Overview

File _patchinfo of Package patchinfo.19109

<patchinfo incident="19109">
  <issue id="1047233" tracker="bnc">L3-Question: zypper returns 0 even while installation returns error</issue>
  <issue id="1065729" tracker="bnc">[trackerbug] 4.12 powerpc base kernel fixes</issue>
  <issue id="1113295" tracker="bnc">[15sp1 FEAT] Support for Hybrid Memory Subsystem (HMS) (OpenCAPI) (POWER9) (required for SAP HANA on POWER)</issue>
  <issue id="1152489" tracker="bnc">[TRACKERBUG] git-fixes pile for SLE15-SP2</issue>
  <issue id="1154353" tracker="bnc">Update skb/net-sched kernel API</issue>
  <issue id="1155518" tracker="bnc">[TRACKERBUG] Pending bpf kernel fixes (SLE15-SP2)</issue>
  <issue id="1156395" tracker="bnc">[TRACKERBUG] 5.3 powerpc base kernel fixes</issue>
  <issue id="1178181" tracker="bnc">VUL-0: CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673: kernel-source: multiple bugs in the NFC subsystem</issue>
  <issue id="1181507" tracker="bnc">CIFS Cancelling wait for mid 5/6/16</issue>
  <issue id="1183405" tracker="bnc">L3: Delayed outgoing packets causing NFS timeouts</issue>
  <issue id="1184074" tracker="bnc">switching video output from nvidia to hd530, system won't reboot/shutdown anymore</issue>
  <issue id="1184120" tracker="bnc">VUL-0: CVE-2021-30002: kernel-source: Memory leak triggered by unpriviledged ioctl in V4L - report from upstream</issue>
  <issue id="1184194" tracker="bnc">VUL-0: CVE-2021-28950: kernel-source: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode</issue>
  <issue id="1184211" tracker="bnc">VUL-1: CVE-2020-36322: kernel-source: FUSE driver can confuse kernel by changing inode type</issue>
  <issue id="1184388" tracker="bnc">L3: ZYPPER_ON_CODE12_RETURN_107 not returning the expected value</issue>
  <issue id="1184391" tracker="bnc">VUL-0: CVE-2021-29154: kernel-source: LPE due to incorrect BPF JIT branch displacement computation</issue>
  <issue id="1184393" tracker="bnc">VUL-0: CVE-2021-3483: kernel-source: use-after-free in nosy.c</issue>
  <issue id="1184509" tracker="bnc">VUL-1: CVE-2020-36312: kernel-source-azure,kernel-source-rt,kernel-source: kvm_io_bus_unregister_dev memory leak in virt/kvm/kvm_main.c</issue>
  <issue id="1184511" tracker="bnc">VUL-1: CVE-2020-36311: kernel-source-azure,kernel-source-rt,kernel-source: denial of service by triggering destruction of a large SEV VM</issue>
  <issue id="1184512" tracker="bnc">VUL-1: CVE-2020-36310: kernel-source-rt,kernel-source,kernel-source-azure: infinite loop in set_memory_region_test  arch/x86/kvm/svm/svm.c</issue>
  <issue id="1184514" tracker="bnc">kernel-default-devel-5.11.11-1.2.x86_64 does not depend on kernel-default-5.11.11-1.2.x86_64</issue>
  <issue id="1184583" tracker="bnc">Fix for XSA-332 CVE-2020-27673 breaks IRQ affinity setting in Xen guests</issue>
  <issue id="1184647" tracker="bnc">SLES 15 SP3 Snapshot9upd - SLES 15 SP3 Snapshot9 / kotd crashes at boot time in the ibmvfc module</issue>
  <issue id="2021-28950" tracker="cve" />
  <issue id="2020-36310" tracker="cve" />
  <issue id="2020-36312" tracker="cve" />
  <issue id="2021-29154" tracker="cve" />
  <issue id="2020-25673" tracker="cve" />
  <issue id="2020-25672" tracker="cve" />
  <issue id="2020-25671" tracker="cve" />
  <issue id="2020-25670" tracker="cve" />
  <issue id="2020-36311" tracker="cve" />
  <issue id="2021-3483" tracker="cve" />
  <issue id="2021-30002" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>olh</packager>
  <reboot_needed/>
  <description>The SUSE Linux Enterprise 15 SP2 Azure kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed multiple bugs in NFC subsytem (bsc#1178181).
- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering destruction of a large SEV VM (bsc#1184511).
- CVE-2021-29154: Fixed incorrect computation of branch displacements, allowing arbitrary code execution (bsc#1184391).
- CVE-2021-30002: Fixed a memory leak for large arguments in video_usercopy (bsc#1184120).
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2020-36310: Fixed infinite loop for certain nested page faults (bsc#1184512).
- CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509 ).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop continually was finding the same bad inode (bsc#1184194).

The following non-security bugs were fixed:

- ALSA: aloop: Fix initialization of controls (git-fixes).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
- appletalk: Fix skb allocation size in loopback case (git-fixes).
- ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: intel: atom: Remove 44100 sample-rate from the media and deep-buffer DAI descriptions (git-fixes).
- ASoC: intel: atom: Stop advertising non working S24LE support (git-fixes).
- ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips (git-fixes).
- ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr() (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field (git-fixes).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
- brcmfmac: clear EAP/association status bits on linkdown events (git-fixes).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted (git-fixes).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: New optype for session operations (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- clk: fix invalid usage of list cursor in register (git-fixes).
- clk: fix invalid usage of list cursor in unregister (git-fixes).
- clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor() (git-fixes).
- drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
- drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings() (git-fixes).
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs (git-fixes).
- drm/msm: Ratelimit invalid-fence message (git-fixes).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
- enetc: Fix reporting of h/w packet counters (git-fixes).
- fuse: fix bad inode (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
- i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
- ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
- kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- libbpf: Fix INSTALL flag order (bsc#1155518).
- locking/mutex: Fix non debug version of mutex_lock_io_nested() (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: fix TXQ AC confusion (git-fixes).
- mISDN: fix crash in fritzpci (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: ethernet: ti: cpsw: fix error return code in cpsw_probe() (git-fixes).
- net: hns3: Remove the left over redundant check &amp; assignment (bsc#1154353).
- net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
- net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
- net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
- net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
- net: qualcomm: rmnet: Fix incorrect receive packet handling during cleanup (git-fixes).
- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
- net: wan/lmc: unregister device when no matching device is found (git-fixes).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (git-fixes).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (git-fixes).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- post.sh: Return an error when module update fails (bsc#1047233 bsc#1184388).
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry() (bsc#1065729).
- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
- powerpc/sstep: Check instruction validity against ISA version before emulation (bsc#1156395).
- powerpc/sstep: Fix darn emulation (bsc#1156395).
- powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
- powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
- rpm/kernel-binary.spec.in: Fix dependency of kernel-*-devel package (bsc#1184514) 
- scsi: ibmvfc: Fix invalid state machine BUG_ON() (bsc#1184647 ltc#191231).
- smb3: add dynamic trace point to trace when credits obtained (bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight (bsc#1181507).
- soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
- thermal/core: Add NULL pointer check before using cooling device stats (git-fixes).
- USB: cdc-acm: downgrade message to debug (git-fixes).
- USB: cdc-acm: untangle a circular dependency between callback and softint (git-fixes).
- USBip: vhci_hcd fix shift out-of-bounds in vhci_hub_control() (git-fixes).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem (git-fixes).
- x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall() (bsc#1152489).
- x86/ioapic: Ignore IRQ2 again (bsc#1152489).
- x86/mem_encrypt: Correct physical address calculation in __set_clr_pte_enc() (bsc#1152489).
- xen/events: fix setting irq affinity (bsc#1184583).
</description>
<summary>Security update for the Linux Kernel</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places