Overview

File _patchinfo of Package patchinfo.20293

<patchinfo incident="20293">
  <issue id="1152489" tracker="bnc">[TRACKERBUG] git-fixes pile for SLE15-SP2</issue>
  <issue id="1153274" tracker="bnc">Jira Broadcom-7 SLE15SP2 update requests</issue>
  <issue id="1154353" tracker="bnc">Update skb/net-sched kernel API</issue>
  <issue id="1155518" tracker="bnc">[TRACKERBUG] Pending bpf kernel fixes (SLE15-SP2)</issue>
  <issue id="1164648" tracker="bnc">SLE15-SP2 backports for time namespace feature</issue>
  <issue id="1176447" tracker="bnc">TRACKERBUG Network Infrastructure backports for 15SP3</issue>
  <issue id="1176774" tracker="bnc">Mellanox mlxsw/platform driver update for SLE15-SP3</issue>
  <issue id="1176919" tracker="bnc">[15sp3 FEAT] [P10] P10 hardware counter (performance counters/perf:) support (kernel and perf:)</issue>
  <issue id="1177028" tracker="bnc">[TRACKERBUG] Pending bpf kernel fixes (SLE15-SP3)</issue>
  <issue id="1178134" tracker="bnc">[TRACKERBUG] git-fixes pile for SLE15-SP3</issue>
  <issue id="1182470" tracker="bnc">SLES 15 SP3 - FC SANboot servers enter read-only mode during array upgrade</issue>
  <issue id="1184212" tracker="bnc">SLES 15 SP3 Snapshot10 - ISST-LTE:benzlp53 HTX+dlpar crashed @ clear_inode (XFS DAX)</issue>
  <issue id="1184685" tracker="bnc">mc990x/broadwell: sles15sp3: snbep_pci2phy_map_init panic</issue>
  <issue id="1185486" tracker="bnc">after 30 times of flap cable pull on switch, NVMe LUNs lost one of the paths unless the host being rebooted</issue>
  <issue id="1185675" tracker="bnc">Elektrobit: Kernel WARN in rcu_note_context_switch followed by partial lockup</issue>
  <issue id="1185677" tracker="bnc">[Tracker] s390x stack unwinding</issue>
  <issue id="1186206" tracker="bnc">SLES 15 SP3 Snapshot7 - ISST-LTE:950:VNIC:sumlp57 lost network while doing VNIC failover and seen lot of call traces (ibmvnic)</issue>
  <issue id="1186666" tracker="bnc">VUL-0: CVE-2021-3573: kernel-source: Use-After-Free vulnerability in function hci_sock_bound_ioctl()</issue>
  <issue id="1186949" tracker="bnc">Revert "scsi: core: run queue if SCSI device queue isn't ready and  queue is idle"</issue>
  <issue id="1187171" tracker="bnc">Missing fix in mvpp2 NIC driver</issue>
  <issue id="1187263" tracker="bnc">[HPS Bug][SLES15sp3 RC2] Secondary CPU startup failed when SNC (sub-numa cluster) is enabled with 3 NIC add-on cards installed</issue>
  <issue id="1187356" tracker="bnc">fuse: BUG_ON correction in fuse_dev_splice_write()</issue>
  <issue id="1187402" tracker="bnc">[PATCH] block: Discard page cache of zone reset target range</issue>
  <issue id="1187403" tracker="bnc">[PATCH] kyber: fix out of bounds access when preempted</issue>
  <issue id="1187404" tracker="bnc">[PATCH] ext4: fix check to prevent false positive report of incorrect  used inodes</issue>
  <issue id="1187407" tracker="bnc">[PATCH] ext4: fix error code in ext4_commit_super</issue>
  <issue id="1187408" tracker="bnc">[PATCH] ext4: fix bug on in ext4_es_cache_extent as  ext4_split_extent_at failed</issue>
  <issue id="1187409" tracker="bnc">[PATCH] ext4: fix memory leak in ext4_fill_super</issue>
  <issue id="1187410" tracker="bnc">[PATCH] fs: fix reporting supported extra file attributes for statx()</issue>
  <issue id="1187411" tracker="bnc">[PATCH] dax: Wake up all waiters after invalidating dax entry</issue>
  <issue id="1187412" tracker="bnc">[PATCH] ocfs2: fix data corruption by fallocate</issue>
  <issue id="1187413" tracker="bnc">[PATCH] Revert "ecryptfs: replace BUG_ON with error handling code"</issue>
  <issue id="1187452" tracker="bnc">VUL-0: CVE-2021-34693: kernel-source,kernel-source-azure,kernel-source-rt: allows local users to obtain sensitive information from stack memory because of uninitialized data structure in net/can/bcm.c</issue>
  <issue id="1187554" tracker="bnc">VUL-0: CVE-2021-33624: kernel-source-azure,kernel-source,kernel-source-rt: Linux kernel BPF protection against speculative execution attacks can be bypassed to read arbitrary kernel memory</issue>
  <issue id="1187595" tracker="bnc">VUL-0: CVE-2021-0512: kernel-source-azure,kernel-source-rt,kernel-source: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c</issue>
  <issue id="1187601" tracker="bnc">VUL-0: CVE-2021-0605: kernel-source,kernel-source-rt,kernel-source-azure: In pfkey_dump() dplen and splen can both be specified to access the xfrm_address_t structure out of bounds</issue>
  <issue id="1187795" tracker="bnc">scsi: ufs: Fix imprecise load calculation in devfreq window</issue>
  <issue id="1187867" tracker="bnc">[PATCH] kthread: prevent deadlock when kthread_mod_delayed_work()  races with kthread_cancel_delayed_work_sync()</issue>
  <issue id="1187883" tracker="bnc">scsi: core: Fix race between handling STS_RESOURCE and completion</issue>
  <issue id="1187886" tracker="bnc">scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration</issue>
  <issue id="1187927" tracker="bnc">ceph: must hold snap_rwsem when filling inode for async create</issue>
  <issue id="1187972" tracker="bnc">cgroup1: don't allow '\n' in renaming</issue>
  <issue id="1187980" tracker="bnc">scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM</issue>
  <issue id="2021-3573" tracker="cve" />
  <issue id="2021-0605" tracker="cve" />
  <issue id="2021-0512" tracker="cve" />
  <issue id="2021-33624" tracker="cve" />
  <issue id="2021-34693" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>ppyu</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2021-3573: Fixed an UAF vulnerability in function that can allow attackers to corrupt kernel heaps and adopt further exploitations. (bsc#1186666)
- CVE-2021-0605: Fixed an out-of-bounds read which could lead to local information disclosure in the kernel with System execution privileges needed. (bsc#1187601)
- CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1187595)
- CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to leak the contents of arbitrary kernel memory (and therefore, of all physical memory) via a side-channel. (bsc#1187554)
- CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. (bsc#1187452)

The following non-security bugs were fixed:

- 0001-x86-sched-Treat-Intel-SNC-topology-as-default-COD-as.patch: (bsc#1187263).
- alx: Fix an error handling path in 'alx_probe()' (git-fixes).
- ASoC: fsl-asoc-card: Set .owner attribute when registering card (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet (git-fixes).
- ASoC: max98088: fix ni clock divider calculation (git-fixes).
- ASoC: rt5659: Fix the lost powers for the HDA header (git-fixes).
- ASoC: rt5682: Fix the fast discharge for headset unplugging in soundwire mode (git-fixes).
- ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: tas2562: Fix TDM_CFG0_SAMPRATE values (git-fixes).
- batman-adv: Avoid WARN_ON timing related checks (git-fixes).
- be2net: Fix an error handling path in 'be_probe()' (git-fixes).
- block: Discard page cache of zone reset target range (bsc#1187402).
- Bluetooth: Add a new USB ID for RTL8822CE (git-fixes).
- Bluetooth: use correct lock to prevent UAF of hdev object (git-fixes).
- bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix TQM fastpath ring backing store computation (jsc#SLE-8371 bsc#1153274).
- bnxt_en: Rediscover PHY capabilities after firmware reset (jsc#SLE-8371 bsc#1153274).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc (bsc#1177028).
- bpf: Fix libelf endian handling in resolv_btfids (bsc#1177028).
- bpfilter: Specify the log level for the kmsg message (bsc#1155518).
- can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
- ceph: must hold snap_rwsem when filling inode for async create (bsc#1187927).
- cfg80211: avoid double free of PMSR request (git-fixes).
- cfg80211: make certificate generation more robust (git-fixes).
- cgroup1: do not allow '\n' in renaming (bsc#1187972).
- cxgb4: fix endianness when flashing boot image (jsc#SLE-15131).
- cxgb4: fix sleep in atomic when flashing PHY firmware (jsc#SLE-15131).
- cxgb4: fix wrong ethtool n-tuple rule lookup (jsc#SLE-15131).
- cxgb4: fix wrong shift (git-fixes).
- cxgb4: halt chip before flashing PHY firmware image (jsc#SLE-15131).
- dax: Add a wakeup mode parameter to put_unlocked_entry() (bsc#1187411).
- dax: Add an enum for specifying dax wakup mode (bsc#1187411).
- dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
- dax: Wake up all waiters after invalidating dax entry (bsc#1187411).
- dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix error return code in two functions (git-fixes).
- dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (git-fixes).
- dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
- dmaengine: stedma40: add missing iounmap() on error in d40_probe() (git-fixes).
- drm: Fix use-after-free read in drm_getunique() (git-fixes).
- drm: Lock pointer access in drm_master_release() (git-fixes).
- drm/amd/amdgpu:save psp ring wptr to avoid attack (git-fixes).
- drm/amd/display: Allow bandwidth validation for 0 streams (git-fixes).
- drm/amd/display: Fix potential memory leak in DMUB hw_init (git-fixes).
- drm/amdgpu: refine amdgpu_fru_get_product_info (git-fixes).
- drm/sun4i: dw-hdmi: Make HDMI PHY into a platform device (git-fixes).
- drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (git-fixes).
- drm/vc4: hdmi: Move the HSM clock enable to runtime_pm (git-fixes).
- dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
- ethtool: strset: fix message length calculation (bsc#1176447).
- ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (bsc#1187408).
- ext4: fix check to prevent false positive report of incorrect used inodes (bsc#1187404).
- ext4: fix error code in ext4_commit_super (bsc#1187407).
- ext4: fix memory leak in ext4_fill_super (bsc#1187409).
- FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
- fs: fix reporting supported extra file attributes for statx() (bsc#1187410).
- ftrace: Do not blindly read the ip address in ftrace_bug() (git-fixes).
- ftrace: Free the trampoline when ftrace_startup() fails (git-fixes).
- fuse: BUG_ON correction in fuse_dev_splice_write() (bsc#1187356).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-input: add mapping for emoji picker key (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure (git-fixes).
- HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: usbhid: Fix race between usbhid_close() and usbhid_stop() (git-fixes).
- hwmon: (scpi-hwmon) shows the negative temperature properly (git-fixes).
- i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
- ice: add ndo_bpf callback for safe mode netdev ops (jsc#SLE-7926).
- ice: parameterize functions responsible for Tx ring management (jsc#SLE-12878).
- isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
- kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
- kernel: kexec_file: fix error return code of kexec_calculate_store_digests() (git-fixes).
- kthread_worker: split code for canceling the delayed work timer (bsc#1187867).
- kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (bsc#1187867).
- kyber: fix out of bounds access when preempted (bsc#1187403).
- lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
- media: mtk-mdp: Check return value of of_clk_get (git-fixes).
- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
- media: s5p-g2d: Fix a memory leak in an error handling path in 'g2d_probe()' (git-fixes).
- mlxsw: reg: Spectrum-3: Enforce lowest max-shaper burst size of 11 (bsc#1176774).
- mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk (git-fixes).
- module: limit enabling module.sig_enforce (git-fixes).
- net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
- net/mlx5: Consider RoCE cap before init RDMA resources (git-fixes).
- net/mlx5: E-Switch, Allow setting GUID for host PF vport (jsc#SLE-15172).
- net/mlx5: E-Switch, Read PF mac address (jsc#SLE-15172).
- net/mlx5: Fix PBMC register mapping (git-fixes).
- net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
- net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa (git-fixes).
- net/mlx5: Reset mkey index on creation (jsc#SLE-15172).
- net/mlx5e: Block offload of outer header csum for UDP tunnels (git-fixes).
- net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
- net/mlx5e: Remove dependency in IPsec initialization flows (git-fixes).
- net/nfc/rawsock.c: fix a permission check bug (git-fixes).
- net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
- net/x25: Return the correct errno code (git-fixes).
- netxen_nic: Fix an error handling path in 'netxen_nic_probe()' (git-fixes).
- NFS: Fix a potential NULL dereference in nfs_get_client() (git-fixes).
- NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
- NFS: Fix deadlock between nfs4_evict_inode() and nfs4_opendata_get_inode() (git-fixes).
- nvmem: rmem: fix undefined reference to memremap (git-fixes).
- ocfs2: fix data corruption by fallocate (bsc#1187412).
- PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- perf/x86/intel/uncore: Fix a kernel WARNING triggered by maxcpus=1 (git-fixes).
- perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (bsc#1184685).
- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not set (jsc#SLE-13513 bsc#1176919 ltc#186162 git-fixes).
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470 bsc#1185486).
- qlcnic: Fix an error handling path in 'qlcnic_probe()' (git-fixes).
- radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
- regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting (git-fixes).
- Removed patch that was incorrectly added to SLE15-SP2 (bsc#1186949)
- Revert "ecryptfs: replace BUG_ON with error handling code" (bsc#1187413).
- Revert "ibmvnic: simplify reset_long_term_buff function" (bsc#1186206 ltc#191041).
- Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" (git-fixes).
- Revert "video: hgafb: fix potential NULL pointer dereference" (git-fixes).
- Revert "video: imsttfb: fix potential NULL pointer dereferences" (bsc#1152489)
- s390/dasd: add missing discipline function (git-fixes).
- s390/stack: fix possible register corruption with stack switch helper (bsc#1185677).
- sched/debug: Fix cgroup_path[] serialization (git-fixes)
- sched/fair: Keep load_avg and load_sum synced (git-fixes)
- scsi: core: Fix race between handling STS_RESOURCE and completion (bsc#1187883).
- scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration (bsc#1187886).
- scsi: ufs: Fix imprecise load calculation in devfreq window (bsc#1187795).
- SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- spi: spi-nxp-fspi: move the register operation after the clock enable (git-fixes).
- spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- spi: stm32-qspi: Always wait BUSY bit to be cleared in stm32_qspi_wait_cmd() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- tracing: Correct the length check which causes memory corruption (git-fixes).
- tracing: Do no increment trace_clock_global() by one (git-fixes).
- tracing: Do not stop recording cmdlines when tracing is off (git-fixes).
- tracing: Do not stop recording comms if the trace file is being read (git-fixes).
- tracing: Restructure trace_clock_global() to never block (git-fixes).
- USB: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: debugfs: Add and remove endpoint dirs dynamically (git-fixes).
- USB: dwc3: ep0: fix NULL pointer exception (git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer (git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer (git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind (git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- video: hgafb: correctly handle card detect failure during probe (git-fixes).
- video: hgafb: fix potential NULL pointer dereference (git-fixes).
- vrf: fix maximum MTU (git-fixes).
- x86/elf: Use _BITUL() macro in UAPI headers (bsc#1178134).
- x86/fpu: Preserve supervisor states in sanitize_restored_user_xstate() (bsc#1178134).
- x86/pkru: Write hardware init value to PKRU when xstate is init (bsc#1152489).
- x86/process: Check PF_KTHREAD and not current->mm for kernel threads (bsc#1152489).
- xen-blkback: fix compatibility bug with single page rings (git-fixes).
- xen-pciback: reconfigure also from backend watch handler (git-fixes).
- xen-pciback: redo VF placement in the virtual topology (git-fixes).
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- xfrm: policy: Read seqcount outside of rcu-read side in xfrm_policy_lookup_bytype (bsc#1185675).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places