Overview

File _patchinfo of Package patchinfo.1562

<patchinfo incident="1562">
  <issue id="814440" tracker="bnc">HP CSBU SP3 bug:  driver for Creative Recon3D audio working in Beta3, broken in Beta4</issue>
  <issue id="867595" tracker="bnc">Kernel update in stock factory report colision with older version of itself</issue>
  <issue id="904348" tracker="bnc">[NetApp SLES11 SP3 Bug] Seeing better rewrite IO performance with 2 paths compared to 4 paths to a LUN</issue>
  <issue id="921949" tracker="bnc">VFIO device attaching: setrlimit DENIED</issue>
  <issue id="924493" tracker="bnc">VPD Read/write fail when access through PCI sysfs  node "vpd".</issue>
  <issue id="930145" tracker="bnc">System reboots automatically right after powering off the system</issue>
  <issue id="933514" tracker="bnc">LIO: unit attention not flagged following logical unit reset</issue>
  <issue id="935961" tracker="bnc">HARD LOCKUP in IO stress test on NVME device</issue>
  <issue id="936076" tracker="bnc">FATE 318544 Update NVMe driver to latest upstream</issue>
  <issue id="936773" tracker="bnc">SUSE12 - sporadically hangs during boot</issue>
  <issue id="939826" tracker="bnc">processes hang while trying to mount snapshot</issue>
  <issue id="939926" tracker="bnc">Sendtargets discovery process consumes a SCSI host structure entry</issue>
  <issue id="940853" tracker="bnc">Suse SLES12 hangs when EFI_PROPERTIES_TABLE enabled</issue>
  <issue id="941202" tracker="bnc">pvusb appears broken after latest kernel update</issue>
  <issue id="941867" tracker="bnc">Upgrade from openSUSE 13.2 to Tumbleweed yields a kernel panic while updating apparmor-abstraction</issue>
  <issue id="942938" tracker="bnc">[Intel] Port HPD IRQ Storm Handling to SLE11 SP3 / SP4</issue>
  <issue id="944749" tracker="bnc">[NetApp SLES12SP1 Bug] kernel crash hit at scsi_remove_target with sles12sp1 beta3</issue>
  <issue id="945626" tracker="bnc">BUG in alloc_irq_and_cfg_at+0x39/0x100</issue>
  <issue id="946078" tracker="bnc">IPVS removes conntrack entries for redistributed connections</issue>
  <issue id="947241" tracker="bnc">ocfs2 test case: flock testing hung for ever on multiple nodes</issue>
  <issue id="947321" tracker="bnc">IPv6 host route disappears after PMTU update</issue>
  <issue id="947478" tracker="bnc">nfs exportfs mixes up entries with different ro/rw settings</issue>
  <issue id="948521" tracker="bnc">MACVLAN traffic loss on bonding failover</issue>
  <issue id="948685" tracker="bnc">With fake signal, CPU-bound stack-inspection-based optimization is redundant</issue>
  <issue id="948831" tracker="bnc">kmemleak detects leaks in LIO/RBD COMPARE AND WRITE and persistent reservation code paths</issue>
  <issue id="949100" tracker="bnc">Fix task and run queue sched_info::run_delay inconsistencies</issue>
  <issue id="949463" tracker="bnc">XHCI 1.1 controllers malfunction even in compatibility mode</issue>
  <issue id="949504" tracker="bnc">Installing latest kernel in test on sles 12 in hyperv renders the machine not bootable</issue>
  <issue id="949706" tracker="bnc">Regression causes deadlock during cpu hotplug on vmware guest</issue>
  <issue id="949744" tracker="bnc">SLES 11 SP3: XFS overwritten / zeroed page</issue>
  <issue id="950013" tracker="bnc">SLES12, audit log problems while writing a file.</issue>
  <issue id="950750" tracker="bnc">ETHTOOL_OPTIONS error ''/sbin/ethtool -G eth1 rx 2048'': [81] Cannot set device ring parameters: Invalid argument</issue>
  <issue id="950862" tracker="bnc">Booting Xen under KVM fails on CPUs with X2APIC enabled</issue>
  <issue id="950998" tracker="bnc">VUL-1: CVE-2015-7833: kernel: usbvision: crash on invalid USB device descriptors</issue>
  <issue id="951110" tracker="bnc">Kernel panic when using NFS over RDMA</issue>
  <issue id="951165" tracker="bnc">Some Haswell laptops wake up without reason from S3</issue>
  <issue id="951199" tracker="bnc">[panic] NULL pointer dereference in skb_copy_and_csum_datagram_iovec after updating to 3.12.48-52.27</issue>
  <issue id="951440" tracker="bnc">VUL-0: CVE-2015-7872: kernel: Keyrings crash triggerable by unprivileged user</issue>
  <issue id="951546" tracker="bnc">SuSEfirewall2 - portions not working due to missing netfilter kernel modules.</issue>
  <issue id="952666" tracker="bnc">Persistent Reservation checks for non-holders incorrectly return RESERVATION CONFLICT</issue>
  <issue id="952758" tracker="bnc">FSP:840:FTC:ALPINE:CU:alpfp016:SLES Inband Update fails with Service pack</issue>
  <issue id="953796" tracker="bnc">Dell PERC S130 controller is unable to enumerate Virtual Disks during SLES12 SP1 Installation</issue>
  <issue id="953980" tracker="bnc">i915: WARNING at ../drivers/gpu/drm/i915/i915_irq.c:91 i915_hpd_irq_setup</issue>
  <issue id="954635" tracker="bnc">kABI Breakage in kernel update 3.12.48-52.27.1</issue>
  <issue id="955148" tracker="bnc">additional memory hotplug patches required for PRIMEQUEST</issue>
  <issue id="955224" tracker="bnc">L3: PMTU flapping problem in SLES12</issue>
  <issue id="955422" tracker="bnc">L3: fragmented IPv6 multicast frames sometimes missing with bridged macvlan</issue>
  <issue id="955533" tracker="bnc">LTP: syscall.tcf fanotify06 failed in all platforms</issue>
  <issue id="955644" tracker="bnc">unify CONFIG_CRASHER on all archs</issue>
  <issue id="956047" tracker="bnc">"setting latency timer to 64" message spams</issue>
  <issue id="956053" tracker="bnc">Btrfs: data loss, file corruption and security vulnerability when using the clone ioctl</issue>
  <issue id="956703" tracker="bnc">Kernel oops when tracing task interacting with NFS</issue>
  <issue id="956711" tracker="bnc">Scheduling while atomic bug in ring_buffer code</issue>
  <issue id="CVE-2015-7799" tracker="cve" />
  <issue id="CVE-2015-5283" tracker="cve" />
  <issue id="CVE-2015-2925" tracker="cve" />
  <issue id="CVE-2015-8104" tracker="cve" />
  <issue id="CVE-2015-5307" tracker="cve" />
  <issue id="CVE-2015-7990" tracker="cve" />
  <issue id="CVE-2015-7872" tracker="cve" />
  <issue id="CVE-2015-0272" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>michal-m</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 12 kernel was updated to 3.12.51 to receive various security and bugfixes.

Following security bugs were fixed:
- CVE-2015-7799: The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel did not ensure that certain slot numbers were valid, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted PPPIOCSMAXCID ioctl call (bnc#949936).
- CVE-2015-5283: The sctp_init function in net/sctp/protocol.c in the Linux kernel had an incorrect sequence of protocol-initialization steps, which allowed local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished (bnc#947155).
- CVE-2015-2925: The prepend_path function in fs/dcache.c in the Linux kernel did not properly handle rename actions inside a bind mount, which allowed local users to bypass an intended container protection mechanism by renaming a directory, related to a "double-chroot attack (bnc#926238).
- CVE-2015-8104: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c (bnc#954404).
- CVE-2015-5307: The KVM subsystem in the Linux kernel allowed guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (bnc#953527).
- CVE-2015-7990: RDS: There was no verification that an underlying transport exists when creating a connection, causing usage of a NULL pointer (bsc#952384).
- CVE-2015-7872: The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel allowed local users to cause a denial of service (OOPS) via crafted keyctl commands (bnc#951440).
- CVE-2015-0272: Missing checks allowed remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215 (bnc#944296).

The following non-security bugs were fixed:
- ALSA: hda - Disable 64bit address for Creative HDA controllers (bnc#814440).
- Add PCI IDs of Intel Sunrise Point-H SATA Controller S232/236 (bsc#953796).
- Btrfs: fix file corruption and data loss after cloning inline extents (bnc#956053).
- Btrfs: fix truncation of compressed and inlined extents (bnc#956053).
- Disable some ppc64le netfilter modules to restore the kabi (bsc#951546)
- Fix regression in NFSRDMA server (bsc#951110).
- KEYS: Fix race between key destruction and finding a keyring by name (bsc#951440).
- KVM: x86: call irq notifiers with directed EOI (bsc#950862).
- NVMe: Add shutdown timeout as module parameter (bnc#936076).
- NVMe: Mismatched host/device page size support (bsc#935961).
- PCI: Drop "setting latency timer" messages (bsc#956047).
- SCSI: Fix hard lockup in scsi_remove_target() (bsc#944749).
- SCSI: hosts: update to use ida_simple for host_no (bsc#939926)
- SUNRPC: Fix oops when trace sunrpc_task events in nfs client (bnc#956703).
- Sync ppc64le netfilter config options with other archs (bnc#951546)
- Update kabi files with sbc_parse_cdb symbol change (bsc#954635).
- apparmor: allow SYS_CAP_RESOURCE to be sufficient to prlimit another task (bsc#921949).
- apparmor: temporary work around for bug while unloading policy (boo#941867).
- audit: correctly record file names with different path name types (bsc#950013).
- audit: create private file name copies when auditing inodes (bsc#950013).
- cpu: Defer smpboot kthread unparking until CPU known to scheduler (bsc#936773).
- dlm: make posix locks interruptible, (bsc#947241).
- dm sysfs: introduce ability to add writable attributes (bsc#904348).
- dm-snap: avoid deadock on s->lock when a read is split (bsc#939826).
- dm: do not start current request if it would've merged with the previous (bsc#904348).
- dm: impose configurable deadline for dm_request_fn's merge heuristic (bsc#904348).
- dmapi: Fix xfs dmapi to not unlock and lock XFS_ILOCK_EXCL (bsc#949744).
- drm/i915: Avoid race of intel_crt_detect_hotplug() with HPD interrupt, v2 (bsc#942938).
- drm/i915: add hotplug activation period to hotplug update mask (bsc#953980).
- fanotify: fix notification of groups with inode and mount marks (bsc#955533).
- genirq: Make sure irq descriptors really exist when __irq_alloc_descs returns (bsc#945626).
- hv: vss: run only on supported host versions (bnc#949504).
- ipv4: Do not increase PMTU with Datagram Too Big message (bsc#955224).
- ipv6: Check RTF_LOCAL on rt->rt6i_flags instead of rt->dst.flags (bsc#947321).
- ipv6: Consider RTF_CACHE when searching the fib6 tree (bsc#947321).
- ipv6: Extend the route lookups to low priority metrics (bsc#947321).
- ipv6: Stop /128 route from disappearing after pmtu update (bsc#947321).
- ipv6: Stop rt6_info from using inet_peer's metrics (bsc#947321).
- ipv6: distinguish frag queues by device for multicast and link-local packets (bsc#955422).
- ipvs: drop first packet to dead server (bsc#946078).
- kABI: protect struct ahci_host_priv.
- kABI: protect struct rt6_info changes from bsc#947321 changes (bsc#947321).
- kabi: Hide rt6_* types from genksyms on ppc64le (bsc#951546).
- kabi: Restore kabi in struct iscsi_tpg_attrib (bsc#954635).
- kabi: Restore kabi in struct se_cmd (bsc#954635).
- kabi: Restore kabi in struct se_subsystem_api (bsc#954635).
- kabi: protect skb_copy_and_csum_datagram_iovec() signature (bsc#951199).
- kgr: fix migration of kthreads to the new universe.
- kgr: wake up kthreads periodically.
- ktime: add ktime_after and ktime_before helper (bsc#904348).
- macvlan: Support bonding events (bsc#948521).
- net: add length argument to skb_copy_and_csum_datagram_iovec (bsc#951199).
- net: handle null iovec pointer in skb_copy_and_csum_datagram_iovec() (bsc#951199).
- pci: Update VPD size with correct length (bsc#924493).
- rcu: Eliminate deadlock between CPU hotplug and expedited grace periods (bsc#949706).
- ring-buffer: Always run per-cpu ring buffer resize with schedule_work_on() (bnc#956711).
- route: Use ipv4_mtu instead of raw rt_pmtu (bsc#955224).
- rtc: cmos: Cancel alarm timer if alarm time is equal to now+1 seconds (bsc#930145).
- rtc: cmos: Revert "rtc-cmos: Add an alarm disable quirk" (bsc#930145).
- sched/core: Fix task and run queue sched_info::run_delay inconsistencies (bnc#949100).
- sunrpc/cache: make cache flushing more reliable (bsc#947478).
- supported.conf: Add missing dependencies of supported modules hwmon_vid needed by nct6775 hwmon_vid needed by w83627ehf reed_solomon needed by ramoops
- supported.conf: Fix dependencies on ppc64le of_mdio needed by mdio-gpio
- target/pr: fix core_scsi3_pr_seq_non_holder() caller (bnc#952666).
- target/rbd: fix COMPARE AND WRITE page vector leak (bnc#948831).
- target/rbd: fix PR info memory leaks (bnc#948831).
- target: Send UA upon LUN RESET tmr completion (bsc#933514).
- target: use "^A" when allocating UAs (bsc#933514).
- usbvision fix overflow of interfaces array (bnc#950998).
- vmxnet3: Fix ethtool -S to return correct rx queue stats (bsc#950750).
- vmxnet3: adjust ring sizes when interface is down (bsc#950750).
- x86/efi: Fix boot crash by mapping EFI memmap entries bottom-up at runtime, instead of top-down (bsc#940853).
- x86/evtchn: make use of PHYSDEVOP_map_pirq.
- x86/mm/hotplug: Modify PGD entry when removing memory (VM Functionality, bnc#955148).
- x86/mm/hotplug: Pass sync_global_pgds() a correct argument in remove_pagetable() (VM Functionality, bnc#955148).
- xfs: DIO needs an ioend for writes (bsc#949744).
- xfs: DIO write completion size updates race (bsc#949744).
- xfs: DIO writes within EOF do not need an ioend (bsc#949744).
- xfs: always drain dio before extending aio write submission (bsc#949744).
- xfs: direct IO EOF zeroing needs to drain AIO (bsc#949744).
- xfs: do not allocate an ioend for direct I/O completions (bsc#949744).
- xfs: factor DIO write mapping from get_blocks (bsc#949744).
- xfs: handle DIO overwrite EOF update completion correctly (bsc#949744).
- xfs: move DIO mapping size calculation (bsc#949744).
- xfs: using generic_file_direct_write() is unnecessary (bsc#949744).
- xhci: Add spurious wakeup quirk for LynxPoint-LP controllers (bnc#951165).
- xhci: change xhci 1.0 only restrictions to support xhci 1.1 (bnc#949463).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places