ipx4xx_cf: fix IRQ check (git-fixes). - pcnet32: Use pci_resource_len to validate PCI resource (git-fixes). - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally (git-fixes). - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() (git-fixes). - pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes). - pinctrl: lewisburg: Update number of pins in community (git-fixes). - pinctrl: samsung: use 'int' for register masks in Exynos (git-fixes). - platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (git-fixes). - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table (git-fixes). - platform/x86: thinkpad_acpi: Correct thermal sensor allocation (git-fixes). - power: supply: Use IRQF_ONESHOT (git-fixes). - power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() (git-fixes). - power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() (git-fixes). - powerpc/64: remove start_tb and accum_tb from thread_struct (bsc#1186487 ltc#177613). - powerpc/64s: Fix crashes when toggling entry flush barrier (bsc#1177666 git-fixes). - powerpc/64s: Fix crashes when toggling stf barrier (bsc#1087082 git-fixes). - powerpc/pseries: lparcfg calculate PURR on demand (bsc#1186487 ltc#177613). - regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes). - rsxx: remove extraneous 'const' qualifier (git-fixes). - rtc: ds1307: Fix wday settings for rx8130 (git-fixes). - rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes). - s390/dasd: fix hanging DASD driver unbind (bsc#1183754 LTC#192081). - s390/dasd: fix hanging IO request during DASD driver unbind (bsc#1183754 LTC#192081). - s390/entry: save the caller of psw_idle (bsc#1185677). - s390/kdump: fix out-of-memory with PCI (bsc#1182256 LTC#191375). - sata_mv: add IRQ checks (git-fixes). - scsi: core: Run queue in case of I/O resource contention failure (bsc#1186416). - scsi: libfc: Avoid invoking response handler twice if ep is already completed (bsc#1186573). - scsi: lpfc: Add a option to enable interlocked ABTS before job completion (bsc#1186452). - scsi: lpfc: Add ndlp kref accounting for resume RPI path (bsc#1186452). - scsi: lpfc: Fix 'Unexpected timeout' error in direct attach topology (bsc#1186452). - scsi: lpfc: Fix Node recovery when driver is handling simultaneous PLOGIs (bsc#1186452). - scsi: lpfc: Fix bad memory access during VPD DUMP mailbox command (bsc#1186452). - scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the SGLs (bsc#1186452). - scsi: lpfc: Fix node handling for Fabric Controller and Domain Controller (bsc#1186452). - scsi: lpfc: Fix non-optimized ERSP handling (bsc#1186452). - scsi: lpfc: Fix unreleased RPIs when NPIV ports are created (bsc#1186452). - scsi: lpfc: Ignore GID-FT response that may be received after a link flip (bsc#1186452). - scsi: lpfc: Reregister FPIN types if ELS_RDF is received from fabric controller (bsc#1186452). - scsi: lpfc: Update lpfc version to 12.8.0.10 (bsc#1186452). - scsi: qla2xxx: Prevent PRLI in target mode (git-fixes). - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (git-fixes). - serial: stm32: fix incorrect characters on console (git-fixes). - smc: disallow TCP_ULP in smc_setsockopt() (bsc#1109837). - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes). - spi: dln2: Fix reference leak to master (git-fixes). - spi: omap-100k: Fix reference leak to master (git-fixes). - spi: spi-ti-qspi: Free DMA resources (git-fixes). - staging: emxx_udc: fix loop in _nbu2ss_nuke() (git-fixes). - staging: iio: cdc: ad7746: avoid overwrite of num_channels (git-fixes). - staging: rtl8192u: Fix potential infinite loop (git-fixes). - tcp: fix to update snd_wl1 in bulk receiver fast path (bsc#1185827). - thermal/drivers/ti-soc-thermal/bandgap Remove unused variable 'val' (git-fixes). - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (git-fixes). - tpm: fix error return code in tpm2_get_cc_attrs_tbl() (git-fixes). - tracing: Map all PIDs to command lines (git-fixes). - uio: uio_hv_generic: use devm_kzalloc() for private data alloc (git-fixes). - uio_hv_generic: Fix a memory leak in error handling paths (git-fixes). - uio_hv_generic: Fix another memory leak in error handling paths (git-fixes). - uio_hv_generic: add missed sysfs_remove_bin_file (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes). - usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes). - usb: dwc3: omap: improve extcon initialization (git-fixes). - usb: fotg210-hcd: Fix an error message (git-fixes). - usb: sl811-hcd: improve misleading indentation (git-fixes). - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS (git-fixes). - usb: xhci: Fix port minor revision (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - usb: xhci: Increase timeout for HC halt (git-fixes). - vgacon: Record video mode changes with VT_RESIZEX (git-fixes). - video: hyperv_fb: Add ratelimit on error message (bsc#1185724). - vsock/vmci: log once the failed queue pair allocation (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (git-fixes). - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (git-fixes). - xhci: Do not use GFP_KERNEL in (potentially) atomic context (git-fixes). - xsk: Respect device's headroom and tailroom on generic xmit path (bsc#1109837).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1013708 1013712 1013893 1015171 1015173 1055857 1059893 1064802 1066129 1087082 1096449 1101816 1103992 1104427 1104745 1107609 1109160 1109837 1112374 1112399 1113431 1115375 1118367 1118368 1120943 1126390 1133021 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1152457 1158328 1160770 1165787 1167231 1171475 1171740 1171847 1172105 1172116 1172121 1173576 1173613 1174120 1174316 1174682 1176081 1176579 1177666 1180552 1181383 1182256 1183738 1183754 1183947 1184040 1184081 1184082 1184611 1184675 1184855 1185428 1185481 1185642 1185680 1185703 1185724 1185758 1185859 1185860 1185863 1185898 1185899 1185906 1185938 1186060 1186062 1186285 1186416 1186439 1186441 1186460 1186484 CVE-2008-4316 CVE-2010-1205 CVE-2010-4352 CVE-2011-2501 CVE-2011-3026 CVE-2011-3045 CVE-2011-3048 CVE-2012-3386 CVE-2012-3524 CVE-2013-1984 CVE-2013-1995 CVE-2013-1998 CVE-2013-2168 CVE-2013-7353 CVE-2013-7354 CVE-2014-3158 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-7824 CVE-2014-8148 CVE-2014-9654 CVE-2015-0245 CVE-2015-3310 CVE-2015-7981 CVE-2015-8126 CVE-2015-8540 CVE-2016-10087 CVE-2016-6328 CVE-2016-7945 CVE-2016-7946 CVE-2016-9797 CVE-2016-9798 CVE-2016-9802 CVE-2016-9917 CVE-2016-9918 CVE-2017-14997 CVE-2017-7544 CVE-2018-16644 CVE-2018-20030 CVE-2018-5741 CVE-2018-6126 CVE-2019-11745 CVE-2019-13722 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-7317 CVE-2019-9278 CVE-2020-0093 CVE-2020-10188 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-12767 CVE-2020-13112 CVE-2020-13113 CVE-2020-13114 CVE-2020-1472 CVE-2020-24586 CVE-2020-24587 CVE-2020-26139 CVE-2020-26141 CVE-2020-26145 CVE-2020-26147 CVE-2020-8616 CVE-2020-8617 CVE-2021-23133 CVE-2021-23134 CVE-2021-32399 CVE-2021-33034 CVE-2021-33200 CVE-2021-3491 SUSE-SU-2018:1783-1 SUSE-SU-2018:3465-1 SUSE-SU-2019:1339-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:1534-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:1914-1 SUSE-SU-2020:2721-1 SUSE-SU-2021:1887-1
|
Platform(s): | openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND haproxy-1.8.17~git0.e89d25b2-lp150.2.9 is installed
|
Definition Synopsis |
openSUSE Leap 15.1 is installed
AND Package Information
kernel-debug-4.12.14-lp151.28.16 is installed
OR kernel-debug-base-4.12.14-lp151.28.16 is installed
OR kernel-debug-devel-4.12.14-lp151.28.16 is installed
OR kernel-default-4.12.14-lp151.28.16 is installed
OR kernel-default-base-4.12.14-lp151.28.16 is installed
OR kernel-default-devel-4.12.14-lp151.28.16 is installed
OR kernel-devel-4.12.14-lp151.28.16 is installed
OR kernel-docs-4.12.14-lp151.28.16 is installed
OR kernel-docs-html-4.12.14-lp151.28.16 is installed
OR kernel-kvmsmall-4.12.14-lp151.28.16 is installed
OR kernel-kvmsmall-base-4.12.14-lp151.28.16 is installed
OR kernel-kvmsmall-devel-4.12.14-lp151.28.16 is installed
OR kernel-macros-4.12.14-lp151.28.16 is installed
OR kernel-obs-build-4.12.14-lp151.28.16 is installed
OR kernel-obs-qa-4.12.14-lp151.28.16 is installed
OR kernel-source-4.12.14-lp151.28.16 is installed
OR kernel-source-vanilla-4.12.14-lp151.28.16 is installed
OR kernel-syms-4.12.14-lp151.28.16 is installed
OR kernel-vanilla-4.12.14-lp151.28.16 is installed
OR kernel-vanilla-base-4.12.14-lp151.28.16 is installed
OR kernel-vanilla-devel-4.12.14-lp151.28.16 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
dbus-1-1.8.22-28 is installed
OR dbus-1-x11-1.8.22-28 is installed
OR libdbus-1-3-1.8.22-28 is installed
OR libdbus-1-3-32bit-1.8.22-28 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
MozillaFirefox-68.3.0-109.98 is installed
OR MozillaFirefox-translations-common-68.3.0-109.98 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
libssh2-1-1.4.3-20.14 is installed
OR libssh2-1-32bit-1.4.3-20.14 is installed
OR libssh2_org-1.4.3-20.14 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
MozillaFirefox-78.0.1-112.3 is installed
OR MozillaFirefox-branding-SLE-78-35.3 is installed
OR MozillaFirefox-devel-78.0.1-112.3 is installed
OR MozillaFirefox-translations-common-78.0.1-112.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
hostinfo-1.0.1-19.5 is installed
OR supportutils-3.0-95.21 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
bind-9.11.2-1 is installed
OR bind-chrootenv-9.11.2-1 is installed
OR bind-doc-9.11.2-1 is installed
OR bind-utils-9.11.2-1 is installed
OR libbind9-160-9.11.2-1 is installed
OR libdns169-9.11.2-1 is installed
OR libirs160-9.11.2-1 is installed
OR libisc166-9.11.2-1 is installed
OR libisc166-32bit-9.11.2-1 is installed
OR libisccc160-9.11.2-1 is installed
OR libisccfg160-9.11.2-1 is installed
OR liblwres160-9.11.2-1 is installed
OR python-bind-9.11.2-1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
AND Package Information
xen-4.11.4_04-2.30 is installed
OR xen-doc-html-4.11.4_04-2.30 is installed
OR xen-libs-4.11.4_04-2.30 is installed
OR xen-libs-32bit-4.11.4_04-2.30 is installed
OR xen-tools-4.11.4_04-2.30 is installed
OR xen-tools-domU-4.11.4_04-2.30 is installed
|
Definition Synopsis |
Release Information
SUSE Linux Enterprise Server 12 SP5 is installed
AND
kernel-azure-4.12.14-16.59.1 is installed
OR kernel-azure-base-4.12.14-16.59.1 is installed
OR kernel-azure-devel-4.12.14-16.59.1 is installed
OR kernel-devel-azure-4.12.14-16.59.1 is installed
OR kernel-source-azure-4.12.14-16.59.1 is installed
OR kernel-syms-azure-4.12.14-16.59.1 is installed
OR Package Information
SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
AND
kernel-azure-4.12.14-16.59.1 is installed
OR kernel-azure-base-4.12.14-16.59.1 is installed
OR kernel-azure-devel-4.12.14-16.59.1 is installed
OR kernel-devel-azure-4.12.14-16.59.1 is installed
OR kernel-source-azure-4.12.14-16.59.1 is installed
OR kernel-syms-azure-4.12.14-16.59.1 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND Package Information
java-1_8_0-openjdk-1.8.0.222-27.35 is installed
OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 9 is installed
AND Package Information
grub2-2.02-12.39 is installed
OR grub2-i386-pc-2.02-12.39 is installed
OR grub2-snapper-plugin-2.02-12.39 is installed
OR grub2-systemd-sleep-plugin-2.02-12.39 is installed
OR grub2-x86_64-efi-2.02-12.39 is installed
OR grub2-x86_64-xen-2.02-12.39 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND Package Information
libdcerpc-binding0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libdcerpc-binding0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libdcerpc0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libdcerpc0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-krb5pac0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-krb5pac0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-nbt0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-nbt0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-standard0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr-standard0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libndr0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libnetapi0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libnetapi0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-credentials0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-credentials0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-errors0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-errors0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-hostconfig0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-hostconfig0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-passdb0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-passdb0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-util0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamba-util0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamdb0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsamdb0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbclient0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbclient0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbconf0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbconf0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbldap0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libsmbldap0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libtevent-util0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libtevent-util0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libwbclient0-4.6.16+git.237.40a3f495f75-3.55 is installed
OR libwbclient0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-client-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-client-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-doc-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-libs-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-libs-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-winbind-4.6.16+git.237.40a3f495f75-3.55 is installed
OR samba-winbind-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 9 is installed
AND nodejs6-6.17.1-11.33 is installed
|