Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0618-1

Опубликовано: 06 июл. 2023
Источник: suse-cvrf

Описание

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2023-23454: Fixed denial or service in cbq_classify in net/sched/sch_cbq.c (bnc#1207036).
  • CVE-2023-0590: Fixed race condition in qdisc_graft() (bsc#1207795).
  • CVE-2023-0394: Fixed a null pointer dereference flaw in the network subcomponent in the Linux kernel which could lead to system crash (bsc#1207168).
  • CVE-2023-0266: Fixed a use-after-free vulnerability inside the ALSA PCM package. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 was missing locks that could have been used in a use-after-free that could have resulted in a priviledge escalation to gain ring0 access from the system user (bsc#1207134).
  • CVE-2023-0045: Fixed flush IBP in ib_prctl_set() (bsc#1207773).
  • CVE-2022-47929: Fixed NULL pointer dereference bug in the traffic control subsystem (bnc#1207237).
  • CVE-2022-4662: Fixed incorrect access control in the USB core subsystem that could lead a local user to crash the system (bnc#1206664).
  • CVE-2022-36280: Fixed an out-of-bounds memory access vulnerability that was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c (bnc#1203332).
  • CVE-2022-3564: Fixed use-after-free in l2cap_core.c of the Bluetooth component (bnc#1206073).
  • CVE-2022-3108: Fixed missing check of return value of kmemdup() (bnc#1206389).
  • CVE-2022-3107: Fixed missing check of return value of kvmalloc_array() (bnc#1206395).

The following non-security bugs were fixed:

  • Bluetooth: hci_qca: Fix the teardown problem for real (git-fixes).
  • CDC-NCM: remove 'connected' log message (git-fixes).
  • HID: betop: check shape of output reports (git-fixes, bsc#1207186).
  • HID: betop: fix slab-out-of-bounds Write in betop_probe (git-fixes, bsc#1207186).
  • HID: check empty report_list in hid_validate_values() (git-fixes, bsc#1206784).
  • Input: convert autorepeat timer to use timer_setup() (git-fixes).
  • Input: do not use WARN() in input_alloc_absinfo() (git-fixes).
  • Input: i8042 - Add quirk for Fujitsu Lifebook T725 (git-fixes).
  • Input: iforce - reformat the packet dump output (git-fixes).
  • Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (git-fixes).
  • Input: replace hard coded string with func in pr_err() (git-fixes).
  • Input: switch to using sizeof(*type) when allocating memory (git-fixes).
  • Input: use seq_putc() in input_seq_print_bitmap() (git-fixes).
  • Input: use seq_puts() in input_devices_seq_show() (git-fixes).
  • Makefile: link with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • NFS Handle missing attributes in OPEN reply (bsc#1203740).
  • NFS: Correct size calculation for create reply length (git-fixes).
  • NFS: Fix an Oops in nfs_d_automount() (git-fixes).
  • NFS: Fix initialisation of I/O result struct in nfs_pgio_rpcsetup (git-fixes).
  • NFS: Fix memory leaks in nfs_pageio_stop_mirroring() (git-fixes).
  • NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails (git-fixes).
  • NFS: nfs_compare_mount_options always compare auth flavors (git-fixes).
  • NFS: nfs_find_open_context() may only select open files (git-fixes).
  • NFS: swap IO handling is slightly different for O_DIRECT IO (git-fixes).
  • NFS: swap-out must always use STABLE writes (git-fixes).
  • NFSD: Keep existing listeners on portlist error (git-fixes).
  • NFSD: Return nfserr_serverfault if splice_ok but buf->pages have data (git-fixes).
  • NFSv2: Fix eof handling (git-fixes).
  • NFSv2: Fix write regression (git-fixes).
  • NFSv4 expose nfs_parse_server_name function (git-fixes).
  • NFSv4 only print the label when its queried (git-fixes).
  • NFSv4 remove zero number of fs_locations entries error check (git-fixes).
  • NFSv4.1 handle ERR_DELAY error reclaiming locking state on delegation recall (git-fixes).
  • NFSv4.1: Fix uninitialised variable in devicenotify (git-fixes).
  • NFSv4.1: Handle RECLAIM_COMPLETE trunking errors (git-fixes).
  • NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot (git-fixes).
  • NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding (git-fixes).
  • NFSv4.2: Fix a memory stomp in decode_attr_security_label (git-fixes).
  • NFSv4.2: Fix initialisation of struct nfs4_label (git-fixes).
  • NFSv4.2: Fixup CLONE dest file size for zero-length count (git-fixes).
  • NFSv4.x: Fail client initialisation if state manager thread can't run (git-fixes).
  • NFSv4.x: fix lock recovery during delegation recall (git-fixes).
  • NFSv4/pNFS: Always return layout stats on layout return for flexfiles (git-fixes).
  • NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn (git-fixes).
  • NFSv4: Fix open create exclusive when the server reboots (git-fixes).
  • NFSv4: Fix return value in nfs_finish_open() (git-fixes).
  • NFSv4: Fix return values for nfs4_file_open() (git-fixes).
  • PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
  • PCI/ASPM: Declare threshold_ns as u32, not u64 (git-fixes).
  • PCI/sysfs: Fix double free in error path (git-fixes).
  • PCI: Check for alloc failure in pci_request_irq() (git-fixes).
  • PCI: Fix pci_device_is_present() for VFs by checking PF (git-fixes).
  • PCI: Fix used_buses calculation in pci_scan_child_bus_extend() (git-fixes).
  • PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge (git-fixes).
  • Revert 'blkdev: check for valid request queue before issuing flush' (git-fixes).
  • Revert 'dm cache: fix arm link errors with inline' (git-fixes).
  • Revert 'scsi: core: run queue if SCSI device queue isn't ready and queue is idle' (git-fixes).
  • Revert 'scsi: smartpqi: set force_blk_mq=1.(bsc#1205397)'
  • SUNRPC: Do not call __UDPX_INC_STATS() from a preemptible context (git-fixes).
  • SUNRPC: Do not leak netobj memory when gss_read_proxy_verf() fails (git-fixes).
  • SUNRPC: Fix a bogus get/put in generic_key_to_expire() (git-fixes).
  • SUNRPC: Fix a compile warning for cmpxchg64() (git-fixes).
  • SUNRPC: Fix a race with XPRT_CONNECTING (git-fixes).
  • SUNRPC: Fix missing release socket in rpc_sockname() (git-fixes).
  • SUNRPC: Handle 0 length opaque XDR object data properly (git-fixes).
  • SUNRPC: Move simple_get_bytes and simple_get_netobj into private header (git-fixes).
  • SUNRPC: drop pointless static qualifier in xdr_get_next_encode_buffer() (git-fixes).
  • SUNRPC: make lockless test safe (bsc#1207201).
  • SUNRPC: stop printk reading past end of string (git-fixes).
  • USB: serial: ch341: fix disabled rx timer on older devices (git-fixes).
  • USB: serial: console: move mutex_unlock() before usb_serial_put() (git-fixes).
  • amiflop: clean up on errors during setup (git-fixes).
  • arm64/kvm: consistently handle host HCR_EL2 flags (git-fixes)
  • arm64: Fix minor issues with the dcache_by_line_op macro (git-fixes)
  • arm64: alternative: Use true and false for boolean values (git-fixes)
  • arm64: cmpwait: Clear event register before arming exclusive monitor (git-fixes)
  • arm64: fix possible spectre-v1 in ptrace_hbp_get_event() (git-fixes)
  • arm64: fix possible spectre-v1 write in ptrace_hbp_set_event() (git-fixes)
  • arm64: ftrace: do not adjust the LR value (git-fixes)
  • arm64: io: Ensure calls to delay routines are ordered against prior (git-fixes)
  • arm64: io: Ensure value passed to __iormb() is held in a 64-bit (git-fixes)
  • arm64: jump_label.h: use asm_volatile_goto macro instead of 'asm (git-fixes)
  • arm64: make secondary_start_kernel() notrace (git-fixes)
  • arm64: makefile fix build of .i file in external module case (git-fixes)
  • arm64: ptrace: remove addr_limit manipulation (git-fixes)
  • arm64: rockchip: Force CONFIG_PM on Rockchip systems (git-fixes)
  • arm64: smp: Handle errors reported by the firmware (git-fixes)
  • audit: ensure userspace is penalized the same as the kernel when under pressure (bsc#1204514).
  • audit: improve robustness of the audit queue handling (bsc#1204514).
  • bcache: fix super block seq numbers comparision in register_cache_set() (git-fixes).
  • blk-cgroup: Fix memleak on error path (git-fixes).
  • blk-cgroup: Pre-allocate tree node on blkg_conf_prep (git-fixes).
  • blk-cgroup: fix missing put device in error path from blkg_conf_pref() (git-fixes).
  • blk-mq: fix possible memleak when register 'hctx' failed (git-fixes).
  • blk-mq: insert request not through ->queue_rq into sw/scheduler queue (git-fixes).
  • blk-mq: move cancel of requeue_work into blk_mq_release (git-fixes).
  • blktrace: Fix output non-blktrace event when blk_classic option enabled (git-fixes).
  • blktrace: break out of blktrace setup on concurrent calls (git-fixes).
  • blktrace: ensure our debugfs dir exists (git-fixes).
  • blktrace: fix endianness for blk_log_remap() (git-fixes).
  • blktrace: fix endianness in get_pdu_int() (git-fixes).
  • blktrace: use errno instead of bi_status (git-fixes).
  • block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (bsc#1175995,jsc#SLE-15608).
  • block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group() (git-fixes).
  • block, bfq: increase idling for weight-raised queues (git-fixes).
  • block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (bsc#1207102).
  • block, bfq: protect 'bfqd->queued' by 'bfqd->lock' (git-fixes).
  • block/bio-integrity: do not free 'buf' if bio_integrity_add_page() failed (git-fixes).
  • block/bio-integrity: fix a memory leak bug (git-fixes).
  • block/swim: Check drive type (git-fixes).
  • block/swim: Do not log an error message for an invalid ioctl (git-fixes).
  • block/swim: Fix IO error at end of medium (git-fixes).
  • block/swim: Rename macros to avoid inconsistent inverted logic (git-fixes).
  • block/swim: Select appropriate drive on device open (git-fixes).
  • block: Fix use-after-free issue accessing struct io_cq (git-fixes).
  • block: add a lower-level bio_add_page interface (git-fixes).
  • block: bio-integrity: Copy flags when bio_integrity_payload is cloned (bsc#1208541).
  • block: fix memleak when __blk_rq_map_user_iov() is failed (git-fixes).
  • block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR (git-fixes).
  • brd: check and limit max_part par (git-fixes).
  • ceph: remove bogus checks and WARN_ONs from ceph_set_page_dirty (bsc#1207195).
  • compat_ioctl: block: handle BLKGETZONESZ/BLKGETNRZONES (git-fixes).
  • cpu/hotplug: Fix 'SMT disabled by BIOS' detection for KVM (git-fixes).
  • cryptoloop: add a deprecation warning (git-fixes).
  • d6810d730022 ('memcg, THP, swap: make mem_cgroup_swapout() support THP')
  • dm bio record: save/restore bi_end_io and bi_integrity (git-fixes).
  • dm btree: add a defensive bounds check to insert_at() (git-fixes).
  • dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort (git-fixes).
  • dm cache: Fix UAF in destroy() (git-fixes).
  • dm cache: set needs_check flag after aborting metadata (git-fixes).
  • dm crypt: use u64 instead of sector_t to store iv_offset (git-fixes).
  • dm flakey: Properly corrupt multi-page bios (git-fixes).
  • dm ioctl: fix misbehavior if list_versions races with module loading (git-fixes).
  • dm ioctl: prevent potential spectre v1 gadget (git-fixes).
  • dm kcopyd: Fix bug causing workqueue stalls (git-fixes).
  • dm raid: avoid bitmap with raid4/5/6 journal device (git-fixes).
  • dm space map common: add bounds check to sm_ll_lookup_bitmap() (git-fixes).
  • dm space maps: do not reset space map allocation cursor when committing (git-fixes).
  • dm table: Remove BUG_ON(in_interrupt()) (git-fixes).
  • dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (git-fixes).
  • dm thin: Fix UAF in run_timer_softirq() (git-fixes).
  • dm thin: Use last transaction's pmd->root when commit failed (git-fixes).
  • dm thin: add sanity checks to thin-pool and external snapshot creation (git-fixes).
  • dm thin: resume even if in FAIL mode (git-fixes).
  • dm verity: skip verity work if I/O error when system is shutting down (git-fixes).
  • dm verity: use message limit for data block corruption message (git-fixes).
  • dm zoned: return NULL if dmz_get_zone_for_reclaim() fails to find a zone (git-fixes).
  • dm: Use kzalloc for all structs with embedded biosets/mempools (git-fixes).
  • do not dump the threads that had been already exiting when zapped (git-fixes).
  • drbd: Change drbd_request_detach_interruptible's return type to int (git-fixes).
  • drbd: destroy workqueue when drbd device was freed (git-fixes).
  • drbd: do not block when adjusting 'disk-options' while IO is frozen (git-fixes).
  • drbd: dynamically allocate shash descriptor (git-fixes).
  • drbd: fix potential silent data corruption (git-fixes).
  • drbd: fix print_st_err()'s prototype to match the definition (git-fixes).
  • drbd: ignore 'all zero' peer volume sizes in handshake (git-fixes).
  • drbd: reject attach of unsuitable uuids even if connected (git-fixes).
  • drbd: remove usage of list iterator variable after loop (git-fixes).
  • drbd: use after free in drbd_create_device() (git-fixes).
  • drivers/block/zram/zram_drv.c: fix bug storing backing_dev (git-fixes).
  • drivers:md:fix a potential use-after-free bug (git-fixes).
  • ext4: Detect already used quota file early (bsc#1206873).
  • ext4: Fixup pages without buffers (bsc#1205495).
  • ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (bsc#1206878).
  • ext4: add reserved GDT blocks check (bsc#1202712).
  • ext4: avoid crash when inline data creation follows DIO write (bsc#1206883).
  • ext4: avoid resizing to a partial cluster size (bsc#1206880).
  • ext4: clear mmp sequence number when remounting read-only (bsc#1207093).
  • ext4: continue to expand file system when the target size does not reach (bsc#1206882).
  • ext4: correct max_inline_xattr_value_size computing (bsc#1206878).
  • ext4: correct the misjudgment in ext4_iget_extra_inode (bsc#1206878).
  • ext4: do not BUG if someone dirty pages without asking ext4 first (bsc#1207097).
  • ext4: fix a data race at inode->i_disksize (bsc#1206855).
  • ext4: fix argument checking in EXT4_IOC_MOVE_EXT (bsc#1207092).
  • ext4: fix extent status tree race in writeback error recovery path (bsc#1206877).
  • ext4: fix null-ptr-deref in ext4_write_info (bsc#1206884).
  • ext4: fix race when reusing xattr blocks (bsc#1198971).
  • ext4: fix undefined behavior in bit shift for ext4_check_flag_values (bsc#1206890).
  • ext4: fix use-after-free in ext4_ext_shift_extents (bsc#1206888).
  • ext4: fix use-after-free in ext4_xattr_set_entry (bsc#1206878).
  • ext4: fix warning in 'ext4_da_release_space' (bsc#1206887).
  • ext4: make ext4_lazyinit_thread freezable (bsc#1206885).
  • ext4: prohibit fstrim in norecovery mode (bsc#1207094).
  • ext4: recover csum seed of tmp_inode after migrating to extents (bsc#1202713).
  • ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).
  • ext4: update s_overhead_clusters in the superblock during an on-line resize (bsc#1206876).
  • ext4: use matching invalidatepage in ext4_writepage (bsc#1206858).
  • flexfiles: enforce per-mirror stateid only for v4 DSes (git-fixes).
  • flexfiles: use per-mirror specified stateid for IO (git-fixes).
  • floppy: Add max size check for user space request (git-fixes).
  • fs: nfs: Fix possible null-pointer dereferences in encode_attrs() (git-fixes).
  • ftrace: Enable trampoline when rec count returns back to one (git-fixes).
  • ftrace: Fix NULL pointer dereference in free_ftrace_func_mapper() (git-fixes).
  • ftrace: Fix updating FTRACE_FL_TRAMP (git-fixes).
  • ftrace: fpid_next() should increase position index (git-fixes).
  • gtp: set NLM_F_MULTI flag in gtp_genl_dump_pdp() (git-fixes).
  • ibmveth: Always stop tx queues during close (bsc#1065729).
  • iforce: restore old iforce_dump_packet (git-fixes).
  • ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module (git-fixes).
  • ipmi: Move remove_work to dedicated workqueue (git-fixes).
  • ipmi: fix memleak when unload ipmi driver (git-fixes).
  • ipmi: fix use after free in _ipmi_destroy_user() (git-fixes).
  • ipv6: raw: Deduct extension header length in rawv6_push_pending_frames (bsc#1207168).
  • isofs: reject hardware sector size > 2048 bytes (bsc#1207103).
  • jbd2: use the correct print format (git-fixes).
  • kABI: cpu/hotplug: reexport cpu_smt_control (kabi).
  • kABI: mitigate new ufs_stats field (git-fixes).
  • kbuild: clear LDFLAGS in the top Makefile (bsc#1203200).
  • kernel/sys.c: avoid copying possible padding bytes in copy_to_user (git-fixes).
  • kprobes, x86/alternatives: Use text_mutex to protect smp_alt_modules (git-fixes).
  • kprobes, x86/ptrace.h: Make regs_get_kernel_stack_nth() not fault on bad stack (git-fixes).
  • lockd: fix decoding of TEST results (git-fixes).
  • loop: Add LOOP_SET_DIRECT_IO to compat ioctl (git-fixes).
  • loop: use sysfs_emit() in the sysfs xxx show() (git-fixes).
  • m68k/mac: Do not remap SWIM MMIO region (git-fixes).
  • mbcache: add functions to delete entry if unused (bsc#1198971).
  • mbcache: do not reclaim used entries (bsc#1198971).
  • md/raid1: stop mdx_raid1 thread when raid1 array run failed (git-fixes).
  • md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d (git-fixes).
  • md: fix a crash in mempool_free (git-fixes).
  • md: protect md_unregister_thread from reentrancy (git-fixes).
  • media: Do not let tvp5150_get_vbi() go out of vbi_ram_default array (git-fixes).
  • media: i2c: tvp5150: remove useless variable assignment in tvp5150_set_vbi() (git-fixes).
  • memcg, kmem: further deprecate kmem.limit_in_bytes (bsc#1206896).
  • memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344).
  • memcg: remove memcg_cgroup::id from IDR on mem_cgroup_css_alloc() failure (bsc#1208108).
  • mm, page_alloc: avoid expensive reclaim when compaction may not succeed (bsc#1204250).
  • mm/filemap.c: clear page error before actual read (bsc#1206635).
  • module: Do not wait for GOING modules (bsc#1196058, bsc#1186449, bsc#1204356, bsc#1204662).
  • module: set MODULE_STATE_GOING state when a module fails to load (git-fixes).
  • move new members of struct usbnet to end (git-fixes).
  • nbd: Add the nbd NBD_DISCONNECT_ON_CLOSE config flag (git-fixes).
  • nbd: Fix NULL pointer in flush_workqueue (git-fixes).
  • nbd: Fix hung when signal interrupts nbd_start_device_ioctl() (git-fixes).
  • nbd: add a flush_workqueue in nbd_start_device (git-fixes).
  • nbd: add missing config put (git-fixes).
  • nbd: call genl_unregister_family() first in nbd_cleanup() (git-fixes).
  • nbd: do not requeue the same request twice (git-fixes).
  • nbd: fix a block_device refcount leak in nbd_release (git-fixes).
  • nbd: fix crash when the blksize is zero (git-fixes).
  • nbd: fix io hung while disconnecting device (git-fixes).
  • nbd: fix max number of supported devs (git-fixes).
  • nbd: fix possible sysfs duplicate warning (git-fixes).
  • nbd: fix race between nbd_alloc_config() and module removal (git-fixes).
  • nbd: fix shutdown and recv work deadlock v2 (git-fixes).
  • nbd: handle racing with error'ed out commands (git-fixes).
  • nbd: handle unexpected replies better (git-fixes).
  • nbd: make the config put is called before the notifying the waiter (git-fixes).
  • nbd: verify socket is supported during setup (git-fixes).
  • nbd:fix memory leak in nbd_get_socket() (git-fixes).
  • net :sunrpc :clnt :Fix xps refcount imbalance on the error path (git-fixes).
  • net/ethernet/freescale: rework quiesce/activate for ucc_geth (git-fixes).
  • net/mlx5e: Set of completion request bit should not clear other adjacent bits (git-fixes).
  • net/usb/kalmia: use ARRAY_SIZE for various array sizing calculations (git-fixes).
  • net/usb: kalmia: Do not pass act_len in usb_bulk_msg error path (git-fixes).
  • net: USB: Fix wrong-direction WARNING in plusb.c (git-fixes).
  • net: allwinner: Fix use correct return type for ndo_start_xmit() (git-fixes).
  • net: bcmgenet: suppress warnings on failed Rx SKB allocations (git-fixes).
  • net: bmac: Fix read of MAC address from ROM (git-fixes).
  • net: dsa: mv88e6xxx: Allow dsa and cpu ports in multiple vlans (git-fixes).
  • net: kalmia: clean up bind error path (git-fixes).
  • net: kalmia: fix memory leaks (git-fixes).
  • net: mana: Fix IRQ name - add PCI and queue number (bsc#1207875).
  • net: qed*: Reduce RX and TX default ring count when running inside kdump kernel (git-fixes).
  • net: sched: atm: dont intepret cls results when asked to drop (bsc#1207036).
  • net: sched: cbq: dont intepret cls results when asked to drop (bsc#1207036).
  • net: stmmac: Fix sub-second increment (git-fixes).
  • net: sunrpc: Fix off-by-one issues in 'rpc_ntop6' (git-fixes).
  • net: systemport: suppress warnings on failed Rx SKB allocations (git-fixes).
  • net: usb: asix: ax88772_bind return error when hw_reset fail (git-fixes).
  • net: usb: asix: init MAC address buffers (git-fixes).
  • net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes).
  • net: usb: cdc_mbim: avoid altsetting toggling for Telit LN920 (git-fixes).
  • net: usb: lan78xx: do not modify phy_device state concurrently (git-fixes).
  • net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes).
  • net: usb: qmi_wwan: Add the BroadMobi BM818 card (git-fixes).
  • net: usb: qmi_wwan: Set DTR quirk for MR400 (git-fixes).
  • net: usb: qmi_wwan: add Quectel EM160R-GL (git-fixes).
  • net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
  • net: usb: qmi_wwan: add Telit 0x103a composition (git-fixes).
  • net: usb: qmi_wwan: add u-blox 0x1342 composition (git-fixes).
  • net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch (git-fixes).
  • net: usb: rtl8150: demote allmulti message to dev_dbg() (git-fixes).
  • net: usb: sr9700: Handle negative len (git-fixes).
  • nfs4: Fix kmemleak when allocate slot failed (git-fixes).
  • nfs: Fix NULL pointer dereference of dev_name (git-fixes).
  • nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default (git-fixes).
  • nfs: nfs4clinet: check the return value of kstrdup() (git-fixes).
  • nfs: we do not support removing system.nfs4_acl (git-fixes).
  • nfsd4: fix crash on writing v4_end_grace before nfsd startup (git-fixes).
  • nfsd: Fix svc_xprt refcnt leak when setup callback client failed (git-fixes).
  • nfsd: Return EPERM, not EACCES, in some SETATTR cases (git-fixes).
  • nfsd: allow fh_want_write to be called twice (git-fixes).
  • nfsd: fix a warning in __cld_pipe_upcall() (git-fixes).
  • nfsd: fix wrong check in write_v4_end_grace() (git-fixes).
  • null_blk: Handle null_add_dev() failures properly (git-fixes).
  • null_blk: fix spurious IO errors after failed past-wp access (git-fixes).
  • pNFS/NFSv4: Try to return invalid layout in pnfs_layout_process() (git-fixes).
  • panic: unset panic_on_warn inside panic() (git-fixes).
  • parisc: Fix HP SDC hpa address output (git-fixes).
  • parisc: Fix serio address output (git-fixes).
  • powerpc/64/module: REL32 relocation range check (bsc#1065729).
  • powerpc/64: Init jump labels before parse_early_param() (bsc#1065729).
  • powerpc/64s/hash: Fix stab_rr off by one initialization (bsc#1065729).
  • powerpc/64s/pgtable: fix an undefined behaviour (bsc#1065729).
  • powerpc/boot: Disable vector instructions (bsc#1065729).
  • powerpc/boot: Explicitly disable usage of SPE instructions (bsc#1065729).
  • powerpc/boot: Fix 64-bit boot wrapper build with non-biarch compiler (bsc#1065729).
  • powerpc/boot: Fix missing check of lseek() return value (bsc#1065729).
  • powerpc/boot: Fixup device-tree on little endian (bsc#1065729).
  • powerpc/crashkernel: Take 'mem=' option into account (bsc#1065729).
  • powerpc/eeh: Fix possible null deref in eeh_dump_dev_log() (bsc#1065729).
  • powerpc/eeh: Fix use of EEH_PE_KEEP on wrong field (bsc#1065729).
  • powerpc/eeh: Only dump stack once if an MMIO loop is detected (bsc#1065729).
  • powerpc/futex: Fix warning: 'oldval' may be used uninitialized in this function (bsc#1065729).
  • powerpc/iommu: Avoid derefence before pointer check (bsc#1065729).
  • powerpc/mm: Make NULL pointer deferences explicit on bad page faults (bsc#1065729).
  • powerpc/pci/of: Fix OF flags parsing for 64bit BARs (bsc#1065729).
  • powerpc/pci: Fix get_phb_number() locking (bsc#1065729).
  • powerpc/perf: callchain validate kernel stack pointer bounds (bsc#1065729).
  • powerpc/powernv/eeh/npu: Fix uninitialized variables in opal_pci_eeh_freeze_status (bsc#1065729).
  • powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number (bsc#1065729).
  • powerpc/powernv/smp: Fix spurious DBG() warning (bsc#1065729).
  • powerpc/powernv: add missing of_node_put (bsc#1065729).
  • powerpc/powernv: opal_put_chars partial write fix (bsc#1065729).
  • powerpc/pseries/cmm: Implement release() function for sysfs device (bsc#1065729).
  • powerpc/pseries/eeh: use correct API for error log size (bsc#1065729).
  • powerpc/pseries/hvconsole: Fix stack overread via udbg (bsc#1065729).
  • powerpc/pseries: Fix node leak in update_lmb_associativity_index() (bsc#1065729).
  • powerpc/pseries: Mark accumulate_stolen_time() as notrace (bsc#1065729).
  • powerpc/pseries: Stop calling printk in rtas_stop_self() (bsc#1065729).
  • powerpc/pseries: add of_node_put() in dlpar_detach_node() (bsc#1065729).
  • powerpc/pseries: unregister VPA when hot unplugging a CPU (bsc#1205695 ltc#200603).
  • powerpc/rtas: avoid device tree lookups in rtas_os_term() (bsc#1065729).
  • powerpc/rtas: avoid scheduling in rtas_os_term() (bsc#1065729).
  • powerpc/smp: Set numa node before updating mask (bsc#1065729).
  • powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV (bsc#1065729).
  • powerpc/time: Fix clockevent_decrementer initalisation for PR KVM (bsc#1065729).
  • powerpc/time: Use clockevents_register_device(), fixing an issue with large decrementer (bsc#1065729).
  • powerpc/traps: Fix the message printed when stack overflows (bsc#1065729).
  • powerpc/xive/spapr: correct bitmap allocation size (git-fixes).
  • powerpc/xive: Add a check for memory allocation failure (git-fixes).
  • powerpc/xive: Move a dereference below a NULL test (bsc#1065729).
  • powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (git-fixes).
  • powerpc/xmon: fix dump_segments() (bsc#1065729).
  • powerpc: Force inlining of cpu_has_feature() to avoid build failure (bsc#1065729).
  • powerpc: improve handling of unrecoverable system reset (bsc#1065729).
  • powerpc: sysdev: add missing iounmap() on error in mpic_msgr_probe() (bsc#1065729).
  • prlimit: do_prlimit needs to have a speculation check (git-fixes).
  • ps3disk: use the default segment boundary (git-fixes).
  • ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (git-fixes).
  • quota: Check next/prev free block number after reading from quota file (bsc#1206640).
  • quota: Lock s_umount in exclusive mode for Q_XQUOTA{ON,OFF} quotactls (bsc#1207104).
  • rndis_host: increase sleep time in the query-response loop (git-fixes).
  • rpc: fix NULL dereference on kmalloc failure (git-fixes).
  • rpc: fix gss_svc_init cleanup on failure (git-fixes).
  • rpm: Add suse-kernel-rpm-scriptlets to kmp buildreqs (boo#1205149)
  • rsxx: add missed destroy_workqueue calls in remove (git-fixes).
  • sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
  • sbitmap: Avoid leaving waitqueue in invalid state in __sbq_wake_up() (git-fixes).
  • sbitmap: fix lockup while swapping (bsc#1206602).
  • scsi: 3w-9xxx: Avoid disabling device if failing to enable it (git-fixes).
  • scsi: 3ware: fix return 0 on the error path of probe (git-fixes).
  • scsi: 53c700: pass correct 'dev' to dma_alloc_attrs() (git-fixes).
  • scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (git-fixes).
  • scsi: NCR5380: Add disconnect_mask module parameter (git-fixes).
  • scsi: NCR5380: Check for bus reset (git-fixes).
  • scsi: NCR5380: Check for invalid reselection target (git-fixes).
  • scsi: NCR5380: Clear all unissued commands on host reset (git-fixes).
  • scsi: NCR5380: Do not call dsprintk() following reselection interrupt (git-fixes).
  • scsi: NCR5380: Do not clear busy flag when abort fails (git-fixes).
  • scsi: NCR5380: Handle BUS FREE during reselection (git-fixes).
  • scsi: NCR5380: Have NCR5380_select() return a bool (git-fixes).
  • scsi: NCR5380: Use DRIVER_SENSE to indicate valid sense data (git-fixes).
  • scsi: NCR5380: Withhold disconnect privilege for REQUEST SENSE (git-fixes).
  • scsi: Revert 'target: iscsi: Wait for all commands to finish before freeing a session' (git-fixes).
  • scsi: aacraid: Disabling TM path and only processing IOP reset (git-fixes).
  • scsi: aacraid: fix illegal IO beyond last LBA (git-fixes).
  • scsi: advansys: Fix kernel pointer leak (git-fixes).
  • scsi: aha152x: Fix aha152x_setup() __setup handler return value (git-fixes).
  • scsi: aic7xxx: Adjust indentation in ahc_find_syncrate (git-fixes).
  • scsi: aic7xxx: Fix unintentional sign extension issue on left shift of u8 (git-fixes).
  • scsi: atari_scsi: sun3_scsi: Set sg_tablesize to 1 instead of SG_NONE (git-fixes).
  • scsi: bfa: Replace snprintf() with sysfs_emit() (git-fixes).
  • scsi: core: Avoid printing an error if target_alloc() returns -ENXIO (git-fixes).
  • scsi: core: Cap scsi_host cmd_per_lun at can_queue (git-fixes).
  • scsi: core: Do not start concurrent async scan on same host (git-fixes).
  • scsi: core: Fix shost->cmd_per_lun calculation in scsi_add_host_with_dma() (git-fixes).
  • scsi: core: Reduce memory required for SCSI logging (git-fixes).
  • scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (git-fixes).
  • scsi: dc395x: fix dma API usage in srb_done (git-fixes).
  • scsi: fcoe: Fix possible name leak when device_register() fails (git-fixes).
  • scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (git-fixes).
  • scsi: fcoe: drop frames in ELS LOGO error path (git-fixes).
  • scsi: fcoe: fix use-after-free in fcoe_ctlr_els_send (git-fixes).
  • scsi: fix kconfig dependency warning related to 53C700_LE_ON_BE (git-fixes).
  • scsi: fnic: fix use after free (git-fixes).
  • scsi: hisi_sas: Check sas_port before using it (git-fixes).
  • scsi: hpsa: Fix allocation size for scsi_host_alloc() (git-fixes).
  • scsi: hpsa: Fix error handling in hpsa_add_sas_host() (git-fixes).
  • scsi: hpsa: Fix memory leak in hpsa_init_one() (git-fixes).
  • scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (git-fixes).
  • scsi: hpsa: Fix possible memory leak in hpsa_init_one() (git-fixes).
  • scsi: hpsa: correct scsi command status issue after reset (git-fixes).
  • scsi: ibmvscsis: Ensure partition name is properly NUL terminated (git-fixes).
  • scsi: ibmvscsis: Fix a stringop-overflow warning (git-fixes).
  • scsi: ipr: Fix WARNING in ipr_init() (git-fixes).
  • scsi: ipr: Fix missing/incorrect resource cleanup in error case (git-fixes).
  • scsi: ipr: Fix softlockup when rescanning devices in petitboot (git-fixes).
  • scsi: ips: fix missing break in switch (git-fixes).
  • scsi: isci: Change sci_controller_start_task's return type to sci_status (git-fixes).
  • scsi: isci: Use proper enumerated type in atapi_d2h_reg_frame_handler (git-fixes).
  • scsi: iscsi: Add iscsi_cls_conn refcount helpers (git-fixes).
  • scsi: iscsi: Do not destroy session if there are outstanding connections (git-fixes).
  • scsi: iscsi: Do not put host in iscsi_set_flashnode_param() (git-fixes).
  • scsi: iscsi: Do not send data to unbound connection (git-fixes).
  • scsi: iscsi: Fix reference count leak in iscsi_boot_create_kobj (git-fixes).
  • scsi: iscsi: Fix shost->max_id use (git-fixes).
  • scsi: iscsi: Report unbind session event when the target has been removed (git-fixes).
  • scsi: iscsi: Unblock session then wake up error handler (git-fixes).
  • scsi: iscsi: flush running unbind operations when removing a session (git-fixes).
  • scsi: iscsi_tcp: Explicitly cast param in iscsi_sw_tcp_host_get_param (git-fixes).
  • scsi: libcxgbi: add a check for NULL pointer in cxgbi_check_route() (git-fixes).
  • scsi: libcxgbi: fix NULL pointer dereference in cxgbi_device_destroy() (git-fixes).
  • scsi: libfc: Fix a format specifier (git-fixes).
  • scsi: libfc: Fix use after free in fc_exch_abts_resp() (git-fixes).
  • scsi: libiscsi: Fix NOP race condition (git-fixes).
  • scsi: libiscsi: Fix NULL pointer dereference in iscsi_eh_session_reset (git-fixes).
  • scsi: libiscsi: Fix UAF in iscsi_conn_get_param()/iscsi_conn_teardown() (git-fixes).
  • scsi: libiscsi: Fix iscsi_prep_scsi_cmd_pdu() error handling (git-fixes).
  • scsi: libsas: Check SMP PHY control function result (git-fixes).
  • scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (git-fixes).
  • scsi: megaraid: Fix error check return value of register_chrdev() (git-fixes).
  • scsi: megaraid: disable device when probe failed after enabled device (git-fixes).
  • scsi: megaraid_mm: Fix end of loop tests for list_for_each_entry() (git-fixes).
  • scsi: megaraid_sas: fix panic on loading firmware crashdump (git-fixes).
  • scsi: megaraid_sas: reduce module load time (git-fixes).
  • scsi: mpt3sas: Fix clear pending bit in ioctl status (git-fixes).
  • scsi: mpt3sas: Fix double free warnings (git-fixes).
  • scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (git-fixes).
  • scsi: mpt3sas: Increase IOCInit request timeout to 30s (git-fixes).
  • scsi: mvsas: Add PCI ID of RocketRaid 2640 (git-fixes).
  • scsi: mvsas: Replace snprintf() with sysfs_emit() (git-fixes).
  • scsi: mvumi: Fix error return in mvumi_io_attach() (git-fixes).
  • scsi: pm8001: Fix memleak in pm8001_exec_internal_task_abort (git-fixes).
  • scsi: pm8001: Fix pm8001_mpi_task_abort_resp() (git-fixes).
  • scsi: pm80xx: Corrected dma_unmap_sg() parameter (git-fixes).
  • scsi: pm80xx: Fix for SATA device discovery (git-fixes).
  • scsi: pm80xx: Fixed system hang issue during kexec boot (git-fixes).
  • scsi: pmcraid: Fix missing resource cleanup in error case (git-fixes).
  • scsi: qedf: Do not retry ELS request if qedf_alloc_cmd fails (git-fixes).
  • scsi: qedi: Abort ep termination if offload not scheduled (git-fixes).
  • scsi: qedi: Do not flush offload work if ARP not resolved (git-fixes).
  • scsi: qedi: Fix list_del corruption while removing active I/O (git-fixes).
  • scsi: qedi: Fix null ref during abort handling (git-fixes).
  • scsi: qedi: Fix termination timeouts in session logout (git-fixes).
  • scsi: qedi: Protect active command list to avoid list corruption (git-fixes).
  • scsi: qla2xxx: Check if port is online before sending ELS (bsc#1208570).
  • scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (bsc#1208570).
  • scsi: qla2xxx: Fix IOCB resource check warning (bsc#1208570).
  • scsi: qla2xxx: Fix crash when I/O abort times out (jsc#PED-568).
  • scsi: qla2xxx: Fix erroneous link down (bsc#1208570).
  • scsi: qla2xxx: Fix exchange oversubscription (bsc#1208570).
  • scsi: qla2xxx: Fix exchange oversubscription for management commands (bsc#1208570).
  • scsi: qla2xxx: Fix link failure in NPIV environment (bsc#1208570).
  • scsi: qla2xxx: Fix printk() format string (bsc#1208570).
  • scsi: qla2xxx: Fix set-but-not-used variable warnings (jsc#PED-568).
  • scsi: qla2xxx: Fix stalled login (bsc#1208570).
  • scsi: qla2xxx: Initialize vha->unknown_atio_[list, work] for NPIV hosts (jsc#PED-568).
  • scsi: qla2xxx: Make qla_trim_buf() and __qla_adjust_buf() static (bsc#1208570).
  • scsi: qla2xxx: Relocate/rename vp map (bsc#1208570).
  • scsi: qla2xxx: Remove dead code (GNN ID) (bsc#1208570).
  • scsi: qla2xxx: Remove dead code (GPNID) (bsc#1208570).
  • scsi: qla2xxx: Remove dead code (bsc#1208570).
  • scsi: qla2xxx: Remove duplicate of vha->iocb_work initialization (jsc#PED-568).
  • scsi: qla2xxx: Remove increment of interface err cnt (bsc#1208570).
  • scsi: qla2xxx: Remove the unused variable wwn (bsc#1208570).
  • scsi: qla2xxx: Remove unintended flag clearing (bsc#1208570).
  • scsi: qla2xxx: Remove unused variable 'found_devs' (jsc#PED-568).
  • scsi: qla2xxx: Select qpair depending on which CPU post_cmd() gets called (bsc#1208570).
  • scsi: qla2xxx: Simplify if condition evaluation (bsc#1208570).
  • scsi: qla2xxx: Update version to 10.02.08.100-k (bsc#1208570).
  • scsi: qla2xxx: Update version to 10.02.08.200-k (bsc#1208570).
  • scsi: qla2xxx: Use a variable for repeated mem_size computation (bsc#1208570).
  • scsi: qla2xxx: edif: Fix clang warning (bsc#1208570).
  • scsi: qla2xxx: edif: Fix performance dip due to lock contention (bsc#1208570).
  • scsi: qla2xxx: edif: Fix stall session after app start (bsc#1208570).
  • scsi: qla2xxx: edif: Reduce memory usage during low I/O (bsc#1208570).
  • scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param (git-fixes).
  • scsi: qla4xxx: fix a potential NULL pointer dereference (git-fixes).
  • scsi: scsi_debug: Fix a warning in resp_write_scat() (git-fixes).
  • scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper() (git-fixes).
  • scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (git-fixes).
  • scsi: scsi_debug: num_tgts must be >= 0 (git-fixes).
  • scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() (git-fixes).
  • scsi: scsi_dh_alua: always use a 2 second delay before retrying RTPG (git-fixes).
  • scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (git-fixes).
  • scsi: scsi_dh_rdac: Avoid crash during rdac_bus_attach() (git-fixes).
  • scsi: scsi_transport_spi: Fix function pointer check (git-fixes).
  • scsi: scsi_transport_srp: Do not block target in SRP_PORT_LOST state (git-fixes).
  • scsi: scsi_transport_srp: Do not block target in failfast state (git-fixes).
  • scsi: sd: Free scsi_disk device via put_device() (git-fixes).
  • scsi: sd: do not crash the host on invalid commands (git-fixes).
  • scsi: ses: Fix unsigned comparison with less than zero (git-fixes).
  • scsi: ses: Retry failed Send/Receive Diagnostic commands (git-fixes).
  • scsi: smartpqi: use processor ID for hwqueue for non-mq case .
  • scsi: sni_53c710: fix compilation error (git-fixes).
  • scsi: snic: Fix possible UAF in snic_tgt_create() (git-fixes).
  • scsi: sr: Do not use GFP_DMA (git-fixes).
  • scsi: sr: Fix sr_probe() missing deallocate of device minor (git-fixes).
  • scsi: sr: Return appropriate error code when disk is ejected (git-fixes).
  • scsi: sr: Return correct event when media event code is 3 (git-fixes).
  • scsi: st: Fix a use after free in st_open() (git-fixes).
  • scsi: target: core: Add CONTROL field for trace events (git-fixes).
  • scsi: target: iscsi: Wait for all commands to finish before freeing a session (git-fixes).
  • scsi: ufs-pci: Ensure UFS device is in PowerDown mode for suspend-to-disk ->poweroff() (git-fixes).
  • scsi: ufs: Add DELAY_BEFORE_LPM quirk for Micron devices (git-fixes).
  • scsi: ufs: Avoid configuring regulator with undefined voltage range (git-fixes).
  • scsi: ufs: Clean up completed request without interrupt notification (git-fixes).
  • scsi: ufs: Complete pending requests in host reset and restore path (git-fixes).
  • scsi: ufs: Fix error handing during hibern8 enter (git-fixes).
  • scsi: ufs: Fix possible infinite loop in ufshcd_hold (git-fixes).
  • scsi: ufs: Fix regulator load and icc-level configuration (git-fixes).
  • scsi: ufs: Fix system suspend status (git-fixes).
  • scsi: ufs: Improve interrupt handling for shared interrupts (git-fixes).
  • scsi: ufs: Make sure clk scaling happens only when HBA is runtime ACTIVE (git-fixes).
  • scsi: ufs: fix potential bug which ends in system hang (git-fixes).
  • scsi: ufs: skip shutdown if hba is not powered (git-fixes).
  • scsi: ufs: ufs-qcom: Fix race conditions caused by ufs_qcom_testbus_config() (git-fixes).
  • scsi: virtio_scsi: Fix spelling mistake 'Unsupport' -> 'Unsupported' (git-fixes).
  • scsi: vmw_pscsi: Rearrange code to avoid multiple calls to free_irq during unload (git-fixes).
  • scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (git-fixes).
  • scsi: vmw_pvscsi: Return DID_RESET for status SAM_STAT_COMMAND_TERMINATED (git-fixes).
  • scsi: vmw_pvscsi: Set correct residual data length (git-fixes).
  • scsi: vmw_pvscsi: Set residual data length conditionally (git-fixes).
  • sctp: fail if no bound addresses can be used for a given scope (bsc#1206677).
  • signal handling: do not use BUG_ON() for debugging (git-fixes).
  • struct dwc3: move new members to the end (git-fixes).
  • sunrpc: Fix connect metrics (git-fixes).
  • sunrpc: do not mark uninitialised items as VALID (git-fixes).
  • sunrpc: fix cache_head leak due to queued request (git-fixes).
  • sunvdc: Do not spin in an infinite loop when vio_ldc_send() returns EAGAIN (git-fixes).
  • svcrdma: Ignore source port when computing DRC hash (git-fixes).
  • swim: fix cleanup on setup error (git-fixes).
  • tracing/cfi: Fix cmp_entries_* functions signature mismatch (git-fixes).
  • tracing: Adding NULL checks for trace_array descriptor pointer (git-fixes).
  • tracing: Ensure trace buffer is at least 4096 bytes large (git-fixes).
  • tracing: Fix a kmemleak false positive in tracing_map (git-fixes).
  • tracing: Fix code comments in trace.c (git-fixes).
  • tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line (git-fixes).
  • tracing: Fix sleeping function called from invalid context on RT kernel (git-fixes).
  • tracing: Fix stack trace event size (git-fixes).
  • tracing: Fix tp_printk option related with tp_printk_stop_on_boot (git-fixes).
  • tracing: Make sure trace_printk() can output as soon as it can be used (git-fixes).
  • tracing: Set kernel_stack's caller size properly (git-fixes).
  • tracing: Use address-of operator on section symbols (git-fixes).
  • tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (git-fixes).
  • trigger_next should increase position index (git-fixes).
  • udf: Avoid accessing uninitialized data on failed inode read (bsc#1206642).
  • udf: Check LVID earlier (bsc#1207108).
  • udf: Fix BUG on corrupted inode (bsc#1207107).
  • udf: Fix NULL pointer dereference in udf_symlink function (bsc#1206646).
  • udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (bsc#1206649).
  • udf: Fix free space reporting for metadata and virtual partitions (bsc#1206641).
  • udf: Limit sparing table size (bsc#1206643).
  • udf: fix silent AED tagLocation corruption (bsc#1206645).
  • udf_get_extendedattr() had no boundary checks (bsc#1206648).
  • usb: dwc3: Disable phy suspend after power-on reset (git-fixes).
  • usb: dwc3: core: Call dwc3_core_get_phy() before initializing phys (git-fixes).
  • usb: dwc3: core: Fix ULPI PHYs and prevent phy_get/ulpi_init during suspend/resume (git-fixes).
  • usb: dwc3: core: initialize ULPI before trying to get the PHY (git-fixes).
  • usb: dwc3: fix PHY disable sequence (git-fixes).
  • usb: dwc3: gadget: Fix OTG events when gadget driver isn't loaded (git-fixes).
  • usb: dwc3: gadget: Fix event pending check (git-fixes).
  • usb: dwc3: gadget: only unmap requests from DMA if mapped (git-fixes).
  • usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (git-fixes).
  • usb: musb: fix MUSB_QUIRK_B_DISCONNECT_99 handling (git-fixes).
  • usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (git-fixes).
  • virtio-blk: Fix memory leak among suspend/resume procedure (git-fixes).
  • virtio_console: break out of buf poll on remove (git-fixes).
  • virtio_console: eliminate anonymous module_init & module_exit (git-fixes).
  • x86/MCE/AMD: Carve out the MC4_MISC thresholding quirk (git-fixes).
  • x86/MCE/AMD: Turn off MC4_MISC thresholding on all family 0x15 models (git-fixes).
  • x86/asm: Add instruction suffixes to bitops (git-fixes).
  • x86/asm: Remove unnecessary \n\t in front of CC_SET() from asm templates (git-fixes).
  • x86/bugs: Move the l1tf function and define pr_fmt properly (git-fixes).
  • x86/earlyprintk: Add a force option for pciserial device (git-fixes).
  • x86/entry/64: Add instruction suffix (git-fixes).
  • x86/fpu: Add might_fault() to user_insn() (git-fixes).
  • x86/hpet: Prevent potential NULL pointer dereference (git-fixes).
  • x86/kexec: Do not setup EFI info if EFI runtime is not enabled (git-fixes).
  • x86/mce-inject: Reset injection struct after injection (git-fixes).
  • x86/mce/mce-inject: Preset the MCE injection struct (git-fixes).
  • x86/mce: Fix -Wmissing-prototypes warnings (git-fixes).
  • x86/mm: Do not leak kernel addresses (git-fixes).
  • x86/speculation: Add support for STIBP always-on preferred mode (git-fixes).
  • x86/speculation: Change misspelled STIPB to STIBP (git-fixes).
  • x86: boot: Fix EFI stub alignment (git-fixes).
  • x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (bsc#1203200).
  • xen-netfront: Fix hang on device removal (bsc#1206698).
  • xfs: Fix UBSAN null-ptr-deref in xfs_sysfs_init (git-fixes).
  • xfs: Fix bulkstat compat ioctls on x32 userspace (git-fixes).
  • xfs: Fix unreferenced object reported by kmemleak in xfs_sysfs_init() (git-fixes).
  • xfs: fix attr leaf header freemap.size underflow (git-fixes).
  • xfs: fix leaks on corruption errors in xfs_bmap.c (git-fixes).
  • xfs: fix mount failure crash on invalid iclog memory access (git-fixes).
  • xfs: fix partially uninitialized structure in xfs_reflink_remap_extent (git-fixes).
  • xfs: fix realtime bitmap/summary file truncation when growing rt volume (git-fixes).
  • xfs: fix use-after-free race in xfs_buf_rele (git-fixes).
  • xfs: initialize the shortform attr header padding entry (git-fixes).
  • xfs: make sure the rt allocator does not run off the end (git-fixes).
  • xfs: require both realtime inodes to mount (git-fixes).
  • xhci: Do not show warning for reinit on known broken suspend (git-fixes).
  • xprtrdma: treat all calls not a bcall when bc_serv is NULL (git-fixes).
  • zram: fix double free backing device (git-fixes).

Список пакетов

Image SLES12-SP5-Azure-Basic-On-Demand
kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand
kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand
kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5
kernel-azure-4.12.14-16.124.1
kernel-azure-base-4.12.14-16.124.1
kernel-azure-devel-4.12.14-16.124.1
kernel-devel-azure-4.12.14-16.124.1
kernel-source-azure-4.12.14-16.124.1
kernel-syms-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
kernel-azure-4.12.14-16.124.1
kernel-azure-base-4.12.14-16.124.1
kernel-azure-devel-4.12.14-16.124.1
kernel-devel-azure-4.12.14-16.124.1
kernel-source-azure-4.12.14-16.124.1
kernel-syms-azure-4.12.14-16.124.1

Ссылки

Описание

An issue was discovered in the Linux kernel through 5.16-rc6. netvsc_get_ethtool_stats in drivers/net/hyperv/netvsc_drv.c lacks check of the return value of kvmalloc_array() and will cause the null pointer dereference.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211087.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and "tc class" commands. This affects qdisc_graft in net/sched/sch_api.c.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки

Описание

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-HPC-On-Demand:kernel-azure-4.12.14-16.124.1
Image SLES12-SP5-Azure-Standard-On-Demand:kernel-azure-4.12.14-16.124.1
SUSE Linux Enterprise Server 12 SP5:kernel-azure-4.12.14-16.124.1
Ссылки
Уязвимость SUSE-SU-2023:0618-1