Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-18224 (GCVE-0-2017-18224)
Vulnerability from cvelistv5
Published
2018-03-12 03:00
Modified
2024-08-05 21:13
Severity ?
EPSS score ?
Summary
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T21:13:49.057Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "DSA-4188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "103353", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103353", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-03-11T00:00:00", descriptions: [ { lang: "en", value: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-02T09:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "DSA-4188", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "103353", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103353", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-18224", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "DSA-4188", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "103353", refsource: "BID", url: "http://www.securityfocus.com/bid/103353", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2017-18224", datePublished: "2018-03-12T03:00:00", dateReserved: "2018-03-11T00:00:00", dateUpdated: "2024-08-05T21:13:49.057Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.15\", \"matchCriteriaId\": \"A4344060-7D43-4A74-A2EF-DE9A6F8457A6\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, en versiones anteriores a la 4.15, fs/ocfs2/aops.c omite el uso de un sem\\u00e1foro y, por consiguiente, tiene una condici\\u00f3n de carrera al acceder al \\u00e1rbol extent durante las operaciones de lectura en modo DIRECT. Esto permite que usuarios locales provoquen una denegaci\\u00f3n de servicio (bug) modificando cierto campo e_cpos.\"}]", id: "CVE-2017-18224", lastModified: "2024-11-21T03:19:36.803", metrics: "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 1.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.4, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2018-03-12T03:29:00.260", references: "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/103353\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4188\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/103353\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4188\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]", sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2017-18224\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-12T03:29:00.260\",\"lastModified\":\"2024-11-21T03:19:36.803\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, en versiones anteriores a la 4.15, fs/ocfs2/aops.c omite el uso de un semáforo y, por consiguiente, tiene una condición de carrera al acceder al árbol extent durante las operaciones de lectura en modo DIRECT. Esto permite que usuarios locales provoquen una denegación de servicio (bug) modificando cierto campo e_cpos.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.15\",\"matchCriteriaId\":\"A4344060-7D43-4A74-A2EF-DE9A6F8457A6\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103353\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4188\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/103353\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4188\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
WID-SEC-W-2022-0532
Vulnerability from csaf_certbund
Published
2018-05-01 22:00
Modified
2023-05-18 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Oracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Linux
- Appliance
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.\r\nOracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.\r\nDer Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.", title: "Angriff", }, { category: "general", text: "- Linux\n- Appliance", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0532 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2022-0532.json", }, { category: "self", summary: "WID-SEC-2022-0532 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0532", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1992-1 vom 2023-04-25", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014572.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1897-1 vom 2023-04-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014485.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1848-1 vom 2023-04-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014466.html", }, { category: "external", summary: "Ubuntu Security Notice USN-3698-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3698-2", }, { category: "external", summary: "Ubuntu Security Notice USN-3697-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3697-1", }, { category: "external", summary: "Ubuntu Security Notice USN-3696-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3696-2", }, { category: "external", summary: "Debian Security Advisory DSA-4187-1 vom 2018-05-01", url: "https://www.debian.org/security/2018/dsa-4187", }, { category: "external", summary: "Debian Security Advisory DSA-4188-1 vom 2018-05-01", url: "https://www.debian.org/security/2018/dsa-4188", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4088 vom 2018-05-01", url: "https://linux.oracle.com/errata/ELSA-2018-4088.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4087 vom 2018-05-01", url: "https://linux.oracle.com/errata/ELSA-2018-4087.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4089 vom 2018-05-02", url: "http://linux.oracle.com/errata/ELSA-2018-4089.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1173-1 vom 2018-05-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181173-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1172-1 vom 2018-05-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181172-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1318 vom 2018-05-09", url: "http://www.auscert.org.au/bulletins/62478", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1355 vom 2018-05-09", url: "https://access.redhat.com/errata/RHSA-2018:1355", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1318 vom 2018-05-09", url: "http://linux.oracle.com/errata/ELSA-2018-1318.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1217-1 vom 2018-05-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1238-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1225-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1240-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1230-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1223-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1228-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1236-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1239-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1231-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1229-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1237-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1232-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1227-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1234-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1233-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1226-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1235-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1222-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1224-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1263-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1221-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1220-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1249-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1246-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1252-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1260-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1270-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1262-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1242-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1268-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1248-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1258-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1272-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1250-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1253-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1241-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1259-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1256-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1245-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1264-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1254-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1266-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1269-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1251-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1255-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1273-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1243-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1244-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1261-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1267-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1247-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1257-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1374 vom 2018-05-16", url: "https://access.redhat.com/errata/RHSA-2018:1374", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1309-1 vom 2018-05-17", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181309-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1629 vom 2018-05-22", url: "http://linux.oracle.com/errata/ELSA-2018-1629.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4114 vom 2018-05-23", url: "http://linux.oracle.com/errata/ELSA-2018-4114.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1366-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181366-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1375-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181375-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1376-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181376-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1386-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181386-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1368-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181368-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1374-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181374-1.html", }, { category: "external", summary: "Oraclevm-errata OVMSA-2018-0223 vom 2018-05-23", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2018-May/000858.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1465-1 vom 2018-05-30", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181465-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1498-1 vom 2018-06-05", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181498-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1508-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181508-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1551-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181551-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1525-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181525-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1536-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181536-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1511-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181511-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1545-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181545-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1522-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181522-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1530-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181530-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1534-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181534-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1524-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181524-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1505-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181505-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1510-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181510-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1516-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181516-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1523-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181523-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1532-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181532-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1531-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181531-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1521-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181521-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1518-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181518-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1506-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181506-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1548-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181548-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1514-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181514-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1541-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181541-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1546-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181546-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1519-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181519-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1509-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181509-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1528-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181528-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1537-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181537-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1513-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181513-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1512-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181512-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1538-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181538-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1517-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181517-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1535-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181535-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1529-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181529-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1549-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181549-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1540-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181540-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1520-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181520-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1526-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181526-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1533-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181533-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1539-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181539-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1543-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181543-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1571-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181571-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1570-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181570-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1567-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181567-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1636-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181636-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1644-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181644-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1639-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181639-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1645-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181645-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1641-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181641-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1640-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181640-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1637-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181637-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1648-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181648-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1642-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181642-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1643-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181643-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4145 vom 2018-06-16", url: "http://linux.oracle.com/errata/ELSA-2018-4145.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4134 vom 2018-06-16", url: "http://linux.oracle.com/errata/ELSA-2018-4134.html", }, { category: "external", summary: "Red Hat Security Advisory", url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1762-1 vom 2018-06-20", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181762-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1761-1 vom 2018-06-20", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181761-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1772-1 vom 2018-06-21", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181772-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1816-1 vom 2018-06-26", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26", url: "http://linux.oracle.com/errata/ELSA-2018-1854.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4161 vom 2018-07-10", url: "http://linux.oracle.com/errata/ELSA-2018-4161.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4164 vom 2018-07-11", url: "http://linux.oracle.com/errata/ELSA-2018-4164.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2162 vom 2018-07-11", url: "http://linux.oracle.com/errata/ELSA-2018-2162.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2082-1 vom 2018-07-28", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182082-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2092-1 vom 2018-07-28", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182092-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2150-1 vom 2018-08-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182150-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2222-1 vom 2018-08-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182222-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4193 vom 2018-08-10", url: "http://linux.oracle.com/errata/ELSA-2018-4193.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2384 vom 2018-08-15", url: "http://linux.oracle.com/errata/ELSA-2018-2384.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2390 vom 2018-08-15", url: "http://linux.oracle.com/errata/ELSA-2018-2390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-14", url: "http://rhn.redhat.com/errata/RHSA-2018-2390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-14", url: "http://rhn.redhat.com/errata/RHSA-2018-2384.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2384", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2387 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2388 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2388", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2390", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2389 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2389", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2395 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2395", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2391 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2391", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2392 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2392", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2393 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2393", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2394 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2396 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2332-1 vom 2018-08-15", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182332-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2366-1 vom 2018-08-16", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182366-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4200 vom 2018-08-17", url: "http://linux.oracle.com/errata/ELSA-2018-4200.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2637-1 vom 2018-09-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182637-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2631-1 vom 2018-09-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182631-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4211 vom 2018-09-10", url: "http://linux.oracle.com/errata/ELSA-2018-4211.html", }, { category: "external", summary: "Debian Security Advisory DSA-4308 vom 2018-10-01", url: "https://www.debian.org/security/2018/dsa-4308", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3003-1 vom 2018-10-04", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3004-1 vom 2018-10-04", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183004-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3084-1 vom 2018-10-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183084-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4242 vom 2018-10-10", url: "http://linux.oracle.com/errata/ELSA-2018-4242.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4245 vom 2018-10-11", url: "http://linux.oracle.com/errata/ELSA-2018-4245.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4250 vom 2018-10-13", url: "http://linux.oracle.com/errata/ELSA-2018-4250.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2948 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:3096 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:3083 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3589-1 vom 2018-11-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3593-1 vom 2018-11-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183593-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-3083 vom 2018-11-06", url: "http://linux.oracle.com/errata/ELSA-2018-3083.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3659-1 vom 2018-11-08", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183659-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4268 vom 2018-11-08", url: "http://linux.oracle.com/errata/ELSA-2018-4268.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4269 vom 2018-11-08", url: "http://linux.oracle.com/errata/ELSA-2018-4269.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4285 vom 2018-11-21", url: "http://linux.oracle.com/errata/ELSA-2018-4285.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3934-1 vom 2018-11-29", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3961-1 vom 2018-12-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4301 vom 2018-12-10", url: "http://linux.oracle.com/errata/ELSA-2018-4301.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4304 vom 2018-12-12", url: "http://linux.oracle.com/errata/ELSA-2018-4304.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:4069-1 vom 2018-12-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184069-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:4072-1 vom 2018-12-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184072-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4315 vom 2019-01-03", url: "http://linux.oracle.com/errata/ELSA-2019-4315.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4316 vom 2019-01-04", url: "http://linux.oracle.com/errata/ELSA-2019-4316.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4317 vom 2019-01-05", url: "http://linux.oracle.com/errata/ELSA-2019-4317.html", }, { category: "external", summary: "AVAYA Security Advisory ASA-2018-252 vom 2020-01-07", url: "https://downloads.avaya.com/css/P8/documents/101051981", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:0095-1 vom 2019-01-16", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190095-1.html", }, { category: "external", summary: "Ubuntu Security Notice USN-3880-2 vom 2019-02-05", url: "https://usn.ubuntu.com/3880-2/", }, { category: "external", summary: "Ubuntu Security Notice USN-3910-1 vom 2019-03-16", url: "https://usn.ubuntu.com/3910-1/", }, { category: "external", summary: "Ubuntu Security Notice USN-3910-1 vom 2019-03-16", url: "https://usn.ubuntu.com/3910-2/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:0641 vom 2019-03-26", url: "https://access.redhat.com/errata/RHSA-2019:0641", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4596 vom 2019-04-01", url: "http://linux.oracle.com/errata/ELSA-2019-4596.html", }, { category: "external", summary: "ORACLE OVMSA-2019-0014 vom 2019-05-03", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2019-May/000936.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1190 vom 2019-05-15", url: "https://access.redhat.com/errata/RHSA-2019:1190", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1170 vom 2019-05-15", url: "https://access.redhat.com/errata/RHSA-2019:1170", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1487 vom 2019-06-18", url: "https://access.redhat.com/errata/RHSA-2019:1487", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1483 vom 2019-06-18", url: "https://access.redhat.com/errata/RHSA-2019:1483", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:2029 vom 2019-08-06", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:2043 vom 2019-08-06", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4742 vom 2019-08-10", url: "http://linux.oracle.com/errata/ELSA-2019-4742.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-2029 vom 2019-08-14", url: "http://linux.oracle.com/errata/ELSA-2019-2029.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:2430-1 vom 2019-09-23", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:2450-1 vom 2019-09-24", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192450-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2020:0036 vom 2020-01-07", url: "https://access.redhat.com/errata/RHSA-2020:0036", }, { category: "external", summary: "Ubuntu Security Notice USN-4163-1 vom 2019-10-22", url: "https://usn.ubuntu.com/4163-1/", }, { category: "external", summary: "Ubuntu Security Notice USN-4163-2 vom 2019-10-23", url: "https://usn.ubuntu.com/4163-2/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:4154 vom 2019-12-10", url: "https://access.redhat.com/errata/RHSA-2019:4154", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:4159 vom 2019-12-10", url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { category: "external", summary: "Debian Security Advisory DLA 2148 vom 2020-04-01", url: "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00025.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1587-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006912.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1603-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006927.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006921.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006932.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1604-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006931.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006928.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006924.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006930.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006929.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1671-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006966.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1656-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006977.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1663-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006971.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1646-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006970.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1754-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007033.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1758-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007031.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1775-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007036.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2156-1 vom 2020-08-07", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007238.html", }, { category: "external", summary: "Debian Security Advisory DLA-2323 vom 2020-08-12", url: "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00019.html", }, { category: "external", summary: "Ubuntu Security Notice USN-4486-1 vom 2020-09-02", url: "https://usn.ubuntu.com/4486-1/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2478-1 vom 2020-09-03", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007345.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2487-1 vom 2020-09-04", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007352.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2861-1 vom 2021-08-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009366.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2862-1 vom 2021-08-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009367.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-9473 vom 2021-10-08", url: "http://linux.oracle.com/errata/ELSA-2021-9473.html", }, { category: "external", summary: "ORACLE OVMSA-2021-0035 vom 2021-10-12", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2021-October/001033.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1988 vom 2022-05-10", url: "https://access.redhat.com/errata/RHSA-2022:1988", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1975 vom 2022-05-10", url: "https://access.redhat.com/errata/RHSA-2022:1975", }, { category: "external", summary: "Debian Security Advisory DLA-3065 vom 2022-07-01", url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-9969 vom 2022-11-01", url: "https://linux.oracle.com/errata/ELSA-2022-9969.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen", tracking: { current_release_date: "2023-05-18T22:00:00.000+00:00", generator: { date: "2024-08-15T17:29:59.999+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0532", initial_release_date: "2018-05-01T22:00:00.000+00:00", revision_history: [ { date: "2018-05-01T22:00:00.000+00:00", number: "1", summary: "Initial Release", }, { date: "2018-05-01T22:00:00.000+00:00", number: "2", summary: "Version nicht vorhanden", }, { date: "2018-05-02T22:00:00.000+00:00", number: "3", summary: "New remediations available", }, { date: "2018-05-08T22:00:00.000+00:00", number: "4", summary: "New remediations available", }, { date: "2018-05-10T22:00:00.000+00:00", number: "5", summary: "New remediations available", }, { date: "2018-05-13T22:00:00.000+00:00", number: "6", summary: "New remediations available", }, { date: "2018-05-15T22:00:00.000+00:00", number: "7", summary: "New remediations available", }, { date: "2018-05-16T22:00:00.000+00:00", number: "8", summary: "New remediations available", }, { date: "2018-05-21T22:00:00.000+00:00", number: "9", summary: "New remediations available", }, { date: "2018-05-22T22:00:00.000+00:00", number: "10", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "11", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "12", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "13", summary: "Version nicht vorhanden", }, { date: "2018-05-29T22:00:00.000+00:00", number: "14", summary: "New remediations available", }, { date: "2018-06-05T22:00:00.000+00:00", number: "15", summary: "New remediations available", }, { date: "2018-06-06T22:00:00.000+00:00", number: "16", summary: "New remediations available", }, { date: "2018-06-07T22:00:00.000+00:00", number: "17", summary: "New remediations available", }, { date: "2018-06-11T22:00:00.000+00:00", number: "18", summary: "New remediations available", }, { date: "2018-06-17T22:00:00.000+00:00", number: "19", summary: "New remediations available", }, { date: "2018-06-18T22:00:00.000+00:00", number: "20", summary: "New remediations available", }, { date: "2018-06-19T22:00:00.000+00:00", number: "21", summary: "Added references", }, { date: "2018-06-21T22:00:00.000+00:00", number: "22", summary: "New remediations available", }, { date: "2018-06-24T22:00:00.000+00:00", number: "23", summary: "Added references", }, { date: "2018-06-27T22:00:00.000+00:00", number: "24", summary: "Added references", }, { date: "2018-07-10T22:00:00.000+00:00", number: "25", summary: "New remediations available", }, { date: "2018-07-29T22:00:00.000+00:00", number: "26", summary: "New remediations available", }, { date: "2018-08-01T22:00:00.000+00:00", number: "27", summary: "New remediations available", }, { date: "2018-08-06T22:00:00.000+00:00", number: "28", summary: "New remediations available", }, { date: "2018-08-09T22:00:00.000+00:00", number: "29", summary: "New remediations available", }, { date: "2018-08-14T22:00:00.000+00:00", number: "30", summary: "New remediations available", }, { date: "2018-08-14T22:00:00.000+00:00", number: "31", summary: "New remediations available", }, { date: "2018-08-15T22:00:00.000+00:00", number: "32", summary: "New remediations available", }, { date: "2018-08-16T22:00:00.000+00:00", number: "33", summary: "New remediations available", }, { date: "2018-08-16T22:00:00.000+00:00", number: "34", summary: "Version nicht vorhanden", }, { date: "2018-08-16T22:00:00.000+00:00", number: "35", summary: "Version nicht vorhanden", }, { date: "2018-08-27T22:00:00.000+00:00", number: "36", summary: "Added references", }, { date: "2018-09-06T22:00:00.000+00:00", number: "37", summary: "New remediations available", }, { date: "2018-09-10T22:00:00.000+00:00", number: "38", summary: "New remediations available", }, { date: "2018-10-01T22:00:00.000+00:00", number: "39", summary: "New remediations available", }, { date: "2018-10-04T22:00:00.000+00:00", number: "40", summary: "New remediations available", }, { date: "2018-10-09T22:00:00.000+00:00", number: "41", summary: "New remediations available", }, { date: "2018-10-10T22:00:00.000+00:00", number: "42", summary: "New remediations available", }, { date: "2018-10-14T22:00:00.000+00:00", number: "43", summary: "New remediations available", }, { date: "2018-10-30T23:00:00.000+00:00", number: "44", summary: "New remediations available", }, { date: "2018-10-31T23:00:00.000+00:00", number: "45", summary: "New remediations available", }, { date: "2018-11-05T23:00:00.000+00:00", number: "46", summary: "New remediations available", }, { date: "2018-11-07T23:00:00.000+00:00", number: "47", summary: "New remediations available", }, { date: "2018-11-08T23:00:00.000+00:00", number: "48", summary: "New remediations available", }, { date: "2018-11-20T23:00:00.000+00:00", number: "49", summary: "New remediations available", }, { date: "2018-11-28T23:00:00.000+00:00", number: "50", summary: "New remediations available", }, { date: "2018-12-02T23:00:00.000+00:00", number: "51", summary: "New remediations available", }, { date: "2018-12-03T23:00:00.000+00:00", number: "52", summary: "Minor corrections", }, { date: "2018-12-09T23:00:00.000+00:00", number: "53", summary: "New remediations available", }, { date: "2018-12-11T23:00:00.000+00:00", number: "54", summary: "New remediations available", }, { date: "2018-12-12T23:00:00.000+00:00", number: "55", summary: "New remediations available", }, { date: "2019-01-03T23:00:00.000+00:00", number: "56", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-01-06T23:00:00.000+00:00", number: "57", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-01-15T23:00:00.000+00:00", number: "58", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-02-04T23:00:00.000+00:00", number: "59", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-03-17T23:00:00.000+00:00", number: "60", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-03-25T23:00:00.000+00:00", number: "61", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-03-31T22:00:00.000+00:00", number: "62", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-05-05T22:00:00.000+00:00", number: "63", summary: "Neue Updates von ORACLE aufgenommen", }, { date: "2019-05-15T22:00:00.000+00:00", number: "64", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-06-17T22:00:00.000+00:00", number: "65", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-08-06T22:00:00.000+00:00", number: "66", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-08-11T22:00:00.000+00:00", number: "67", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-08-13T22:00:00.000+00:00", number: "68", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-09-23T22:00:00.000+00:00", number: "69", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-09-24T22:00:00.000+00:00", number: "70", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-10-21T22:00:00.000+00:00", number: "71", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-10-22T22:00:00.000+00:00", number: "72", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-12-09T23:00:00.000+00:00", number: "73", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-12-09T23:00:00.000+00:00", number: "74", summary: "Version nicht vorhanden", }, { date: "2020-01-06T23:00:00.000+00:00", number: "75", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2020-01-07T23:00:00.000+00:00", number: "76", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2020-04-01T22:00:00.000+00:00", number: "77", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-06-09T22:00:00.000+00:00", number: "78", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-11T22:00:00.000+00:00", number: "79", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-18T22:00:00.000+00:00", number: "80", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-25T22:00:00.000+00:00", number: "81", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-08-06T22:00:00.000+00:00", number: "82", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-08-12T22:00:00.000+00:00", number: "83", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-09-01T22:00:00.000+00:00", number: "84", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2020-09-03T22:00:00.000+00:00", number: "85", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-09-06T22:00:00.000+00:00", number: "86", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-08-29T22:00:00.000+00:00", number: "87", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-10-10T22:00:00.000+00:00", number: "88", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2021-10-11T22:00:00.000+00:00", number: "89", summary: "Neue Updates von ORACLE aufgenommen", }, { date: "2022-05-10T22:00:00.000+00:00", number: "90", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "91", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-11-01T23:00:00.000+00:00", number: "92", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-16T22:00:00.000+00:00", number: "93", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-18T22:00:00.000+00:00", number: "94", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-24T22:00:00.000+00:00", number: "95", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-18T22:00:00.000+00:00", number: "96", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "96", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Experience Portal", product: { name: "Avaya Aura Experience Portal", product_id: "T015519", product_identification_helper: { cpe: "cpe:/a:avaya:aura_experience_portal:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { branches: [ { category: "product_name", name: "Oracle Linux 7", product: { name: "Oracle Linux 7", product_id: "287065", product_identification_helper: { cpe: "cpe:/o:oracle:linux:7", }, }, }, { category: "product_name", name: "Oracle Linux 6", product: { name: "Oracle Linux 6", product_id: "T002988", product_identification_helper: { cpe: "cpe:/o:oracle:linux:6", }, }, }, { category: "product_name", name: "Oracle Linux 5", product: { name: "Oracle Linux 5", product_id: "T003616", product_identification_helper: { cpe: "cpe:/o:oracle:linux:5", }, }, }, { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "product_name", name: "Linux", }, { category: "product_name", name: "Oracle VM", product: { name: "Oracle VM", product_id: "T011119", product_identification_helper: { cpe: "cpe:/a:oracle:vm:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2015-9016", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2015-9016", }, { cve: "CVE-2017-0861", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-0861", }, { cve: "CVE-2017-13166", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-13166", }, { cve: "CVE-2017-13220", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-13220", }, { cve: "CVE-2017-16526", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16526", }, { cve: "CVE-2017-16911", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16911", }, { cve: "CVE-2017-16912", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16912", }, { cve: "CVE-2017-16913", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16913", }, { cve: "CVE-2017-16914", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16914", }, { cve: "CVE-2017-17975", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-17975", }, { cve: "CVE-2017-18017", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18017", }, { cve: "CVE-2017-18193", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18193", }, { cve: "CVE-2017-18203", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18203", }, { cve: "CVE-2017-18216", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18216", }, { cve: "CVE-2017-18218", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18218", }, { cve: "CVE-2017-18222", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18222", }, { cve: "CVE-2017-18224", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18224", }, { cve: "CVE-2017-18232", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18232", }, { cve: "CVE-2017-18241", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18241", }, { cve: "CVE-2017-18257", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18257", }, { cve: "CVE-2017-5715", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-5715", }, { cve: "CVE-2017-5753", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-5753", }, { cve: "CVE-2018-1000004", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1000004", }, { cve: "CVE-2018-1000199", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1000199", }, { cve: "CVE-2018-10323", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-10323", }, { cve: "CVE-2018-1065", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1065", }, { cve: "CVE-2018-1066", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1066", }, { cve: "CVE-2018-1068", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1068", }, { cve: "CVE-2018-1092", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1092", }, { cve: "CVE-2018-1093", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1093", }, { cve: "CVE-2018-1108", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1108", }, { cve: "CVE-2018-5332", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5333", }, { cve: "CVE-2018-5750", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5750", }, { cve: "CVE-2018-5803", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5803", }, { cve: "CVE-2018-6927", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-6927", }, { cve: "CVE-2018-7480", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7480", }, { cve: "CVE-2018-7492", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7492", }, { cve: "CVE-2018-7566", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7566", }, { cve: "CVE-2018-7740", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7740", }, { cve: "CVE-2018-7757", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7757", }, { cve: "CVE-2018-7995", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7995", }, { cve: "CVE-2018-8087", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8087", }, { cve: "CVE-2018-8781", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8781", }, { cve: "CVE-2018-8822", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8822", }, ], }
wid-sec-w-2022-0532
Vulnerability from csaf_certbund
Published
2018-05-01 22:00
Modified
2023-05-18 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Oracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme
- Linux
- Appliance
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.\r\nOracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.\r\nDer Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.", title: "Angriff", }, { category: "general", text: "- Linux\n- Appliance", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0532 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2022-0532.json", }, { category: "self", summary: "WID-SEC-2022-0532 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0532", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1992-1 vom 2023-04-25", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014572.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1897-1 vom 2023-04-18", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014485.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2023:1848-1 vom 2023-04-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014466.html", }, { category: "external", summary: "Ubuntu Security Notice USN-3698-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3698-2", }, { category: "external", summary: "Ubuntu Security Notice USN-3697-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3697-1", }, { category: "external", summary: "Ubuntu Security Notice USN-3696-1 vom 2018-07-03", url: "http://www.ubuntu.com/usn/usn-3696-2", }, { category: "external", summary: "Debian Security Advisory DSA-4187-1 vom 2018-05-01", url: "https://www.debian.org/security/2018/dsa-4187", }, { category: "external", summary: "Debian Security Advisory DSA-4188-1 vom 2018-05-01", url: "https://www.debian.org/security/2018/dsa-4188", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4088 vom 2018-05-01", url: "https://linux.oracle.com/errata/ELSA-2018-4088.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4087 vom 2018-05-01", url: "https://linux.oracle.com/errata/ELSA-2018-4087.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4089 vom 2018-05-02", url: "http://linux.oracle.com/errata/ELSA-2018-4089.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1173-1 vom 2018-05-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181173-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1172-1 vom 2018-05-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181172-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1318 vom 2018-05-09", url: "http://www.auscert.org.au/bulletins/62478", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1355 vom 2018-05-09", url: "https://access.redhat.com/errata/RHSA-2018:1355", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1318 vom 2018-05-09", url: "http://linux.oracle.com/errata/ELSA-2018-1318.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1217-1 vom 2018-05-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1238-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1225-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1240-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1230-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1223-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1228-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1236-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1239-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1231-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1229-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1237-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1232-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1227-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1234-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1233-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1226-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1235-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1222-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1224-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1263-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1221-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1220-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1249-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1246-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1252-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1260-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1270-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1262-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1242-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1268-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1248-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1258-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1272-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1250-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1253-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1241-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1259-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1256-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1245-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1264-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1254-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1266-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1269-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1251-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1255-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1273-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1243-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1244-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1261-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1267-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1247-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1257-1 vom 2018-05-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:1374 vom 2018-05-16", url: "https://access.redhat.com/errata/RHSA-2018:1374", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1309-1 vom 2018-05-17", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181309-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1629 vom 2018-05-22", url: "http://linux.oracle.com/errata/ELSA-2018-1629.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4114 vom 2018-05-23", url: "http://linux.oracle.com/errata/ELSA-2018-4114.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1366-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181366-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1375-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181375-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1376-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181376-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1386-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181386-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1368-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181368-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1374-1 vom 2018-05-23", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181374-1.html", }, { category: "external", summary: "Oraclevm-errata OVMSA-2018-0223 vom 2018-05-23", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2018-May/000858.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1465-1 vom 2018-05-30", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181465-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1498-1 vom 2018-06-05", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181498-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1508-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181508-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1551-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181551-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1525-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181525-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1536-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181536-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1511-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181511-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1545-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181545-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1522-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181522-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1530-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181530-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1534-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181534-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1524-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181524-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1505-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181505-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1510-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181510-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1516-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181516-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1523-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181523-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1532-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181532-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1531-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181531-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1521-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181521-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1518-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181518-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1506-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181506-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1548-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181548-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1514-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181514-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1541-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181541-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1546-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181546-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1519-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181519-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1509-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181509-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1528-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181528-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1537-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181537-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1513-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181513-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1512-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181512-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1538-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181538-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1517-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181517-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1535-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181535-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1529-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181529-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1549-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181549-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1540-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181540-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1520-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181520-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1526-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181526-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1533-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181533-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1539-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181539-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1543-1 vom 2018-06-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181543-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1571-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181571-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1570-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181570-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1567-1 vom 2018-06-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181567-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1636-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181636-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1644-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181644-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1639-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181639-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1645-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181645-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1641-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181641-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1640-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181640-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1637-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181637-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1648-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181648-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1642-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181642-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1643-1 vom 2018-06-11", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181643-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4145 vom 2018-06-16", url: "http://linux.oracle.com/errata/ELSA-2018-4145.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4134 vom 2018-06-16", url: "http://linux.oracle.com/errata/ELSA-2018-4134.html", }, { category: "external", summary: "Red Hat Security Advisory", url: "https://access.redhat.com/errata/RHSA-2018:1854", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1762-1 vom 2018-06-20", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181762-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1761-1 vom 2018-06-20", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181761-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1772-1 vom 2018-06-21", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181772-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:1816-1 vom 2018-06-26", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26", url: "http://linux.oracle.com/errata/ELSA-2018-1854.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4161 vom 2018-07-10", url: "http://linux.oracle.com/errata/ELSA-2018-4161.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4164 vom 2018-07-11", url: "http://linux.oracle.com/errata/ELSA-2018-4164.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2162 vom 2018-07-11", url: "http://linux.oracle.com/errata/ELSA-2018-2162.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2082-1 vom 2018-07-28", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182082-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2092-1 vom 2018-07-28", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182092-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2150-1 vom 2018-08-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182150-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2222-1 vom 2018-08-07", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182222-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4193 vom 2018-08-10", url: "http://linux.oracle.com/errata/ELSA-2018-4193.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2384 vom 2018-08-15", url: "http://linux.oracle.com/errata/ELSA-2018-2384.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-2390 vom 2018-08-15", url: "http://linux.oracle.com/errata/ELSA-2018-2390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-14", url: "http://rhn.redhat.com/errata/RHSA-2018-2390.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-14", url: "http://rhn.redhat.com/errata/RHSA-2018-2384.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2384", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2387 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2387", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2388 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2388", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2390", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2389 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2389", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2395 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2395", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2391 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2391", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2392 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2392", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2393 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2393", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2394 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2394", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2396 vom 2018-08-15", url: "https://access.redhat.com/errata/RHSA-2018:2396", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2332-1 vom 2018-08-15", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182332-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2366-1 vom 2018-08-16", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182366-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4200 vom 2018-08-17", url: "http://linux.oracle.com/errata/ELSA-2018-4200.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2637-1 vom 2018-09-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182637-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:2631-1 vom 2018-09-06", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20182631-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4211 vom 2018-09-10", url: "http://linux.oracle.com/errata/ELSA-2018-4211.html", }, { category: "external", summary: "Debian Security Advisory DSA-4308 vom 2018-10-01", url: "https://www.debian.org/security/2018/dsa-4308", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3003-1 vom 2018-10-04", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3004-1 vom 2018-10-04", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183004-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3084-1 vom 2018-10-09", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183084-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4242 vom 2018-10-10", url: "http://linux.oracle.com/errata/ELSA-2018-4242.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4245 vom 2018-10-11", url: "http://linux.oracle.com/errata/ELSA-2018-4245.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4250 vom 2018-10-13", url: "http://linux.oracle.com/errata/ELSA-2018-4250.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:2948 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:2948", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:3096 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:3096", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2018:3083 vom 2018-10-31", url: "https://access.redhat.com/errata/RHSA-2018:3083", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3589-1 vom 2018-11-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3593-1 vom 2018-11-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183593-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-3083 vom 2018-11-06", url: "http://linux.oracle.com/errata/ELSA-2018-3083.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3659-1 vom 2018-11-08", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183659-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4268 vom 2018-11-08", url: "http://linux.oracle.com/errata/ELSA-2018-4268.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4269 vom 2018-11-08", url: "http://linux.oracle.com/errata/ELSA-2018-4269.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4285 vom 2018-11-21", url: "http://linux.oracle.com/errata/ELSA-2018-4285.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3934-1 vom 2018-11-29", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:3961-1 vom 2018-12-01", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4301 vom 2018-12-10", url: "http://linux.oracle.com/errata/ELSA-2018-4301.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2018-4304 vom 2018-12-12", url: "http://linux.oracle.com/errata/ELSA-2018-4304.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:4069-1 vom 2018-12-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184069-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2018:4072-1 vom 2018-12-12", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184072-1.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4315 vom 2019-01-03", url: "http://linux.oracle.com/errata/ELSA-2019-4315.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4316 vom 2019-01-04", url: "http://linux.oracle.com/errata/ELSA-2019-4316.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4317 vom 2019-01-05", url: "http://linux.oracle.com/errata/ELSA-2019-4317.html", }, { category: "external", summary: "AVAYA Security Advisory ASA-2018-252 vom 2020-01-07", url: "https://downloads.avaya.com/css/P8/documents/101051981", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:0095-1 vom 2019-01-16", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190095-1.html", }, { category: "external", summary: "Ubuntu Security Notice USN-3880-2 vom 2019-02-05", url: "https://usn.ubuntu.com/3880-2/", }, { category: "external", summary: "Ubuntu Security Notice USN-3910-1 vom 2019-03-16", url: "https://usn.ubuntu.com/3910-1/", }, { category: "external", summary: "Ubuntu Security Notice USN-3910-1 vom 2019-03-16", url: "https://usn.ubuntu.com/3910-2/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:0641 vom 2019-03-26", url: "https://access.redhat.com/errata/RHSA-2019:0641", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4596 vom 2019-04-01", url: "http://linux.oracle.com/errata/ELSA-2019-4596.html", }, { category: "external", summary: "ORACLE OVMSA-2019-0014 vom 2019-05-03", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2019-May/000936.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1190 vom 2019-05-15", url: "https://access.redhat.com/errata/RHSA-2019:1190", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1170 vom 2019-05-15", url: "https://access.redhat.com/errata/RHSA-2019:1170", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1487 vom 2019-06-18", url: "https://access.redhat.com/errata/RHSA-2019:1487", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:1483 vom 2019-06-18", url: "https://access.redhat.com/errata/RHSA-2019:1483", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:2029 vom 2019-08-06", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:2043 vom 2019-08-06", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-4742 vom 2019-08-10", url: "http://linux.oracle.com/errata/ELSA-2019-4742.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2019-2029 vom 2019-08-14", url: "http://linux.oracle.com/errata/ELSA-2019-2029.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:2430-1 vom 2019-09-23", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2019:2450-1 vom 2019-09-24", url: "https://www.suse.com/support/update/announcement/2019/suse-su-20192450-1.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2020:0036 vom 2020-01-07", url: "https://access.redhat.com/errata/RHSA-2020:0036", }, { category: "external", summary: "Ubuntu Security Notice USN-4163-1 vom 2019-10-22", url: "https://usn.ubuntu.com/4163-1/", }, { category: "external", summary: "Ubuntu Security Notice USN-4163-2 vom 2019-10-23", url: "https://usn.ubuntu.com/4163-2/", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:4154 vom 2019-12-10", url: "https://access.redhat.com/errata/RHSA-2019:4154", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2019:4159 vom 2019-12-10", url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { category: "external", summary: "Debian Security Advisory DLA 2148 vom 2020-04-01", url: "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00025.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1587-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006912.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1603-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006927.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006921.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006932.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1604-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006931.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006928.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006924.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006930.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006929.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1671-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006966.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1656-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006977.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1663-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006971.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1646-1 vom 2020-06-18", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006970.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1754-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007033.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1758-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007031.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:1775-1 vom 2020-06-26", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007036.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2156-1 vom 2020-08-07", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007238.html", }, { category: "external", summary: "Debian Security Advisory DLA-2323 vom 2020-08-12", url: "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00019.html", }, { category: "external", summary: "Ubuntu Security Notice USN-4486-1 vom 2020-09-02", url: "https://usn.ubuntu.com/4486-1/", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2478-1 vom 2020-09-03", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007345.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2020:2487-1 vom 2020-09-04", url: "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007352.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2861-1 vom 2021-08-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009366.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2021:2862-1 vom 2021-08-27", url: "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009367.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2021-9473 vom 2021-10-08", url: "http://linux.oracle.com/errata/ELSA-2021-9473.html", }, { category: "external", summary: "ORACLE OVMSA-2021-0035 vom 2021-10-12", url: "https://oss.oracle.com/pipermail/oraclevm-errata/2021-October/001033.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1988 vom 2022-05-10", url: "https://access.redhat.com/errata/RHSA-2022:1988", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1975 vom 2022-05-10", url: "https://access.redhat.com/errata/RHSA-2022:1975", }, { category: "external", summary: "Debian Security Advisory DLA-3065 vom 2022-07-01", url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-9969 vom 2022-11-01", url: "https://linux.oracle.com/errata/ELSA-2022-9969.html", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen", tracking: { current_release_date: "2023-05-18T22:00:00.000+00:00", generator: { date: "2024-08-15T17:29:59.999+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0532", initial_release_date: "2018-05-01T22:00:00.000+00:00", revision_history: [ { date: "2018-05-01T22:00:00.000+00:00", number: "1", summary: "Initial Release", }, { date: "2018-05-01T22:00:00.000+00:00", number: "2", summary: "Version nicht vorhanden", }, { date: "2018-05-02T22:00:00.000+00:00", number: "3", summary: "New remediations available", }, { date: "2018-05-08T22:00:00.000+00:00", number: "4", summary: "New remediations available", }, { date: "2018-05-10T22:00:00.000+00:00", number: "5", summary: "New remediations available", }, { date: "2018-05-13T22:00:00.000+00:00", number: "6", summary: "New remediations available", }, { date: "2018-05-15T22:00:00.000+00:00", number: "7", summary: "New remediations available", }, { date: "2018-05-16T22:00:00.000+00:00", number: "8", summary: "New remediations available", }, { date: "2018-05-21T22:00:00.000+00:00", number: "9", summary: "New remediations available", }, { date: "2018-05-22T22:00:00.000+00:00", number: "10", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "11", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "12", summary: "New remediations available", }, { date: "2018-05-23T22:00:00.000+00:00", number: "13", summary: "Version nicht vorhanden", }, { date: "2018-05-29T22:00:00.000+00:00", number: "14", summary: "New remediations available", }, { date: "2018-06-05T22:00:00.000+00:00", number: "15", summary: "New remediations available", }, { date: "2018-06-06T22:00:00.000+00:00", number: "16", summary: "New remediations available", }, { date: "2018-06-07T22:00:00.000+00:00", number: "17", summary: "New remediations available", }, { date: "2018-06-11T22:00:00.000+00:00", number: "18", summary: "New remediations available", }, { date: "2018-06-17T22:00:00.000+00:00", number: "19", summary: "New remediations available", }, { date: "2018-06-18T22:00:00.000+00:00", number: "20", summary: "New remediations available", }, { date: "2018-06-19T22:00:00.000+00:00", number: "21", summary: "Added references", }, { date: "2018-06-21T22:00:00.000+00:00", number: "22", summary: "New remediations available", }, { date: "2018-06-24T22:00:00.000+00:00", number: "23", summary: "Added references", }, { date: "2018-06-27T22:00:00.000+00:00", number: "24", summary: "Added references", }, { date: "2018-07-10T22:00:00.000+00:00", number: "25", summary: "New remediations available", }, { date: "2018-07-29T22:00:00.000+00:00", number: "26", summary: "New remediations available", }, { date: "2018-08-01T22:00:00.000+00:00", number: "27", summary: "New remediations available", }, { date: "2018-08-06T22:00:00.000+00:00", number: "28", summary: "New remediations available", }, { date: "2018-08-09T22:00:00.000+00:00", number: "29", summary: "New remediations available", }, { date: "2018-08-14T22:00:00.000+00:00", number: "30", summary: "New remediations available", }, { date: "2018-08-14T22:00:00.000+00:00", number: "31", summary: "New remediations available", }, { date: "2018-08-15T22:00:00.000+00:00", number: "32", summary: "New remediations available", }, { date: "2018-08-16T22:00:00.000+00:00", number: "33", summary: "New remediations available", }, { date: "2018-08-16T22:00:00.000+00:00", number: "34", summary: "Version nicht vorhanden", }, { date: "2018-08-16T22:00:00.000+00:00", number: "35", summary: "Version nicht vorhanden", }, { date: "2018-08-27T22:00:00.000+00:00", number: "36", summary: "Added references", }, { date: "2018-09-06T22:00:00.000+00:00", number: "37", summary: "New remediations available", }, { date: "2018-09-10T22:00:00.000+00:00", number: "38", summary: "New remediations available", }, { date: "2018-10-01T22:00:00.000+00:00", number: "39", summary: "New remediations available", }, { date: "2018-10-04T22:00:00.000+00:00", number: "40", summary: "New remediations available", }, { date: "2018-10-09T22:00:00.000+00:00", number: "41", summary: "New remediations available", }, { date: "2018-10-10T22:00:00.000+00:00", number: "42", summary: "New remediations available", }, { date: "2018-10-14T22:00:00.000+00:00", number: "43", summary: "New remediations available", }, { date: "2018-10-30T23:00:00.000+00:00", number: "44", summary: "New remediations available", }, { date: "2018-10-31T23:00:00.000+00:00", number: "45", summary: "New remediations available", }, { date: "2018-11-05T23:00:00.000+00:00", number: "46", summary: "New remediations available", }, { date: "2018-11-07T23:00:00.000+00:00", number: "47", summary: "New remediations available", }, { date: "2018-11-08T23:00:00.000+00:00", number: "48", summary: "New remediations available", }, { date: "2018-11-20T23:00:00.000+00:00", number: "49", summary: "New remediations available", }, { date: "2018-11-28T23:00:00.000+00:00", number: "50", summary: "New remediations available", }, { date: "2018-12-02T23:00:00.000+00:00", number: "51", summary: "New remediations available", }, { date: "2018-12-03T23:00:00.000+00:00", number: "52", summary: "Minor corrections", }, { date: "2018-12-09T23:00:00.000+00:00", number: "53", summary: "New remediations available", }, { date: "2018-12-11T23:00:00.000+00:00", number: "54", summary: "New remediations available", }, { date: "2018-12-12T23:00:00.000+00:00", number: "55", summary: "New remediations available", }, { date: "2019-01-03T23:00:00.000+00:00", number: "56", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-01-06T23:00:00.000+00:00", number: "57", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-01-15T23:00:00.000+00:00", number: "58", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-02-04T23:00:00.000+00:00", number: "59", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-03-17T23:00:00.000+00:00", number: "60", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-03-25T23:00:00.000+00:00", number: "61", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-03-31T22:00:00.000+00:00", number: "62", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-05-05T22:00:00.000+00:00", number: "63", summary: "Neue Updates von ORACLE aufgenommen", }, { date: "2019-05-15T22:00:00.000+00:00", number: "64", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-06-17T22:00:00.000+00:00", number: "65", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-08-06T22:00:00.000+00:00", number: "66", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-08-11T22:00:00.000+00:00", number: "67", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-08-13T22:00:00.000+00:00", number: "68", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2019-09-23T22:00:00.000+00:00", number: "69", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-09-24T22:00:00.000+00:00", number: "70", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2019-10-21T22:00:00.000+00:00", number: "71", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-10-22T22:00:00.000+00:00", number: "72", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2019-12-09T23:00:00.000+00:00", number: "73", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2019-12-09T23:00:00.000+00:00", number: "74", summary: "Version nicht vorhanden", }, { date: "2020-01-06T23:00:00.000+00:00", number: "75", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2020-01-07T23:00:00.000+00:00", number: "76", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2020-04-01T22:00:00.000+00:00", number: "77", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-06-09T22:00:00.000+00:00", number: "78", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-11T22:00:00.000+00:00", number: "79", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-18T22:00:00.000+00:00", number: "80", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-06-25T22:00:00.000+00:00", number: "81", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-08-06T22:00:00.000+00:00", number: "82", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-08-12T22:00:00.000+00:00", number: "83", summary: "Neue Updates von Debian aufgenommen", }, { date: "2020-09-01T22:00:00.000+00:00", number: "84", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2020-09-03T22:00:00.000+00:00", number: "85", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2020-09-06T22:00:00.000+00:00", number: "86", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-08-29T22:00:00.000+00:00", number: "87", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2021-10-10T22:00:00.000+00:00", number: "88", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2021-10-11T22:00:00.000+00:00", number: "89", summary: "Neue Updates von ORACLE aufgenommen", }, { date: "2022-05-10T22:00:00.000+00:00", number: "90", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "91", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-11-01T23:00:00.000+00:00", number: "92", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2023-04-16T22:00:00.000+00:00", number: "93", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-18T22:00:00.000+00:00", number: "94", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-04-24T22:00:00.000+00:00", number: "95", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2023-05-18T22:00:00.000+00:00", number: "96", summary: "Neue Updates von SUSE aufgenommen", }, ], status: "final", version: "96", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Experience Portal", product: { name: "Avaya Aura Experience Portal", product_id: "T015519", product_identification_helper: { cpe: "cpe:/a:avaya:aura_experience_portal:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { branches: [ { category: "product_name", name: "Oracle Linux 7", product: { name: "Oracle Linux 7", product_id: "287065", product_identification_helper: { cpe: "cpe:/o:oracle:linux:7", }, }, }, { category: "product_name", name: "Oracle Linux 6", product: { name: "Oracle Linux 6", product_id: "T002988", product_identification_helper: { cpe: "cpe:/o:oracle:linux:6", }, }, }, { category: "product_name", name: "Oracle Linux 5", product: { name: "Oracle Linux 5", product_id: "T003616", product_identification_helper: { cpe: "cpe:/o:oracle:linux:5", }, }, }, { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "product_name", name: "Linux", }, { category: "product_name", name: "Oracle VM", product: { name: "Oracle VM", product_id: "T011119", product_identification_helper: { cpe: "cpe:/a:oracle:vm:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2015-9016", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2015-9016", }, { cve: "CVE-2017-0861", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-0861", }, { cve: "CVE-2017-13166", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-13166", }, { cve: "CVE-2017-13220", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-13220", }, { cve: "CVE-2017-16526", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16526", }, { cve: "CVE-2017-16911", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16911", }, { cve: "CVE-2017-16912", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16912", }, { cve: "CVE-2017-16913", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16913", }, { cve: "CVE-2017-16914", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-16914", }, { cve: "CVE-2017-17975", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-17975", }, { cve: "CVE-2017-18017", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18017", }, { cve: "CVE-2017-18193", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18193", }, { cve: "CVE-2017-18203", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18203", }, { cve: "CVE-2017-18216", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18216", }, { cve: "CVE-2017-18218", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18218", }, { cve: "CVE-2017-18222", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18222", }, { cve: "CVE-2017-18224", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18224", }, { cve: "CVE-2017-18232", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18232", }, { cve: "CVE-2017-18241", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18241", }, { cve: "CVE-2017-18257", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-18257", }, { cve: "CVE-2017-5715", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-5715", }, { cve: "CVE-2017-5753", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2017-5753", }, { cve: "CVE-2018-1000004", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1000004", }, { cve: "CVE-2018-1000199", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1000199", }, { cve: "CVE-2018-10323", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-10323", }, { cve: "CVE-2018-1065", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1065", }, { cve: "CVE-2018-1066", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1066", }, { cve: "CVE-2018-1068", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1068", }, { cve: "CVE-2018-1092", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1092", }, { cve: "CVE-2018-1093", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1093", }, { cve: "CVE-2018-1108", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-1108", }, { cve: "CVE-2018-5332", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5332", }, { cve: "CVE-2018-5333", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5333", }, { cve: "CVE-2018-5750", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5750", }, { cve: "CVE-2018-5803", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-5803", }, { cve: "CVE-2018-6927", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-6927", }, { cve: "CVE-2018-7480", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7480", }, { cve: "CVE-2018-7492", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7492", }, { cve: "CVE-2018-7566", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7566", }, { cve: "CVE-2018-7740", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7740", }, { cve: "CVE-2018-7757", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7757", }, { cve: "CVE-2018-7995", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-7995", }, { cve: "CVE-2018-8087", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8087", }, { cve: "CVE-2018-8781", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8781", }, { cve: "CVE-2018-8822", notes: [ { category: "description", text: "Im Linux Kernel befinden sich zahlreiche Schwachstellen. Diese kann ein entfernter anonymer oder authentisierter Angreifer ausnutzen und z. B. Code mit administrativen Privilegien zur Ausführung bringen, einen Denial of Service Angriff durchführen, Sicherheitsmechanismen umgehen, vertrauliche Daten einsehen oder seine Privilegien erweitern.", }, ], product_status: { known_affected: [ "T011119", "T015519", "T015518", "67646", "T015516", "6368", "T015127", "T015126", "T002988", "T003616", "T004914", "2951", "T002207", "T000126", "287065", ], }, release_date: "2018-05-01T22:00:00.000+00:00", title: "CVE-2018-8822", }, ], }
suse-su-2018:3934-1
Vulnerability from csaf_suse
Published
2018-11-28 10:13
Modified
2018-11-28 10:13
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128).
- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
- alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- alsa: hda: fix unused variable warning (bsc#1051510).
- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
- alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).
- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- cifs: connect to servername instead of IP for IPC$ share (bsc#1106359).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: ccp - add timeout support in the SEV command (bsc#1106838).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau/disp: fix DP disable race (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- edac: Raise the maximum number of memory controllers (bsc#1113780).
- edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- firmware: raspberrypi: Register hwmon driver (bsc#1108468).
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
- gpio: Fix crash due to registration race (bsc#1051510).
- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- hid: add support for Apple Magic Keyboards (bsc#1051510).
- hid: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
- hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- hv: avoid crash in vmbus sysfs files (bnc#1108377).
- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1109772).
- hv_netvsc: fix schedule in RCU context ().
- hwmon: Add support for RPi voltage sensor (bsc#1108468).
- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
- hwrng: core - document the quality field (bsc#1051510).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- Input: atakbd - fix Atari keymap (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- ipc/shm.c add ->pagesize function to shm_vm_ops (bsc#1111811).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- kabi/severities: correct nvdimm kabi exclusion
- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.
- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.
- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- libnvdimm, badrange: remove a WARN for list_empty (bsc#112128).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: Introduce locked DIMM capacity support (bsc#112128).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, ).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: move poison list functions to a new 'badrange' file (bsc#112128).
- libnvdimm/nfit_test: add firmware download emulation (bsc#112128).
- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#112128).
- libnvdimm, testing: Add emulation for smart injection commands (bsc#112128).
- libnvdimm, testing: update the default smart ctrl_temperature (bsc#112128).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- livepatch: create and include UAPI headers ().
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
- mac80211: fix a race between restart and CSA flows (bsc#1051510).
- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211_hwsim: require at least one channel (bsc#1051510).
- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
- mac80211: shorten the IBSS debug messages (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- modpost: ignore livepatch unresolved relocations ().
- move changes without Git-commit out of sorted section
- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
- net/smc: retain old name for diag_mode field (bsc#1106287, LTC#170892).
- net/smc: use __aligned_u64 for 64-bit smc_diag fields (bsc#1101138, LTC#164002).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- nfit_test: add error injection DSMs (bsc#112128).
- nfit_test: fix buffer overrun, add sanity check (bsc#112128).
- nfit_test: improve structure offset handling (bsc#112128).
- nfit_test: prevent parsing error of nfit_test.0 (bsc#112128).
- nfit_test: when clearing poison, also remove badrange entries (bsc#112128).
- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, ).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, ).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- of: add helper to lookup compatible child node (bsc#1106110)
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- ovl: fix format of setxattr debug (git-fixes).
- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- PCI: hv: Use effective affinity mask (bsc#1109772).
- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- random: rate limit unseeded randomness warnings (git-fixes).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- rename a hv patch to reduce conflicts in -AZURE
- reorder a qedi patch to allow further work in this branch
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).
- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).
- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).
- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).
- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).
- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).
- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).
- rpc_pipefs: fix double-dput() (bsc#1051510).
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- sched/numa: Limit the conditions where scan period is reset ().
- scripts/series2git:
- scripts/series2git: Revert the change mistakenly taken A 'fix' for series2git went in mistakenly among other patches. Revert it here. It'll be picked up from a proper branch if need.
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: ipr: Eliminate duplicate barriers ().
- scsi: ipr: fix incorrect indentation of assignment statement ().
- scsi: ipr: Use dma_pool_zalloc() ().
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soreuseport: initialise timewait reuseport field (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- squashfs: be more careful about metadata corruption (bsc#1051510).
- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
- squashfs metadata 2: electric boogaloo (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).
- supported.conf: mark raspberrypi-hwmon as supported
- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- team: Forbid enslaving team device to itself (bsc#1051510).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#112128).
- tools/testing/nvdimm: allow custom error code injection (bsc#112128).
- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#112128).
- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#112128).
- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#112128).
- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#112128).
- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#112128).
- tools/testing/nvdimm: improve emulation of smart injection (bsc#112128).
- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#112128).
- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#112128).
- tools/testing/nvdimm: smart alarm/threshold control (bsc#112128).
- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#112128).
- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#112128).
- tools/testing/nvdimm: unit test clear-error commands (bsc#112128).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- Update patches.arch/KVM-PPC-Book3S-HV-Snapshot-timebase-offset-on-guest-.patch (bsc#1061840, bsc#1086196).
- Update patches.arch/powerpc-powernv-ioda2-Reduce-upper-limit-for-DMA-win.patch (bsc#1061840, bsc#1055120).
- Update patches.fixes/0002-nfs41-do-not-return-ENOMEM-on-LAYOUTUNAVAILABLE.patch (git-fixes, bsc#1103925).
- Update patches.fixes/libnvdimm-dimm-maximize-label-transfer-size.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/libnvdimm-label-change-nvdimm_num_label_slots-per-uefi-2-7.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/libnvdimm-label-fix-sparse-warning.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/nvdimm-clarify-comment-in-sizeof_namespace_index.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/nvdimm-remove-empty-if-statement.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/nvdimm-sanity-check-labeloff.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/nvdimm-split-label-init-out-from-the-logic-for-getting-config-data.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- Update patches.fixes/nvdimm-use-namespace-index-data-to-reduce-number-of-label-reads-needed.patch (bsc#1111921, bsc#1113408, bsc#1113972).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- use the new async probing feature for the hyperv drivers (bsc#1109772).
- Use upstream version of pci-hyperv patch (35a88a1)
- VFS: close race between getcwd() and d_move() (git-fixes).
- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vmbus: do not return values for uninitalized channels (bsc#1051510).
- vti4: Do not count header length twice on tunnel setup (bsc#1051510).
- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/eisa: Add missing include (bsc#1110006).
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#112128).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
Patchnames
SUSE-SLE-SERVER-12-SP4-2018-2803
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 12 SP4 kernel for Azure was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- acpi, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#112128).\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- alsa: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- alsa: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- alsa: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- alsa: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- alsa: hda: fix unused variable warning (bsc#1051510).\n- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).\n- alsa: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- alsa: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- cifs: connect to servername instead of IP for IPC$ share (bsc#1106359).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- edac: Raise the maximum number of memory controllers (bsc#1113780).\n- edac, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hid: add support for Apple Magic Keyboards (bsc#1051510).\n- hid: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- hid: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- hid: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- hid: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1109772).\n- hv_netvsc: fix schedule in RCU context ().\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hwrng: core - document the quality field (bsc#1051510).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- Input: atakbd - fix Atari keymap (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- ipc/shm.c add ->pagesize function to shm_vm_ops (bsc#1111811).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- kabi/severities: correct nvdimm kabi exclusion\n- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.\n- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.\n- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).\n- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).\n- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).\n- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).\n- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- libnvdimm, badrange: remove a WARN for list_empty (bsc#112128).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: Introduce locked DIMM capacity support (bsc#112128).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, ).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: move poison list functions to a new 'badrange' file (bsc#112128).\n- libnvdimm/nfit_test: add firmware download emulation (bsc#112128).\n- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#112128).\n- libnvdimm, testing: Add emulation for smart injection commands (bsc#112128).\n- libnvdimm, testing: update the default smart ctrl_temperature (bsc#112128).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- livepatch: create and include UAPI headers ().\n- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- modpost: ignore livepatch unresolved relocations ().\n- move changes without Git-commit out of sorted section\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net/smc: retain old name for diag_mode field (bsc#1106287, LTC#170892).\n- net/smc: use __aligned_u64 for 64-bit smc_diag fields (bsc#1101138, LTC#164002).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- nfit_test: add error injection DSMs (bsc#112128).\n- nfit_test: fix buffer overrun, add sanity check (bsc#112128).\n- nfit_test: improve structure offset handling (bsc#112128).\n- nfit_test: prevent parsing error of nfit_test.0 (bsc#112128).\n- nfit_test: when clearing poison, also remove badrange entries (bsc#112128).\n- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, ).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, ).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- ovl: fix format of setxattr debug (git-fixes).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- PCI: hv: Use effective affinity mask (bsc#1109772).\n- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- rename a hv patch to reduce conflicts in -AZURE\n- reorder a qedi patch to allow further work in this branch\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).\n- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).\n- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).\n- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).\n- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).\n- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).\n- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scripts/series2git:\n- scripts/series2git: Revert the change mistakenly taken A 'fix' for series2git went in mistakenly among other patches. Revert it here. It'll be picked up from a proper branch if need.\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- supported.conf: mark raspberrypi-hwmon as supported\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#112128).\n- tools/testing/nvdimm: allow custom error code injection (bsc#112128).\n- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#112128).\n- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#112128).\n- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#112128).\n- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#112128).\n- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#112128).\n- tools/testing/nvdimm: improve emulation of smart injection (bsc#112128).\n- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#112128).\n- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#112128).\n- tools/testing/nvdimm: smart alarm/threshold control (bsc#112128).\n- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#112128).\n- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#112128).\n- tools/testing/nvdimm: unit test clear-error commands (bsc#112128).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n- Update patches.arch/KVM-PPC-Book3S-HV-Snapshot-timebase-offset-on-guest-.patch (bsc#1061840, bsc#1086196).\n- Update patches.arch/powerpc-powernv-ioda2-Reduce-upper-limit-for-DMA-win.patch (bsc#1061840, bsc#1055120).\n- Update patches.fixes/0002-nfs41-do-not-return-ENOMEM-on-LAYOUTUNAVAILABLE.patch (git-fixes, bsc#1103925).\n- Update patches.fixes/libnvdimm-dimm-maximize-label-transfer-size.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/libnvdimm-label-change-nvdimm_num_label_slots-per-uefi-2-7.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/libnvdimm-label-fix-sparse-warning.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/nvdimm-clarify-comment-in-sizeof_namespace_index.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/nvdimm-remove-empty-if-statement.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/nvdimm-sanity-check-labeloff.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/nvdimm-split-label-init-out-from-the-logic-for-getting-config-data.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- Update patches.fixes/nvdimm-use-namespace-index-data-to-reduce-number-of-label-reads-needed.patch (bsc#1111921, bsc#1113408, bsc#1113972).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- use the new async probing feature for the hyperv drivers (bsc#1109772).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- VFS: close race between getcwd() and d_move() (git-fixes).\n- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#112128).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-SERVER-12-SP4-2018-2803", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3934-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3934-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3934-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-November/004903.html", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1086196", url: "https://bugzilla.suse.com/1086196", }, { category: "self", summary: "SUSE Bug 1091800", url: "https://bugzilla.suse.com/1091800", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101138", url: "https://bugzilla.suse.com/1101138", }, { category: "self", summary: "SUSE Bug 1103356", url: "https://bugzilla.suse.com/1103356", }, { category: "self", summary: "SUSE Bug 1103543", url: "https://bugzilla.suse.com/1103543", }, { category: "self", summary: "SUSE Bug 1103925", url: "https://bugzilla.suse.com/1103925", }, { category: "self", summary: "SUSE Bug 1104124", url: "https://bugzilla.suse.com/1104124", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105428", url: "https://bugzilla.suse.com/1105428", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106287", url: "https://bugzilla.suse.com/1106287", }, { category: "self", summary: "SUSE Bug 1106359", url: "https://bugzilla.suse.com/1106359", }, { category: "self", summary: "SUSE Bug 1106838", url: "https://bugzilla.suse.com/1106838", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1109784", url: "https://bugzilla.suse.com/1109784", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109911", url: "https://bugzilla.suse.com/1109911", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1111040", url: "https://bugzilla.suse.com/1111040", }, { category: "self", summary: "SUSE Bug 1111076", url: "https://bugzilla.suse.com/1111076", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111806", url: "https://bugzilla.suse.com/1111806", }, { category: "self", summary: "SUSE Bug 1111811", url: "https://bugzilla.suse.com/1111811", }, { category: "self", summary: "SUSE Bug 1111819", url: "https://bugzilla.suse.com/1111819", }, { category: "self", summary: "SUSE Bug 1111830", url: "https://bugzilla.suse.com/1111830", }, { category: "self", summary: "SUSE Bug 1111834", url: "https://bugzilla.suse.com/1111834", }, { category: "self", summary: "SUSE Bug 1111841", url: "https://bugzilla.suse.com/1111841", }, { category: "self", summary: "SUSE Bug 1111870", url: "https://bugzilla.suse.com/1111870", }, { category: "self", summary: "SUSE Bug 1111901", url: "https://bugzilla.suse.com/1111901", }, { category: "self", summary: "SUSE Bug 1111904", url: "https://bugzilla.suse.com/1111904", }, { category: "self", summary: "SUSE Bug 1111921", url: "https://bugzilla.suse.com/1111921", }, { category: "self", summary: "SUSE Bug 1111928", url: "https://bugzilla.suse.com/1111928", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112173", url: "https://bugzilla.suse.com/1112173", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112221", url: "https://bugzilla.suse.com/1112221", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112878", url: "https://bugzilla.suse.com/1112878", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE Bug 1113295", url: "https://bugzilla.suse.com/1113295", }, { category: "self", summary: "SUSE Bug 1113408", url: "https://bugzilla.suse.com/1113408", }, { category: "self", summary: "SUSE Bug 1113667", url: "https://bugzilla.suse.com/1113667", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113780", url: "https://bugzilla.suse.com/1113780", }, { category: "self", summary: "SUSE Bug 1113972", url: "https://bugzilla.suse.com/1113972", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-11-28T10:13:03Z", generator: { date: "2018-11-28T10:13:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3934-1", initial_release_date: "2018-11-28T10:13:03Z", revision_history: [ { date: "2018-11-28T10:13:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-6.3.1.noarch", product: { name: "kernel-devel-azure-4.12.14-6.3.1.noarch", product_id: "kernel-devel-azure-4.12.14-6.3.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-6.3.1.noarch", product: { name: "kernel-source-azure-4.12.14-6.3.1.noarch", product_id: "kernel-source-azure-4.12.14-6.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-azure-4.12.14-6.3.1.x86_64", product: { name: "kernel-azure-4.12.14-6.3.1.x86_64", product_id: "kernel-azure-4.12.14-6.3.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-6.3.1.x86_64", product: { name: "kernel-azure-base-4.12.14-6.3.1.x86_64", product_id: "kernel-azure-base-4.12.14-6.3.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-6.3.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-6.3.1.x86_64", product_id: "kernel-azure-devel-4.12.14-6.3.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-6.3.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-6.3.1.x86_64", product_id: "kernel-syms-azure-4.12.14-6.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-6.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-6.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-6.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-6.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-6.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-6.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-6.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-6.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-6.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-6.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-28T10:13:03Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-28T10:13:03Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-28T10:13:03Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-28T10:13:03Z", details: "low", }, ], title: "CVE-2018-18445", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Server 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-base-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-azure-devel-4.12.14-6.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-azure-4.12.14-6.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-azure-4.12.14-6.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-28T10:13:03Z", details: "moderate", }, ], title: "CVE-2018-18710", }, ], }
suse-su-2018:3589-1
Vulnerability from csaf_suse
Published
2018-10-31 13:44
Modified
2018-10-31 13:44
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
- arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
- arm: exynos: Clear global variable on init error path (bsc#1051510).
- arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
- arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).
- arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)
- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
- HID: add support for Apple Magic Keyboards (bsc#1051510).
- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- input: atakbd - fix Atari keymap (bsc#1051510).
- kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).
- kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).
- kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
- kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).
- kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).
- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).
- kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
- kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).
- kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).
- kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).
- kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
- kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).
- kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
- kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).
- kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
- nfc: trf7970a: fix check of clock frequencies, use && instead of || (bsc#1051510).
- nfs: Avoid quadratic search when freeing delegations (bsc#1084760).
- pci: Reprogram bridge prefetch registers on resume (bsc#1051510).
- pci: dwc: Fix scheduling while atomic issues (git-fixes).
- pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- pm / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
- pm / core: Clear the direct_complete flag on errors (bsc#1051510).
- pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
- rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).
- Revert 'Limit kernel-source build to architectures for which we build binaries' This reverts commit d6435125446d740016904abe30a60611549ae812.
- Revert 'cdc-acm: implement put_char() and flush_chars()' (bsc#1051510).
- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).
- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).
- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).
- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).
- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).
- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).
- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).
- Revert 'slab: __GFP_ZERO is incompatible with a constructor' (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.
- Revert 'ubifs: xattr: Do not operate on deleted inodes' (bsc#1051510).
- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
- usb: Add quirk to support DJI CineSSD (bsc#1051510).
- usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
- usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).
- usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).
- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
- usb: yurex: Check for truncation in yurex_read() (bsc#1051510).
- usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
- Use upstream version of pci-hyperv patch (35a88a1)
- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).
- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
- apparmor: fix mediation of prlimit (bsc#1051510).
- apparmor: fix memory leak when deduping profile load (bsc#1051510).
- apparmor: fix ptrace read check (bsc#1051510).
- asix: Check for supported Wake-on-LAN modes (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
- audit: fix use-after-free in audit_add_watch (bsc#1051510).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).
- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
- batman-adv: Prevent duplicated global TT entry (bsc#1051510).
- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
- be2net: remove unused old AIC info (bsc#1086288).
- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).
- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).
- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).
- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).
- crypto: ccp - add timeout support in the SEV command (bsc#1106838).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
- cxgb4: fix abort_req_rss6 struct (bsc#1046540).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- declance: Fix continuation with the adapter identification message (bsc#1051510).
- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
- drivers/base: stop new probing during shutdown (bsc#1051510).
- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
- drm/amdgpu: add new polaris pci id (bsc#1051510).
- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).
- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)
- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).
- drm/nouveau/disp: fix DP disable race (bsc#1051510).
- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).
- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).
- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- ethtool: Remove trailing semicolon for static inline (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).
- firmware: raspberrypi: Register hwmon driver (bsc#1108468).
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
- gpio: Fix crash due to registration race (bsc#1051510).
- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).
- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
- gpiolib: Free the last requested descriptor (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hv: avoid crash in vmbus sysfs files (bnc#1108377).
- hv_netvsc: fix schedule in RCU context ().
- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
- hwmon: Add support for RPi voltage sensor (bsc#1108468).
- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- kabi protect enum mem_type (bsc#1099125).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).
- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
- kvmclock: fix TSC calibration for nested guests (bsc#1110006).
- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).
- liquidio: fix kernel panic in VF driver (bsc#1067126).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
- mac80211: fix a race between restart and CSA flows (bsc#1051510).
- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).
- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: shorten the IBSS debug messages (bsc#1051510).
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211_hwsim: require at least one channel (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).
- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
- media: helene: fix xtal frequency setting at power on (bsc#1051510).
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).
- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).
- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).
- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
- net: add support for Cavium PTP coprocessor (bsc#1110096).
- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).
- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
- net: thunder: change q_len's type to handle max ring size (bsc#1110096).
- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).
- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
- net: thunderx: add multicast filter management support (bsc#1110096).
- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).
- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).
- net: thunderx: add timestamping support (bsc#1110096).
- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).
- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
- net: thunderx: fix double free error (bsc#1110096).
- net: thunderx: move filter register related macro into proper place (bsc#1110096).
- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).
- net: thunderx: remove a couple of redundant assignments (bsc#1110096).
- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).
- objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
- ovl: fix format of setxattr debug (git-fixes).
- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).
- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).
- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).
- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).
- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).
- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).
- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).
- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).
- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).
- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).
- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).
- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).
- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).
- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).
- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
- qed: Wait for ready indication before rereading the shmem (bsc#1050536).
- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- rename a hv patch to reduce conflicts in -AZURE
- reorder a qedi patch to allow further work in this branch
- rpc_pipefs: fix double-dput() (bsc#1051510).
- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
- sched/numa: Limit the conditions where scan period is reset ().
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: ipr: Eliminate duplicate barriers ().
- scsi: ipr: Use dma_pool_zalloc() ().
- scsi: ipr: fix incorrect indentation of assignment statement ().
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).
- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
- serial: cpm_uart: return immediately from console poll (bsc#1051510).
- serial: imx: restore handshaking irq for imx1 (bsc#1051510).
- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).
- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
- soreuseport: initialise timewait reuseport field (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).
- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).
- squashfs metadata 2: electric boogaloo (bsc#1051510).
- squashfs: be more careful about metadata corruption (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).
- supported.conf: added cavium_ptp
- supported.conf: mark raspberrypi-hwmon as supported
- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- team: Forbid enslaving team device to itself (bsc#1051510).
- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tsl2550: fix lux1_input error in low light (bsc#1051510).
- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).
- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).
- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).
- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).
- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).
- ubifs: Check for name being NULL while mounting (bsc#1051510).
- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).
- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).
- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).
- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).
- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).
- usb: uas: add support for more quirk flags (bsc#1051510).
- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).
- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).
- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).
- virtio: pci-legacy: Validate queue pfn (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1051510).
- vti4: Do not count header length twice on tunnel setup (bsc#1051510).
- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
- x86-64/realmode: Add instruction suffix (bsc#1110006).
- x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect.
- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).
- x86/CPU: Add a microcode loader callback (bsc#1110006).
- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).
- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).
- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).
- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Remove min interval polling limitation (bsc#1110006).
- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).
- x86/MCE: Serialize sysfs changes (bsc#1110006).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bsc#1110006).
- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).
- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).
- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).
- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).
- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).
- x86/build: Beautify build log of syscall headers (bsc#1110006).
- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).
- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).
- x86/decoder: Add new TEST instruction pattern (bsc#1110006).
- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).
- x86/eisa: Add missing include (bsc#1110006).
- x86/entry/64: Add two more instruction suffixes (bsc#1110006).
- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).
- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).
- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).
- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).
- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).
- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).
- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).
- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).
- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).
- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).
- x86/mce/AMD: Get address from already initialized block (bsc#1110006).
- x86/mce: Add notifier_block forward declaration (bsc#1110006).
- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).
- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).
- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).
- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).
- x86/microcode/intel: Look into the patch cache first (bsc#1110006).
- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).
- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).
- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).
- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).
- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).
- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).
- x86/microcode: Fix CPU synchronization routine (bsc#1110006).
- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).
- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).
- x86/microcode: Propagate return value from updating functions (bsc#1110006).
- x86/microcode: Request microcode on the BSP (bsc#1110006).
- x86/microcode: Synchronize late microcode loading (bsc#1110006).
- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).
- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).
- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).
- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).
- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).
- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).
- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).
- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).
- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).
- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).
- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).
- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).
- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).
- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).
- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).
- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).
- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).
- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).
- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).
- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).
- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).
- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).
- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).
- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).
- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).
- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).
- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).
- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).
- x86: Delay skip of emulated hypercall instruction (bsc#1110006).
- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).
- x86: i8259: Add missing include file (bsc#1110006).
- x86: kvm: avoid unused variable warning (bsc#1110006).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).
- xen/PVH: Set up GS segment for stack canary (bsc#1110006).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).
- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
Patchnames
SUSE-SLE-Module-Basesystem-15-2018-2547,SUSE-SLE-Module-Development-Tools-15-2018-2547,SUSE-SLE-Module-Development-Tools-OBS-15-2018-2547,SUSE-SLE-Module-Legacy-15-2018-2547,SUSE-SLE-Product-HA-15-2018-2547,SUSE-SLE-Product-WE-15-2018-2547
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).\n- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).\n- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).\n- arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- arm: exynos: Clear global variable on init error path (bsc#1051510).\n- arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).\n- arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).\n- arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).\n- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).\n- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).\n- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).\n- HID: add support for Apple Magic Keyboards (bsc#1051510).\n- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- input: atakbd - fix Atari keymap (bsc#1051510).\n- kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).\n- kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).\n- kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).\n- kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).\n- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).\n- kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).\n- kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).\n- kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).\n- kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).\n- kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).\n- kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).\n- kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).\n- kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).\n- kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).\n- nfc: trf7970a: fix check of clock frequencies, use && instead of || (bsc#1051510).\n- nfs: Avoid quadratic search when freeing delegations (bsc#1084760).\n- pci: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- pci: dwc: Fix scheduling while atomic issues (git-fixes).\n- pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- pm / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).\n- pm / core: Clear the direct_complete flag on errors (bsc#1051510).\n- pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).\n- rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).\n- Revert 'Limit kernel-source build to architectures for which we build binaries' This reverts commit d6435125446d740016904abe30a60611549ae812.\n- Revert 'cdc-acm: implement put_char() and flush_chars()' (bsc#1051510).\n- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).\n- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).\n- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).\n- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).\n- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).\n- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).\n- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).\n- Revert 'slab: __GFP_ZERO is incompatible with a constructor' (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.\n- Revert 'ubifs: xattr: Do not operate on deleted inodes' (bsc#1051510).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- usb: Add quirk to support DJI CineSSD (bsc#1051510).\n- usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).\n- usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).\n- usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).\n- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- usb: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).\n- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).\n- apparmor: fix mediation of prlimit (bsc#1051510).\n- apparmor: fix memory leak when deduping profile load (bsc#1051510).\n- apparmor: fix ptrace read check (bsc#1051510).\n- asix: Check for supported Wake-on-LAN modes (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).\n- audit: fix use-after-free in audit_add_watch (bsc#1051510).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).\n- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).\n- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).\n- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated global TT entry (bsc#1051510).\n- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).\n- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).\n- be2net: remove unused old AIC info (bsc#1086288).\n- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).\n- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).\n- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).\n- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).\n- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).\n- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).\n- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- cxgb4: fix abort_req_rss6 struct (bsc#1046540).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- declance: Fix continuation with the adapter identification message (bsc#1051510).\n- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).\n- drivers/base: stop new probing during shutdown (bsc#1051510).\n- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).\n- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: add new polaris pci id (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).\n- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).\n- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).\n- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).\n- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).\n- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).\n- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: Remove trailing semicolon for static inline (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpiolib: Free the last requested descriptor (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: fix schedule in RCU context ().\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).\n- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).\n- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- kabi protect enum mem_type (bsc#1099125).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).\n- kvmclock: fix TSC calibration for nested guests (bsc#1110006).\n- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).\n- liquidio: fix kernel panic in VF driver (bsc#1067126).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).\n- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).\n- media: helene: fix xtal frequency setting at power on (bsc#1051510).\n- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).\n- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).\n- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).\n- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net: add support for Cavium PTP coprocessor (bsc#1110096).\n- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).\n- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).\n- net: thunder: change q_len's type to handle max ring size (bsc#1110096).\n- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).\n- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).\n- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).\n- net: thunderx: add multicast filter management support (bsc#1110096).\n- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).\n- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).\n- net: thunderx: add timestamping support (bsc#1110096).\n- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).\n- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).\n- net: thunderx: fix double free error (bsc#1110096).\n- net: thunderx: move filter register related macro into proper place (bsc#1110096).\n- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).\n- net: thunderx: remove a couple of redundant assignments (bsc#1110096).\n- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).\n- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).\n- objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- ovl: fix format of setxattr debug (git-fixes).\n- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).\n- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).\n- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).\n- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).\n- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).\n- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).\n- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).\n- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).\n- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).\n- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).\n- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).\n- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).\n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).\n- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).\n- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).\n- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).\n- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).\n- qed: Wait for ready indication before rereading the shmem (bsc#1050536).\n- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- rename a hv patch to reduce conflicts in -AZURE\n- reorder a qedi patch to allow further work in this branch\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).\n- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).\n- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).\n- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).\n- serial: cpm_uart: return immediately from console poll (bsc#1051510).\n- serial: imx: restore handshaking irq for imx1 (bsc#1051510).\n- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).\n- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).\n- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).\n- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- supported.conf: added cavium_ptp\n- supported.conf: mark raspberrypi-hwmon as supported\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tsl2550: fix lux1_input error in low light (bsc#1051510).\n- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).\n- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).\n- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).\n- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).\n- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).\n- ubifs: Check for name being NULL while mounting (bsc#1051510).\n- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).\n- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).\n- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).\n- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).\n- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).\n- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).\n- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).\n- usb: uas: add support for more quirk flags (bsc#1051510).\n- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).\n- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).\n- virtio: pci-legacy: Validate queue pfn (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n- x86-64/realmode: Add instruction suffix (bsc#1110006).\n- x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect.\n- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).\n- x86/CPU: Add a microcode loader callback (bsc#1110006).\n- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).\n- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).\n- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).\n- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Remove min interval polling limitation (bsc#1110006).\n- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).\n- x86/MCE: Serialize sysfs changes (bsc#1110006).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).\n- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bsc#1110006).\n- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).\n- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).\n- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).\n- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).\n- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).\n- x86/build: Beautify build log of syscall headers (bsc#1110006).\n- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).\n- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).\n- x86/decoder: Add new TEST instruction pattern (bsc#1110006).\n- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/entry/64: Add two more instruction suffixes (bsc#1110006).\n- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).\n- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).\n- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).\n- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).\n- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).\n- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).\n- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).\n- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).\n- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).\n- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).\n- x86/mce/AMD: Get address from already initialized block (bsc#1110006).\n- x86/mce: Add notifier_block forward declaration (bsc#1110006).\n- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).\n- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).\n- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).\n- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).\n- x86/microcode/intel: Look into the patch cache first (bsc#1110006).\n- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).\n- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).\n- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).\n- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).\n- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).\n- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).\n- x86/microcode: Fix CPU synchronization routine (bsc#1110006).\n- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).\n- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).\n- x86/microcode: Propagate return value from updating functions (bsc#1110006).\n- x86/microcode: Request microcode on the BSP (bsc#1110006).\n- x86/microcode: Synchronize late microcode loading (bsc#1110006).\n- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).\n- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).\n- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).\n- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).\n- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).\n- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).\n- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).\n- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).\n- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).\n- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).\n- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).\n- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).\n- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).\n- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).\n- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).\n- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).\n- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).\n- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).\n- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).\n- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).\n- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).\n- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).\n- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).\n- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).\n- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).\n- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).\n- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).\n- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).\n- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).\n- x86: Delay skip of emulated hypercall instruction (bsc#1110006).\n- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).\n- x86: i8259: Add missing include file (bsc#1110006).\n- x86: kvm: avoid unused variable warning (bsc#1110006).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xen/PVH: Set up GS segment for stack canary (bsc#1110006).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).\n- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Basesystem-15-2018-2547,SUSE-SLE-Module-Development-Tools-15-2018-2547,SUSE-SLE-Module-Development-Tools-OBS-15-2018-2547,SUSE-SLE-Module-Legacy-15-2018-2547,SUSE-SLE-Product-HA-15-2018-2547,SUSE-SLE-Product-WE-15-2018-2547", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3589-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3589-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3589-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004818.html", }, { category: "self", summary: "SUSE Bug 1046540", url: "https://bugzilla.suse.com/1046540", }, { category: "self", summary: "SUSE Bug 1050319", url: "https://bugzilla.suse.com/1050319", }, { category: "self", summary: "SUSE Bug 1050536", url: "https://bugzilla.suse.com/1050536", }, { category: "self", summary: "SUSE Bug 1050540", url: "https://bugzilla.suse.com/1050540", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067126", url: "https://bugzilla.suse.com/1067126", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1086283", url: "https://bugzilla.suse.com/1086283", }, { category: "self", summary: "SUSE Bug 1086288", url: "https://bugzilla.suse.com/1086288", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1099125", url: "https://bugzilla.suse.com/1099125", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1102881", url: "https://bugzilla.suse.com/1102881", }, { category: "self", summary: "SUSE Bug 1103308", url: "https://bugzilla.suse.com/1103308", }, { category: "self", summary: "SUSE Bug 1103543", url: "https://bugzilla.suse.com/1103543", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106838", url: "https://bugzilla.suse.com/1106838", }, { category: "self", summary: "SUSE Bug 1107685", url: "https://bugzilla.suse.com/1107685", }, { category: "self", summary: "SUSE Bug 1108241", url: "https://bugzilla.suse.com/1108241", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1108828", url: "https://bugzilla.suse.com/1108828", }, { category: "self", summary: "SUSE Bug 1108841", url: "https://bugzilla.suse.com/1108841", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109151", url: "https://bugzilla.suse.com/1109151", }, { category: "self", summary: "SUSE Bug 1109158", url: "https://bugzilla.suse.com/1109158", }, { category: "self", summary: "SUSE Bug 1109217", url: "https://bugzilla.suse.com/1109217", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109784", url: "https://bugzilla.suse.com/1109784", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109911", url: "https://bugzilla.suse.com/1109911", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110096", url: "https://bugzilla.suse.com/1110096", }, { category: "self", summary: "SUSE Bug 1110538", url: "https://bugzilla.suse.com/1110538", }, { category: "self", summary: "SUSE Bug 1110561", url: "https://bugzilla.suse.com/1110561", }, { category: "self", summary: "SUSE Bug 1110921", url: "https://bugzilla.suse.com/1110921", }, { category: "self", summary: "SUSE Bug 1111028", url: "https://bugzilla.suse.com/1111028", }, { category: "self", summary: "SUSE Bug 1111076", url: "https://bugzilla.suse.com/1111076", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111806", url: "https://bugzilla.suse.com/1111806", }, { category: "self", summary: "SUSE Bug 1111819", url: "https://bugzilla.suse.com/1111819", }, { category: "self", summary: "SUSE Bug 1111830", url: "https://bugzilla.suse.com/1111830", }, { category: "self", summary: "SUSE Bug 1111834", url: "https://bugzilla.suse.com/1111834", }, { category: "self", summary: "SUSE Bug 1111841", url: "https://bugzilla.suse.com/1111841", }, { category: "self", summary: "SUSE Bug 1111870", url: "https://bugzilla.suse.com/1111870", }, { category: "self", summary: "SUSE Bug 1111901", url: "https://bugzilla.suse.com/1111901", }, { category: "self", summary: "SUSE Bug 1111904", url: "https://bugzilla.suse.com/1111904", }, { category: "self", summary: "SUSE Bug 1111928", url: "https://bugzilla.suse.com/1111928", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112173", url: "https://bugzilla.suse.com/1112173", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112221", url: "https://bugzilla.suse.com/1112221", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-31T13:44:41Z", generator: { date: "2018-10-31T13:44:41Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3589-1", initial_release_date: "2018-10-31T13:44:41Z", revision_history: [ { date: "2018-10-31T13:44:41Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.25.1.aarch64", product: { name: "kernel-default-4.12.14-25.25.1.aarch64", product_id: "kernel-default-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.25.1.aarch64", product: { name: "kernel-default-devel-4.12.14-25.25.1.aarch64", product_id: "kernel-default-devel-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.25.1.aarch64", product: { name: "kernel-obs-build-4.12.14-25.25.1.aarch64", product_id: "kernel-obs-build-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.25.1.aarch64", product: { name: "kernel-syms-4.12.14-25.25.1.aarch64", product_id: "kernel-syms-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.25.1.aarch64", product: { name: "kernel-vanilla-base-4.12.14-25.25.1.aarch64", product_id: "kernel-vanilla-base-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.25.1.aarch64", product: { name: "reiserfs-kmp-default-4.12.14-25.25.1.aarch64", product_id: "reiserfs-kmp-default-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.25.1.aarch64", product: { name: "cluster-md-kmp-default-4.12.14-25.25.1.aarch64", product_id: "cluster-md-kmp-default-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.25.1.aarch64", product: { name: "dlm-kmp-default-4.12.14-25.25.1.aarch64", product_id: "dlm-kmp-default-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.25.1.aarch64", product: { name: "gfs2-kmp-default-4.12.14-25.25.1.aarch64", product_id: "gfs2-kmp-default-4.12.14-25.25.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.25.1.aarch64", product: { name: "ocfs2-kmp-default-4.12.14-25.25.1.aarch64", product_id: "ocfs2-kmp-default-4.12.14-25.25.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-25.25.1.noarch", product: { name: "kernel-devel-4.12.14-25.25.1.noarch", product_id: "kernel-devel-4.12.14-25.25.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-25.25.1.noarch", product: { name: "kernel-macros-4.12.14-25.25.1.noarch", product_id: "kernel-macros-4.12.14-25.25.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-25.25.1.noarch", product: { name: "kernel-docs-4.12.14-25.25.1.noarch", product_id: "kernel-docs-4.12.14-25.25.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-25.25.1.noarch", product: { name: "kernel-source-4.12.14-25.25.1.noarch", product_id: "kernel-source-4.12.14-25.25.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.25.1.ppc64le", product: { name: "kernel-default-4.12.14-25.25.1.ppc64le", product_id: "kernel-default-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.25.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-25.25.1.ppc64le", product_id: "kernel-default-devel-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.25.1.ppc64le", product: { name: "kernel-obs-build-4.12.14-25.25.1.ppc64le", product_id: "kernel-obs-build-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.25.1.ppc64le", product: { name: "kernel-syms-4.12.14-25.25.1.ppc64le", product_id: "kernel-syms-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.25.1.ppc64le", product: { name: "kernel-vanilla-base-4.12.14-25.25.1.ppc64le", product_id: "kernel-vanilla-base-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", product: { name: "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", product_id: "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.25.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-25.25.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.25.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-25.25.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.25.1.s390x", product: { name: "kernel-default-4.12.14-25.25.1.s390x", product_id: "kernel-default-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.25.1.s390x", product: { name: "kernel-default-devel-4.12.14-25.25.1.s390x", product_id: "kernel-default-devel-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-25.25.1.s390x", product: { name: "kernel-default-man-4.12.14-25.25.1.s390x", product_id: "kernel-default-man-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-4.12.14-25.25.1.s390x", product: { name: "kernel-zfcpdump-4.12.14-25.25.1.s390x", product_id: "kernel-zfcpdump-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.25.1.s390x", product: { name: "kernel-obs-build-4.12.14-25.25.1.s390x", product_id: "kernel-obs-build-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.25.1.s390x", product: { name: "kernel-syms-4.12.14-25.25.1.s390x", product_id: "kernel-syms-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.25.1.s390x", product: { name: "kernel-vanilla-base-4.12.14-25.25.1.s390x", product_id: "kernel-vanilla-base-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.25.1.s390x", product: { name: "reiserfs-kmp-default-4.12.14-25.25.1.s390x", product_id: "reiserfs-kmp-default-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.25.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-25.25.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.25.1.s390x", product: { name: "dlm-kmp-default-4.12.14-25.25.1.s390x", product_id: "dlm-kmp-default-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.25.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-25.25.1.s390x", product_id: "gfs2-kmp-default-4.12.14-25.25.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.25.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-25.25.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-25.25.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-25.25.1.x86_64", product: { name: "kernel-default-4.12.14-25.25.1.x86_64", product_id: "kernel-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-25.25.1.x86_64", product: { name: "kernel-default-devel-4.12.14-25.25.1.x86_64", product_id: "kernel-default-devel-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-25.25.1.x86_64", product: { name: "kernel-obs-build-4.12.14-25.25.1.x86_64", product_id: "kernel-obs-build-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-25.25.1.x86_64", product: { name: "kernel-syms-4.12.14-25.25.1.x86_64", product_id: "kernel-syms-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-vanilla-base-4.12.14-25.25.1.x86_64", product: { name: "kernel-vanilla-base-4.12.14-25.25.1.x86_64", product_id: "kernel-vanilla-base-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-4.12.14-25.25.1.x86_64", product: { name: "reiserfs-kmp-default-4.12.14-25.25.1.x86_64", product_id: "reiserfs-kmp-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-25.25.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-25.25.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-25.25.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-25.25.1.x86_64", product_id: "dlm-kmp-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-25.25.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-25.25.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-25.25.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-25.25.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-25.25.1.x86_64", product: { name: "kernel-default-extra-4.12.14-25.25.1.x86_64", product_id: "kernel-default-extra-4.12.14-25.25.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15", product: { name: "SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15", product: { name: "SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15", product: { name: "SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15", product: { name: "SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15", product: { name: "SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", }, product_reference: "kernel-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", }, product_reference: "kernel-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", }, product_reference: "kernel-default-man-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", }, product_reference: "kernel-devel-4.12.14-25.25.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", }, product_reference: "kernel-macros-4.12.14-25.25.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15", product_id: "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", }, product_reference: "kernel-zfcpdump-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", }, product_reference: "kernel-docs-4.12.14-25.25.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", }, product_reference: "kernel-obs-build-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", }, product_reference: "kernel-obs-build-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-obs-build-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-25.25.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", }, product_reference: "kernel-source-4.12.14-25.25.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", }, product_reference: "kernel-syms-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", }, product_reference: "kernel-syms-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-syms-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", }, product_reference: "kernel-vanilla-base-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-vanilla-base-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", }, product_reference: "kernel-vanilla-base-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "kernel-vanilla-base-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15", product_id: "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-vanilla-base-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", }, product_reference: "reiserfs-kmp-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", }, product_reference: "reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", }, product_reference: "reiserfs-kmp-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15", product_id: "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", }, product_reference: "reiserfs-kmp-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", }, product_reference: "cluster-md-kmp-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", }, product_reference: "dlm-kmp-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", }, product_reference: "gfs2-kmp-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.25.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", }, product_reference: "ocfs2-kmp-default-4.12.14-25.25.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.25.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-25.25.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15", product_id: "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15", product_id: "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:41Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:41Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:41Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:cluster-md-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:dlm-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:gfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise High Availability Extension 15:ocfs2-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-devel-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15:kernel-default-man-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15:kernel-devel-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-macros-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15:kernel-zfcpdump-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-docs-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-obs-build-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-source-4.12.14-25.25.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-syms-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15:kernel-vanilla-base-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.s390x", "SUSE Linux Enterprise Module for Legacy 15:reiserfs-kmp-default-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15:kernel-default-extra-4.12.14-25.25.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:41Z", details: "low", }, ], title: "CVE-2018-18445", }, ], }
suse-su-2018:4069-1
Vulnerability from csaf_suse
Published
2018-12-11 08:24
Modified
2018-12-11 08:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removed entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry could remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).
- ACPICA: Tables: Add WSMT support (bsc#1089350).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).
- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).
- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).
- ACPI, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128).
- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).
- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).
- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).
- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).
- act_ife: fix a potential use-after-free (networking-stable-18_09_11).
- Add the cherry-picked dup id for PCI dwc fix
- Add version information to KLP_SYMBOLS file
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).
- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).
- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).
- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- ALSA: hda: fix unused variable warning (bsc#1051510).
- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).
- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).
- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).
- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).
- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).
- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).
- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).
- ALSA: hda/realtek - Support ALC300 (bsc#1051510).
- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).
- ALSA: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).
- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).
- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).
- ARM: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).
- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)
- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).
- bitops: protect variables in set_mask_bits() macro (bsc#1051510).
- Blacklist commit that modifies Scsi_Host/kabi (bsc#1114579)
- Blacklist sd_zbc patch that is too invasive (bsc#1114583)
- Blacklist virtio patch that uses bio_integrity_bytes() (bsc#1114585)
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).
- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).
- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).
- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).
- bonding: avoid possible dead-lock (networking-stable-18_10_16).
- bonding: fix length of actor system (networking-stable-18_11_02).
- bonding: fix warning message (networking-stable-18_10_16).
- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).
- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).
- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).
- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).
- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).
- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).
- Btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- Btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).
- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).
- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).
- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).
- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).
- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).
- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).
- Btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).
- Btrfs: fix use-after-free during inode eviction (bsc#1116701).
- Btrfs: fix use-after-free when dumping free space (bsc#1116862).
- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).
- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).
- Btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- Btrfs: make sure we create all new block groups (bsc#1116699).
- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).
- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).
- can: hi311x: Use level-triggered interrupt (bsc#1051510).
- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).
- can: rcar_can: Fix erroneous registration (bsc#1051510).
- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).
- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).
- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).
- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).
- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).
- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).
- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).
- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- configfs: replace strncpy with memcpy (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- Documentation/l1tf: Fix typos (bsc#1051510).
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).
- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/ast: change resolution may cause screen blurred (boo#1112963).
- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).
- drm/ast: Fix incorrect free on ioregs (bsc#1051510).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bsc#1051510).
- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).
- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).
- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915/glk: Remove 99% limitation (bsc#1051510).
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).
- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).
- drm/i915: Mark pin flags as u64 (bsc#1051510).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).
- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/meson: add support for 1080p25 mode (bsc#1051510).
- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).
- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- EDAC: Raise the maximum number of memory controllers (bsc#1113780).
- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- Enable LSPCON instead of blindly disabling HDMI
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).
- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).
- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).
- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- fbdev: fix broken menu dependencies (bsc#1113722)
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).
- firmware: dcdbas: include linux/io.h (bsc#1089350).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).
- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fs: Make extension of struct super_block transparent (bsc#1117822).
- fsnotify: Fix busy inodes during unmount (bsc#1117822).
- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).
- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).
- ftrace: Remove incorrect setting of glob search field (bsc#1117184).
- genirq: Fix race on spurious interrupt detection (bsc#1051510).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).
- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- HID: hiddev: fix potential Spectre v1 (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).
- hv: avoid crash in vmbus sysfs files (bnc#1108377).
- hv_netvsc: fix schedule in RCU context ().
- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).
- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).
- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).
- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).
- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).
- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).
- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).
- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).
- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).
- hwrng: core - document the quality field (bsc#1051510).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).
- iio: ad5064: Fix regulator handling (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- iio:st_magn: Fix enable device after trigger (bsc#1051510).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).
- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).
- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).
- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- Input: atakbd - fix Atari keymap (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).
- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).
- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).
- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).
- Input: xpad - fix some coding style issues (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).
- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).
- ipmi: Fix timer race with module unload (bsc#1051510).
- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).
- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).
- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).
- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).
- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).
- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).
- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).
- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- KABI fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
- KABI: mask raw in struct bpf_reg_state (bsc#1083647).
- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- KABI: powerpc: Revert npu callback signature change (bsc#1055120).
- KABI: protect struct fib_nh_exception (kabi).
- KABI: protect struct rtable (kabi).
- KABI/severities: ignore __xive_vm_h_* KVM internal symbols.
- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).
- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).
- KVM: Make VM ioctl do valloc for some archs (bsc#1111506).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).
- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).
- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
- KVM/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- KVM: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
- libnvdimm, badrange: remove a WARN for list_empty (bsc#1112128).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).
- libnvdimm: Introduce locked DIMM capacity support (bsc#1112128).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: move poison list functions to a new 'badrange' file (bsc#1112128).
- libnvdimm/nfit_test: add firmware download emulation (bsc#1112128).
- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#1112128).
- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).
- libnvdimm, testing: Add emulation for smart injection commands (bsc#1112128).
- libnvdimm, testing: update the default smart ctrl_temperature (bsc#1112128).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- livepatch: create and include UAPI headers ().
- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Always report TX status (bsc#1051510).
- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).
- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- mach64: fix display corruption on big endian machines (bsc#1113722)
- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)
- mailbox: PCC: handle parse error (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- md: allow metadata updates while suspending an array - fix (git-fixes).
- MD: fix invalid stored role for a disk - try2 (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).
- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).
- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).
- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: rework memcg kernel stack accounting (bnc#1113677).
- modpost: ignore livepatch unresolved relocations ().
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).
- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).
- move changes without Git-commit out of sorted section
- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).
- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).
- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).
- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).
- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).
- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).
- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).
- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).
- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).
- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).
- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).
- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).
- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).
- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).
- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).
- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).
- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).
- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).
- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).
- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).
- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).
- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).
- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).
- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).
- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).
- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).
- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).
- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).
- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).
- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).
- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).
- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).
- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).
- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).
- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).
- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).
- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).
- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).
- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).
- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).
- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).
- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).
- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).
- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).
- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).
- net: socket: fix a missing-check bug (networking-stable-18_11_02).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).
- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).
- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).
- net: systemport: Protect stop from timeout (networking-stable-18_11_21).
- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).
- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- nfit_test: add error injection DSMs (bsc#1112128).
- nfit_test: fix buffer overrun, add sanity check (bsc#1112128).
- nfit_test: improve structure offset handling (bsc#1112128).
- nfit_test: prevent parsing error of nfit_test.0 (bsc#1112128).
- nfit_test: when clearing poison, also remove badrange entries (bsc#1112128).
- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).
- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
- NFS: Avoid RCU usage in tracepoints (git-fixes).
- NFS: commit direct writes even if they fail partially (git-fixes).
- nfsd4: permit layoutget of executable-only files (git-fixes).
- nfsd: check for use of the closed special stateid (git-fixes).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).
- nfsd: deal with revoked delegations appropriately (git-fixes).
- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).
- nfsd: Fix another OPEN stateid race (git-fixes).
- nfsd: fix corrupted reply to badly ordered compound (git-fixes).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).
- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).
- NFS: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).
- NFS: Ensure we commit after writeback is complete (bsc#1111809).
- NFS: Fix an incorrect type in struct nfs_direct_req (git-fixes).
- NFS: Fix a typo in nfs_rename() (git-fixes).
- NFS: Fix typo in nomigration mount option (git-fixes).
- NFS: Fix unstable write completion (git-fixes).
- NFSv4.0 fix client reference leak in callback (git-fixes).
- NFSv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).
- NFSv4.1 fix infinite loop on I/O (git-fixes).
- NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).
- NFSv4.1: Fix up replays of interrupted requests (git-fixes).
- NFSv4: Fix a typo in nfs41_sequence_process (git-fixes).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).
- nospec: Include <asm/barrier.h> dependency (bsc#1114279).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- nvme: Free ctrl device name on init failure ().
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).
- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).
- ocfs2: fix ocfs2 read block panic (bsc#1117815).
- ocfs2: free up write context when direct IO failed (bsc#1117821).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).
- of: add helper to lookup compatible child node (bsc#1106110)
- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- PCI: hv: Use effective affinity mask (bsc#1109772).
- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).
- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).
- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).
- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).
- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).
- perf: fix invalid bit in diagnostic entry (git-fixes).
- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).
- pinctrl: meson: fix pinconf bias disable (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).
- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).
- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).
- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).
- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).
- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).
- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/mm: Fix typo in comments (bsc#1065729).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).
- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).
- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).
- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).
- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).
- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).
- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- provide linux/set_memory.h (bsc#1113295).
- ptp: fix Spectre v1 vulnerability (bsc#1051510).
- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).
- pxa168fb: prepare the clock (bsc#1051510).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).
- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- r8169: fix NAPI handling under high load (networking-stable-18_11_02).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- random: rate limit unseeded randomness warnings (git-fixes).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rds: fix two RCU related problems (networking-stable-18_09_18).
- README: Clean-up trailing whitespace
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).
- rename a hv patch to reduce conflicts in -AZURE
- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).
- reset: imx7: Fix always writing bits as 0 (bsc#1051510).
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).
- Revert 'rpm/kernel-binary.spec.in: allow unsupported modules for -extra'
- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).
- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).
- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).
- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).
- s390/qeth: handle failure on workqueue creation (git-fixes).
- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).
- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).
- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).
- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).
- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).
- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).
- sched/numa: Limit the conditions where scan period is reset ().
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).
- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).
- scsi: lpfc: add Trunking support (bsc#1114015).
- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).
- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).
- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).
- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).
- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).
- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).
- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).
- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).
- scsi: lpfc: Fix errors in log messages (bsc#1114015).
- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).
- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).
- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).
- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).
- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).
- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).
- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).
- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).
- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).
- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).
- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).
- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).
- scsi: sg: fix minor memory leak in error path (bsc#1114584).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).
- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).
- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).
- scsi: target: tcmu: add read length support (bsc#1097755).
- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).
- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).
- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).
- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).
- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).
- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- skip LAYOUTRETURN if layout is invalid (git-fixes).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- staging:iio:ad7606: fix voltage scales (bsc#1051510).
- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).
- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).
- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).
- sunrpc: Do not use stack buffer with scatterlist (git-fixes).
- sunrpc: Fix rpc_task_begin trace point (git-fixes).
- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).
- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).
- test_firmware: fix error return getting clobbered (bsc#1051510).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).
- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).
- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).
- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).
- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).
- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).
- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#1112128).
- tools/testing/nvdimm: allow custom error code injection (bsc#1112128).
- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#1112128).
- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#1112128).
- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#1112128).
- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#1112128).
- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#1112128).
- tools/testing/nvdimm: improve emulation of smart injection (bsc#1112128).
- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#1112128).
- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#1112128).
- tools/testing/nvdimm: smart alarm/threshold control (bsc#1112128).
- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#1112128).
- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#1112128).
- tools/testing/nvdimm: unit test clear-error commands (bsc#1112128).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).
- tpm: add retry logic (bsc#1082555).
- tpm: consolidate the TPM startup code (bsc#1082555).
- tpm: do not suspend/resume if power stays on (bsc#1082555).
- tpm: fix intermittent failure with self tests (bsc#1082555).
- tpm: fix response size validation in tpm_get_random() (bsc#1082555).
- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).
- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).
- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).
- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).
- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).
- tpm: Restore functionality to xen vtpm driver (bsc#1082555).
- tpm: self test failure should not cause suspend to fail (bsc#1082555).
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).
- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).
- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).
- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).
- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).
- tracing: Erase irqsoff trace with empty write (bsc#1117189).
- tty: check name length in tty_find_polling_driver() (bsc#1051510).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- tty: wipe buffer (bsc#1051510).
- tty: wipe buffer if not echoing data (bsc#1051510).
- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).
- tuntap: fix multiqueue rx (networking-stable-18_11_21).
- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).
- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).
- udp6: fix encap return code for resubmitting (git-fixes).
- uio: ensure class is registered before devices (bsc#1051510).
- uio: Fix an Oops on load (bsc#1051510).
- uio: make symbol 'uio_class_registered' static (bsc#1051510).
- Update config files. Enabled ENA (Amazon network driver) for arm64.
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: core: Fix hub port connection events lost (bsc#1051510).
- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).
- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).
- usb: dwc3: core: Clean up ULPI device (bsc#1051510).
- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).
- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).
- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).
- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).
- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).
- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).
- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).
- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).
- usb: serial: option: drop redundant interface-class test (bsc#1051510).
- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).
- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- Use upstream version of pci-hyperv patch (35a88a1)
- VFS: close race between getcwd() and d_move() (git-fixes).
- VFS: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vhost: Fix Spectre V1 vulnerability (bsc#1051510).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).
- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).
- VMCI: Resource wildcard match fixed (bsc#1051510).
- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).
- x86/eisa: Add missing include (bsc#1110006).
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).
- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).
- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).
- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).
- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#1112128).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/speculation: Support Enhanced IBRS on future CPUs ().
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netfront: do not bug in case of too many frags (bnc#1104824).
- xen/pvh: do not try to unplug emulated devices (bnc#1065600).
- xen/pvh: increase early stack size (bnc#1065600).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).
- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).
- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).
Patchnames
SUSE-SLE-DESKTOP-12-SP4-2018-2894,SUSE-SLE-HA-12-SP4-2018-2894,SUSE-SLE-SDK-12-SP4-2018-2894,SUSE-SLE-SERVER-12-SP4-2018-2894,SUSE-SLE-WE-12-SP4-2018-2894
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removed entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry could remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).\n- ACPICA: Tables: Add WSMT support (bsc#1089350).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).\n- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).\n- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).\n- ACPI, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128).\n- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).\n- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).\n- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).\n- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).\n- act_ife: fix a potential use-after-free (networking-stable-18_09_11).\n- Add the cherry-picked dup id for PCI dwc fix\n- Add version information to KLP_SYMBOLS file\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).\n- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).\n- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).\n- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- ALSA: hda: fix unused variable warning (bsc#1051510).\n- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).\n- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).\n- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).\n- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).\n- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).\n- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).\n- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).\n- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).\n- ALSA: hda/realtek - Support ALC300 (bsc#1051510).\n- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).\n- ALSA: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).\n- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).\n- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).\n- ARM: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).\n- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)\n- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).\n- bitops: protect variables in set_mask_bits() macro (bsc#1051510).\n- Blacklist commit that modifies Scsi_Host/kabi (bsc#1114579)\n- Blacklist sd_zbc patch that is too invasive (bsc#1114583)\n- Blacklist virtio patch that uses bio_integrity_bytes() (bsc#1114585)\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).\n- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).\n- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).\n- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).\n- bonding: avoid possible dead-lock (networking-stable-18_10_16).\n- bonding: fix length of actor system (networking-stable-18_11_02).\n- bonding: fix warning message (networking-stable-18_10_16).\n- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).\n- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).\n- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).\n- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).\n- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).\n- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).\n- Btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- Btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).\n- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).\n- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).\n- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).\n- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).\n- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).\n- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).\n- Btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).\n- Btrfs: fix use-after-free during inode eviction (bsc#1116701).\n- Btrfs: fix use-after-free when dumping free space (bsc#1116862).\n- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).\n- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).\n- Btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- Btrfs: make sure we create all new block groups (bsc#1116699).\n- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).\n- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).\n- can: hi311x: Use level-triggered interrupt (bsc#1051510).\n- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).\n- can: rcar_can: Fix erroneous registration (bsc#1051510).\n- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).\n- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).\n- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).\n- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).\n- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).\n- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).\n- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).\n- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- configfs: replace strncpy with memcpy (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- Documentation/l1tf: Fix typos (bsc#1051510).\n- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).\n- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/ast: change resolution may cause screen blurred (boo#1112963).\n- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).\n- drm/ast: Fix incorrect free on ioregs (bsc#1051510).\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bsc#1051510).\n- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).\n- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).\n- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915/glk: Remove 99% limitation (bsc#1051510).\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).\n- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).\n- drm/i915: Mark pin flags as u64 (bsc#1051510).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).\n- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/meson: add support for 1080p25 mode (bsc#1051510).\n- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).\n- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- EDAC: Raise the maximum number of memory controllers (bsc#1113780).\n- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- Enable LSPCON instead of blindly disabling HDMI\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).\n- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).\n- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).\n- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).\n- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).\n- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).\n- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev: fix broken menu dependencies (bsc#1113722)\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).\n- firmware: dcdbas: include linux/io.h (bsc#1089350).\n- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).\n- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).\n- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fs: Make extension of struct super_block transparent (bsc#1117822).\n- fsnotify: Fix busy inodes during unmount (bsc#1117822).\n- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).\n- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).\n- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).\n- ftrace: Remove incorrect setting of glob search field (bsc#1117184).\n- genirq: Fix race on spurious interrupt detection (bsc#1051510).\n- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).\n- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).\n- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- HID: hiddev: fix potential Spectre v1 (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: fix schedule in RCU context ().\n- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).\n- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).\n- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).\n- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).\n- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).\n- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).\n- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).\n- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).\n- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).\n- hwrng: core - document the quality field (bsc#1051510).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).\n- iio: ad5064: Fix regulator handling (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- iio:st_magn: Fix enable device after trigger (bsc#1051510).\n- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).\n- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).\n- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).\n- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- Input: atakbd - fix Atari keymap (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).\n- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).\n- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).\n- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).\n- Input: xpad - fix some coding style issues (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).\n- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).\n- ipmi: Fix timer race with module unload (bsc#1051510).\n- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).\n- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).\n- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).\n- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).\n- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).\n- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).\n- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).\n- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).\n- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- KABI fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- KABI: mask raw in struct bpf_reg_state (bsc#1083647).\n- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- KABI: powerpc: Revert npu callback signature change (bsc#1055120).\n- KABI: protect struct fib_nh_exception (kabi).\n- KABI: protect struct rtable (kabi).\n- KABI/severities: ignore __xive_vm_h_* KVM internal symbols.\n- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).\n- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).\n- KVM: Make VM ioctl do valloc for some archs (bsc#1111506).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).\n- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).\n- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).\n- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).\n- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).\n- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).\n- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).\n- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).\n- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- KVM/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- KVM: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).\n- libnvdimm, badrange: remove a WARN for list_empty (bsc#1112128).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).\n- libnvdimm: Introduce locked DIMM capacity support (bsc#1112128).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: move poison list functions to a new 'badrange' file (bsc#1112128).\n- libnvdimm/nfit_test: add firmware download emulation (bsc#1112128).\n- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#1112128).\n- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).\n- libnvdimm, testing: Add emulation for smart injection commands (bsc#1112128).\n- libnvdimm, testing: update the default smart ctrl_temperature (bsc#1112128).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- livepatch: create and include UAPI headers ().\n- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).\n- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Always report TX status (bsc#1051510).\n- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- mach64: fix display corruption on big endian machines (bsc#1113722)\n- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)\n- mailbox: PCC: handle parse error (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- md: allow metadata updates while suspending an array - fix (git-fixes).\n- MD: fix invalid stored role for a disk - try2 (git-fixes).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).\n- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).\n- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).\n- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: rework memcg kernel stack accounting (bnc#1113677).\n- modpost: ignore livepatch unresolved relocations ().\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).\n- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).\n- move changes without Git-commit out of sorted section\n- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).\n- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).\n- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).\n- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).\n- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).\n- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).\n- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).\n- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).\n- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).\n- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).\n- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).\n- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).\n- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).\n- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).\n- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).\n- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).\n- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).\n- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).\n- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).\n- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).\n- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).\n- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).\n- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).\n- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).\n- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).\n- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).\n- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).\n- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).\n- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).\n- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).\n- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).\n- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).\n- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).\n- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).\n- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).\n- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).\n- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).\n- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).\n- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).\n- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).\n- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).\n- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).\n- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).\n- net: socket: fix a missing-check bug (networking-stable-18_11_02).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).\n- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).\n- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).\n- net: systemport: Protect stop from timeout (networking-stable-18_11_21).\n- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).\n- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- nfit_test: add error injection DSMs (bsc#1112128).\n- nfit_test: fix buffer overrun, add sanity check (bsc#1112128).\n- nfit_test: improve structure offset handling (bsc#1112128).\n- nfit_test: prevent parsing error of nfit_test.0 (bsc#1112128).\n- nfit_test: when clearing poison, also remove badrange entries (bsc#1112128).\n- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).\n- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n- NFS: Avoid RCU usage in tracepoints (git-fixes).\n- NFS: commit direct writes even if they fail partially (git-fixes).\n- nfsd4: permit layoutget of executable-only files (git-fixes).\n- nfsd: check for use of the closed special stateid (git-fixes).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).\n- nfsd: deal with revoked delegations appropriately (git-fixes).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).\n- nfsd: Fix another OPEN stateid race (git-fixes).\n- nfsd: fix corrupted reply to badly ordered compound (git-fixes).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).\n- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).\n- NFS: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).\n- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).\n- NFS: Ensure we commit after writeback is complete (bsc#1111809).\n- NFS: Fix an incorrect type in struct nfs_direct_req (git-fixes).\n- NFS: Fix a typo in nfs_rename() (git-fixes).\n- NFS: Fix typo in nomigration mount option (git-fixes).\n- NFS: Fix unstable write completion (git-fixes).\n- NFSv4.0 fix client reference leak in callback (git-fixes).\n- NFSv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).\n- NFSv4.1 fix infinite loop on I/O (git-fixes).\n- NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).\n- NFSv4.1: Fix up replays of interrupted requests (git-fixes).\n- NFSv4: Fix a typo in nfs41_sequence_process (git-fixes).\n- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).\n- nospec: Include <asm/barrier.h> dependency (bsc#1114279).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvme: Free ctrl device name on init failure ().\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).\n- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).\n- ocfs2: fix ocfs2 read block panic (bsc#1117815).\n- ocfs2: free up write context when direct IO failed (bsc#1117821).\n- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- PCI: hv: Use effective affinity mask (bsc#1109772).\n- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).\n- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).\n- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).\n- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).\n- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).\n- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).\n- perf: fix invalid bit in diagnostic entry (git-fixes).\n- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).\n- pinctrl: meson: fix pinconf bias disable (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).\n- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).\n- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).\n- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).\n- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).\n- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).\n- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/mm: Fix typo in comments (bsc#1065729).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).\n- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).\n- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).\n- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).\n- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).\n- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).\n- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).\n- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).\n- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- provide linux/set_memory.h (bsc#1113295).\n- ptp: fix Spectre v1 vulnerability (bsc#1051510).\n- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).\n- pxa168fb: prepare the clock (bsc#1051510).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).\n- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- r8169: fix NAPI handling under high load (networking-stable-18_11_02).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rds: fix two RCU related problems (networking-stable-18_09_18).\n- README: Clean-up trailing whitespace\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).\n- rename a hv patch to reduce conflicts in -AZURE\n- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).\n- reset: imx7: Fix always writing bits as 0 (bsc#1051510).\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).\n- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).\n- Revert 'rpm/kernel-binary.spec.in: allow unsupported modules for -extra'\n- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).\n- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).\n- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).\n- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).\n- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).\n- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).\n- s390/qeth: handle failure on workqueue creation (git-fixes).\n- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).\n- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).\n- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).\n- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).\n- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).\n- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).\n- scsi: lpfc: add Trunking support (bsc#1114015).\n- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).\n- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).\n- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).\n- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).\n- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).\n- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).\n- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).\n- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).\n- scsi: lpfc: Fix errors in log messages (bsc#1114015).\n- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).\n- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).\n- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).\n- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).\n- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).\n- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).\n- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).\n- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).\n- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).\n- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).\n- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).\n- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).\n- scsi: sg: fix minor memory leak in error path (bsc#1114584).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).\n- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).\n- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).\n- scsi: target: tcmu: add read length support (bsc#1097755).\n- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).\n- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).\n- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).\n- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).\n- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).\n- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- skip LAYOUTRETURN if layout is invalid (git-fixes).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- staging:iio:ad7606: fix voltage scales (bsc#1051510).\n- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).\n- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).\n- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).\n- sunrpc: Do not use stack buffer with scatterlist (git-fixes).\n- sunrpc: Fix rpc_task_begin trace point (git-fixes).\n- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).\n- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).\n- test_firmware: fix error return getting clobbered (bsc#1051510).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).\n- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).\n- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).\n- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).\n- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).\n- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).\n- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#1112128).\n- tools/testing/nvdimm: allow custom error code injection (bsc#1112128).\n- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#1112128).\n- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#1112128).\n- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#1112128).\n- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#1112128).\n- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#1112128).\n- tools/testing/nvdimm: improve emulation of smart injection (bsc#1112128).\n- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#1112128).\n- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#1112128).\n- tools/testing/nvdimm: smart alarm/threshold control (bsc#1112128).\n- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#1112128).\n- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#1112128).\n- tools/testing/nvdimm: unit test clear-error commands (bsc#1112128).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).\n- tpm: add retry logic (bsc#1082555).\n- tpm: consolidate the TPM startup code (bsc#1082555).\n- tpm: do not suspend/resume if power stays on (bsc#1082555).\n- tpm: fix intermittent failure with self tests (bsc#1082555).\n- tpm: fix response size validation in tpm_get_random() (bsc#1082555).\n- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).\n- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).\n- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).\n- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).\n- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).\n- tpm: Restore functionality to xen vtpm driver (bsc#1082555).\n- tpm: self test failure should not cause suspend to fail (bsc#1082555).\n- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).\n- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).\n- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).\n- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).\n- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).\n- tracing: Erase irqsoff trace with empty write (bsc#1117189).\n- tty: check name length in tty_find_polling_driver() (bsc#1051510).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n- tty: wipe buffer (bsc#1051510).\n- tty: wipe buffer if not echoing data (bsc#1051510).\n- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).\n- tuntap: fix multiqueue rx (networking-stable-18_11_21).\n- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).\n- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).\n- udp6: fix encap return code for resubmitting (git-fixes).\n- uio: ensure class is registered before devices (bsc#1051510).\n- uio: Fix an Oops on load (bsc#1051510).\n- uio: make symbol 'uio_class_registered' static (bsc#1051510).\n- Update config files. Enabled ENA (Amazon network driver) for arm64.\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: core: Fix hub port connection events lost (bsc#1051510).\n- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).\n- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).\n- usb: dwc3: core: Clean up ULPI device (bsc#1051510).\n- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).\n- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).\n- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).\n- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).\n- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).\n- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).\n- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).\n- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).\n- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).\n- usb: serial: option: drop redundant interface-class test (bsc#1051510).\n- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).\n- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- VFS: close race between getcwd() and d_move() (git-fixes).\n- VFS: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vhost: Fix Spectre V1 vulnerability (bsc#1051510).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).\n- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).\n- VMCI: Resource wildcard match fixed (bsc#1051510).\n- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).\n- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).\n- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#1112128).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/speculation: Support Enhanced IBRS on future CPUs ().\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netfront: do not bug in case of too many frags (bnc#1104824).\n- xen/pvh: do not try to unplug emulated devices (bnc#1065600).\n- xen/pvh: increase early stack size (bnc#1065600).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).\n- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).\n- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).\n- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-DESKTOP-12-SP4-2018-2894,SUSE-SLE-HA-12-SP4-2018-2894,SUSE-SLE-SDK-12-SP4-2018-2894,SUSE-SLE-SERVER-12-SP4-2018-2894,SUSE-SLE-WE-12-SP4-2018-2894", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_4069-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:4069-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184069-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:4069-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-December/004951.html", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1068273", url: "https://bugzilla.suse.com/1068273", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1078248", url: "https://bugzilla.suse.com/1078248", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1082653", url: "https://bugzilla.suse.com/1082653", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1086196", url: "https://bugzilla.suse.com/1086196", }, { category: "self", summary: "SUSE Bug 1089350", url: "https://bugzilla.suse.com/1089350", }, { category: "self", summary: "SUSE Bug 1091800", url: "https://bugzilla.suse.com/1091800", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1097755", url: "https://bugzilla.suse.com/1097755", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1103356", url: "https://bugzilla.suse.com/1103356", }, { category: "self", summary: "SUSE Bug 1103925", url: "https://bugzilla.suse.com/1103925", }, { category: "self", summary: "SUSE Bug 1104124", url: "https://bugzilla.suse.com/1104124", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105428", url: "https://bugzilla.suse.com/1105428", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1107256", url: "https://bugzilla.suse.com/1107256", }, { category: "self", summary: "SUSE Bug 1107385", url: "https://bugzilla.suse.com/1107385", }, { category: "self", summary: "SUSE Bug 1107866", url: "https://bugzilla.suse.com/1107866", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109911", url: "https://bugzilla.suse.com/1109911", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110998", url: "https://bugzilla.suse.com/1110998", }, { category: "self", summary: "SUSE Bug 1111040", url: "https://bugzilla.suse.com/1111040", }, { category: "self", summary: "SUSE Bug 1111062", url: "https://bugzilla.suse.com/1111062", }, { category: "self", summary: "SUSE Bug 1111174", url: "https://bugzilla.suse.com/1111174", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1111809", url: "https://bugzilla.suse.com/1111809", }, { category: "self", summary: "SUSE Bug 1111921", url: "https://bugzilla.suse.com/1111921", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112173", url: "https://bugzilla.suse.com/1112173", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112221", url: "https://bugzilla.suse.com/1112221", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112878", url: "https://bugzilla.suse.com/1112878", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1112963", url: "https://bugzilla.suse.com/1112963", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE Bug 1113295", url: "https://bugzilla.suse.com/1113295", }, { category: "self", summary: "SUSE Bug 1113408", url: "https://bugzilla.suse.com/1113408", }, { category: "self", summary: "SUSE Bug 1113412", url: "https://bugzilla.suse.com/1113412", }, { category: "self", summary: "SUSE Bug 1113501", url: "https://bugzilla.suse.com/1113501", }, { category: "self", summary: "SUSE Bug 1113667", url: "https://bugzilla.suse.com/1113667", }, { category: "self", summary: "SUSE Bug 1113677", url: "https://bugzilla.suse.com/1113677", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113769", url: "https://bugzilla.suse.com/1113769", }, { category: "self", summary: "SUSE Bug 1113780", url: "https://bugzilla.suse.com/1113780", }, { category: "self", summary: "SUSE Bug 1113972", url: "https://bugzilla.suse.com/1113972", }, { category: "self", summary: "SUSE Bug 1114015", url: "https://bugzilla.suse.com/1114015", }, { category: "self", summary: "SUSE Bug 1114178", url: "https://bugzilla.suse.com/1114178", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1114385", url: "https://bugzilla.suse.com/1114385", }, { category: "self", summary: "SUSE Bug 1114576", url: "https://bugzilla.suse.com/1114576", }, { category: "self", summary: "SUSE Bug 1114577", url: "https://bugzilla.suse.com/1114577", }, { category: "self", summary: "SUSE Bug 1114578", url: "https://bugzilla.suse.com/1114578", }, { category: "self", summary: "SUSE Bug 1114579", url: "https://bugzilla.suse.com/1114579", }, { category: "self", summary: "SUSE Bug 1114580", url: "https://bugzilla.suse.com/1114580", }, { category: "self", summary: "SUSE Bug 1114581", url: "https://bugzilla.suse.com/1114581", }, { category: "self", summary: "SUSE Bug 1114582", url: "https://bugzilla.suse.com/1114582", }, { category: "self", summary: "SUSE Bug 1114583", url: "https://bugzilla.suse.com/1114583", }, { category: "self", summary: "SUSE Bug 1114584", url: "https://bugzilla.suse.com/1114584", }, { category: "self", summary: "SUSE Bug 1114585", url: "https://bugzilla.suse.com/1114585", }, { category: "self", summary: "SUSE Bug 1114839", url: "https://bugzilla.suse.com/1114839", }, { category: "self", summary: "SUSE Bug 1115074", url: "https://bugzilla.suse.com/1115074", }, { category: "self", summary: "SUSE Bug 1115269", url: "https://bugzilla.suse.com/1115269", }, { category: "self", summary: "SUSE Bug 1115431", url: "https://bugzilla.suse.com/1115431", }, { category: "self", summary: "SUSE Bug 1115433", url: "https://bugzilla.suse.com/1115433", }, { category: "self", summary: "SUSE Bug 1115440", url: "https://bugzilla.suse.com/1115440", }, { category: "self", summary: "SUSE Bug 1115567", url: "https://bugzilla.suse.com/1115567", }, { category: "self", summary: "SUSE Bug 1115709", url: "https://bugzilla.suse.com/1115709", }, { category: "self", summary: "SUSE Bug 1115976", url: "https://bugzilla.suse.com/1115976", }, { category: "self", summary: "SUSE Bug 1116183", url: "https://bugzilla.suse.com/1116183", }, { category: "self", summary: "SUSE Bug 1116692", url: "https://bugzilla.suse.com/1116692", }, { category: "self", summary: "SUSE Bug 1116693", url: "https://bugzilla.suse.com/1116693", }, { category: "self", summary: "SUSE Bug 1116698", url: "https://bugzilla.suse.com/1116698", }, { category: "self", summary: "SUSE Bug 1116699", url: "https://bugzilla.suse.com/1116699", }, { category: "self", summary: "SUSE Bug 1116700", url: "https://bugzilla.suse.com/1116700", }, { category: "self", summary: "SUSE Bug 1116701", url: "https://bugzilla.suse.com/1116701", }, { category: "self", summary: "SUSE Bug 1116862", url: "https://bugzilla.suse.com/1116862", }, { category: "self", summary: "SUSE Bug 1116863", url: "https://bugzilla.suse.com/1116863", }, { category: "self", summary: "SUSE Bug 1116876", url: "https://bugzilla.suse.com/1116876", }, { category: "self", summary: "SUSE Bug 1116877", url: "https://bugzilla.suse.com/1116877", }, { category: "self", summary: "SUSE Bug 1116878", url: "https://bugzilla.suse.com/1116878", }, { category: "self", summary: "SUSE Bug 1116891", url: "https://bugzilla.suse.com/1116891", }, { category: "self", summary: "SUSE Bug 1116895", url: "https://bugzilla.suse.com/1116895", }, { category: "self", summary: "SUSE Bug 1116899", url: "https://bugzilla.suse.com/1116899", }, { category: "self", summary: "SUSE Bug 1116950", url: "https://bugzilla.suse.com/1116950", }, { category: "self", summary: "SUSE Bug 1117168", url: "https://bugzilla.suse.com/1117168", }, { category: "self", summary: "SUSE Bug 1117172", url: "https://bugzilla.suse.com/1117172", }, { category: "self", summary: "SUSE Bug 1117174", url: "https://bugzilla.suse.com/1117174", }, { category: "self", summary: "SUSE Bug 1117181", url: "https://bugzilla.suse.com/1117181", }, { category: "self", summary: "SUSE Bug 1117184", url: "https://bugzilla.suse.com/1117184", }, { category: "self", summary: "SUSE Bug 1117188", url: "https://bugzilla.suse.com/1117188", }, { category: "self", summary: "SUSE Bug 1117189", url: "https://bugzilla.suse.com/1117189", }, { category: "self", summary: "SUSE Bug 1117349", url: "https://bugzilla.suse.com/1117349", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1117788", url: "https://bugzilla.suse.com/1117788", }, { category: "self", summary: "SUSE Bug 1117789", url: "https://bugzilla.suse.com/1117789", }, { category: "self", summary: "SUSE Bug 1117790", url: "https://bugzilla.suse.com/1117790", }, { category: "self", summary: "SUSE Bug 1117791", url: "https://bugzilla.suse.com/1117791", }, { category: "self", summary: "SUSE Bug 1117792", url: "https://bugzilla.suse.com/1117792", }, { category: "self", summary: "SUSE Bug 1117794", url: "https://bugzilla.suse.com/1117794", }, { category: "self", summary: "SUSE Bug 1117795", url: "https://bugzilla.suse.com/1117795", }, { category: "self", summary: "SUSE Bug 1117796", url: "https://bugzilla.suse.com/1117796", }, { category: "self", summary: "SUSE Bug 1117798", url: "https://bugzilla.suse.com/1117798", }, { category: "self", summary: "SUSE Bug 1117799", url: "https://bugzilla.suse.com/1117799", }, { category: "self", summary: "SUSE Bug 1117801", url: "https://bugzilla.suse.com/1117801", }, { category: "self", summary: "SUSE Bug 1117802", url: "https://bugzilla.suse.com/1117802", }, { category: "self", summary: "SUSE Bug 1117803", url: "https://bugzilla.suse.com/1117803", }, { category: "self", summary: "SUSE Bug 1117804", url: "https://bugzilla.suse.com/1117804", }, { category: "self", summary: "SUSE Bug 1117805", url: "https://bugzilla.suse.com/1117805", }, { category: "self", summary: "SUSE Bug 1117806", url: "https://bugzilla.suse.com/1117806", }, { category: "self", summary: "SUSE Bug 1117807", url: "https://bugzilla.suse.com/1117807", }, { category: "self", summary: "SUSE Bug 1117808", url: "https://bugzilla.suse.com/1117808", }, { category: "self", summary: "SUSE Bug 1117815", url: "https://bugzilla.suse.com/1117815", }, { category: "self", summary: "SUSE Bug 1117816", url: "https://bugzilla.suse.com/1117816", }, { category: "self", summary: "SUSE Bug 1117817", url: "https://bugzilla.suse.com/1117817", }, { category: "self", summary: "SUSE Bug 1117818", url: "https://bugzilla.suse.com/1117818", }, { category: "self", summary: "SUSE Bug 1117819", url: "https://bugzilla.suse.com/1117819", }, { category: "self", summary: "SUSE Bug 1117820", url: "https://bugzilla.suse.com/1117820", }, { category: "self", summary: "SUSE Bug 1117821", url: "https://bugzilla.suse.com/1117821", }, { category: "self", summary: "SUSE Bug 1117822", url: "https://bugzilla.suse.com/1117822", }, { category: "self", summary: "SUSE Bug 1118102", url: "https://bugzilla.suse.com/1118102", }, { category: "self", summary: "SUSE Bug 1118136", url: "https://bugzilla.suse.com/1118136", }, { category: "self", summary: "SUSE Bug 1118137", url: "https://bugzilla.suse.com/1118137", }, { category: "self", summary: "SUSE Bug 1118138", url: "https://bugzilla.suse.com/1118138", }, { category: "self", summary: "SUSE Bug 1118140", url: "https://bugzilla.suse.com/1118140", }, { category: "self", summary: "SUSE Bug 1118152", url: "https://bugzilla.suse.com/1118152", }, { category: "self", summary: "SUSE Bug 1118316", url: "https://bugzilla.suse.com/1118316", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-18281 page", url: "https://www.suse.com/security/cve/CVE-2018-18281/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-19824 page", url: "https://www.suse.com/security/cve/CVE-2018-19824/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-12-11T08:24:31Z", generator: { date: "2018-12-11T08:24:31Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:4069-1", initial_release_date: "2018-12-11T08:24:31Z", revision_history: [ { date: "2018-12-11T08:24:31Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-obs-build-4.12.14-95.3.2.aarch64", product: { name: "kernel-obs-build-4.12.14-95.3.2.aarch64", product_id: "kernel-obs-build-4.12.14-95.3.2.aarch64", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.3.1.aarch64", product: { name: "kernel-default-4.12.14-95.3.1.aarch64", product_id: "kernel-default-4.12.14-95.3.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.3.1.aarch64", product: { name: "kernel-default-base-4.12.14-95.3.1.aarch64", product_id: "kernel-default-base-4.12.14-95.3.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.3.1.aarch64", product: { name: "kernel-default-devel-4.12.14-95.3.1.aarch64", product_id: "kernel-default-devel-4.12.14-95.3.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.3.1.aarch64", product: { name: "kernel-syms-4.12.14-95.3.1.aarch64", product_id: "kernel-syms-4.12.14-95.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-4.12.14-95.3.1.noarch", product: { name: "kernel-devel-4.12.14-95.3.1.noarch", product_id: "kernel-devel-4.12.14-95.3.1.noarch", }, }, { category: "product_version", name: "kernel-macros-4.12.14-95.3.1.noarch", product: { name: "kernel-macros-4.12.14-95.3.1.noarch", product_id: "kernel-macros-4.12.14-95.3.1.noarch", }, }, { category: "product_version", name: "kernel-source-4.12.14-95.3.1.noarch", product: { name: "kernel-source-4.12.14-95.3.1.noarch", product_id: "kernel-source-4.12.14-95.3.1.noarch", }, }, { category: "product_version", name: "kernel-docs-4.12.14-95.3.1.noarch", product: { name: "kernel-docs-4.12.14-95.3.1.noarch", product_id: "kernel-docs-4.12.14-95.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", product: { name: "cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", product_id: "cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.3.1.ppc64le", product: { name: "dlm-kmp-default-4.12.14-95.3.1.ppc64le", product_id: "dlm-kmp-default-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.3.1.ppc64le", product: { name: "gfs2-kmp-default-4.12.14-95.3.1.ppc64le", product_id: "gfs2-kmp-default-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", product: { name: "ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", product_id: "ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.3.2.ppc64le", product: { name: "kernel-obs-build-4.12.14-95.3.2.ppc64le", product_id: "kernel-obs-build-4.12.14-95.3.2.ppc64le", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.3.1.ppc64le", product: { name: "kernel-default-4.12.14-95.3.1.ppc64le", product_id: "kernel-default-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.3.1.ppc64le", product: { name: "kernel-default-base-4.12.14-95.3.1.ppc64le", product_id: "kernel-default-base-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.3.1.ppc64le", product: { name: "kernel-default-devel-4.12.14-95.3.1.ppc64le", product_id: "kernel-default-devel-4.12.14-95.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.3.1.ppc64le", product: { name: "kernel-syms-4.12.14-95.3.1.ppc64le", product_id: "kernel-syms-4.12.14-95.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.3.1.s390x", product: { name: "cluster-md-kmp-default-4.12.14-95.3.1.s390x", product_id: "cluster-md-kmp-default-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.3.1.s390x", product: { name: "dlm-kmp-default-4.12.14-95.3.1.s390x", product_id: "dlm-kmp-default-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.3.1.s390x", product: { name: "gfs2-kmp-default-4.12.14-95.3.1.s390x", product_id: "gfs2-kmp-default-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.3.1.s390x", product: { name: "ocfs2-kmp-default-4.12.14-95.3.1.s390x", product_id: "ocfs2-kmp-default-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.3.2.s390x", product: { name: "kernel-obs-build-4.12.14-95.3.2.s390x", product_id: "kernel-obs-build-4.12.14-95.3.2.s390x", }, }, { category: "product_version", name: "kernel-default-4.12.14-95.3.1.s390x", product: { name: "kernel-default-4.12.14-95.3.1.s390x", product_id: "kernel-default-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.3.1.s390x", product: { name: "kernel-default-base-4.12.14-95.3.1.s390x", product_id: "kernel-default-base-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.3.1.s390x", product: { name: "kernel-default-devel-4.12.14-95.3.1.s390x", product_id: "kernel-default-devel-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "kernel-default-man-4.12.14-95.3.1.s390x", product: { name: "kernel-default-man-4.12.14-95.3.1.s390x", product_id: "kernel-default-man-4.12.14-95.3.1.s390x", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.3.1.s390x", product: { name: "kernel-syms-4.12.14-95.3.1.s390x", product_id: "kernel-syms-4.12.14-95.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "kernel-default-4.12.14-95.3.1.x86_64", product: { name: "kernel-default-4.12.14-95.3.1.x86_64", product_id: "kernel-default-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-4.12.14-95.3.1.x86_64", product: { name: "kernel-default-devel-4.12.14-95.3.1.x86_64", product_id: "kernel-default-devel-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-4.12.14-95.3.1.x86_64", product: { name: "kernel-default-extra-4.12.14-95.3.1.x86_64", product_id: "kernel-default-extra-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-4.12.14-95.3.1.x86_64", product: { name: "kernel-syms-4.12.14-95.3.1.x86_64", product_id: "kernel-syms-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-default-4.12.14-95.3.1.x86_64", product: { name: "cluster-md-kmp-default-4.12.14-95.3.1.x86_64", product_id: "cluster-md-kmp-default-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-4.12.14-95.3.1.x86_64", product: { name: "dlm-kmp-default-4.12.14-95.3.1.x86_64", product_id: "dlm-kmp-default-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-4.12.14-95.3.1.x86_64", product: { name: "gfs2-kmp-default-4.12.14-95.3.1.x86_64", product_id: "gfs2-kmp-default-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-4.12.14-95.3.1.x86_64", product: { name: "ocfs2-kmp-default-4.12.14-95.3.1.x86_64", product_id: "ocfs2-kmp-default-4.12.14-95.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-4.12.14-95.3.2.x86_64", product: { name: "kernel-obs-build-4.12.14-95.3.2.x86_64", product_id: "kernel-obs-build-4.12.14-95.3.2.x86_64", }, }, { category: "product_version", name: "kernel-default-base-4.12.14-95.3.1.x86_64", product: { name: "kernel-default-base-4.12.14-95.3.1.x86_64", product_id: "kernel-default-base-4.12.14-95.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12 SP4", product: { name: "SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sled:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product: { name: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4", product: { name: "SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 12 SP4", product: { name: "SUSE Linux Enterprise Workstation Extension 12 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", }, product_reference: "kernel-source-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP4", product_id: "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", }, product_reference: "cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", }, product_reference: "cluster-md-kmp-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", }, product_reference: "cluster-md-kmp-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", }, product_reference: "dlm-kmp-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", }, product_reference: "dlm-kmp-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", }, product_reference: "dlm-kmp-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", }, product_reference: "gfs2-kmp-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", }, product_reference: "gfs2-kmp-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", }, product_reference: "gfs2-kmp-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", }, product_reference: "ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", }, product_reference: "ocfs2-kmp-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP4", product_id: "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", }, product_reference: "ocfs2-kmp-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", }, product_reference: "kernel-docs-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.3.2.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", }, product_reference: "kernel-obs-build-4.12.14-95.3.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.3.2.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", }, product_reference: "kernel-obs-build-4.12.14-95.3.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.3.2.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", }, product_reference: "kernel-obs-build-4.12.14-95.3.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-4.12.14-95.3.2.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP4", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", }, product_reference: "kernel-obs-build-4.12.14-95.3.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-base-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-man-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", }, product_reference: "kernel-source-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", }, product_reference: "kernel-syms-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4", product_id: "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-base-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-base-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-base-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-base-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-devel-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-man-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", }, product_reference: "kernel-default-man-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", }, product_reference: "kernel-devel-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", }, product_reference: "kernel-macros-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-source-4.12.14-95.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", }, product_reference: "kernel-source-4.12.14-95.3.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", }, product_reference: "kernel-syms-4.12.14-95.3.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", }, product_reference: "kernel-syms-4.12.14-95.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", }, product_reference: "kernel-syms-4.12.14-95.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-syms-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-4.12.14-95.3.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP4", product_id: "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", }, product_reference: "kernel-default-extra-4.12.14-95.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-18281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18281", }, ], notes: [ { category: "general", text: "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18281", url: "https://www.suse.com/security/cve/CVE-2018-18281", }, { category: "external", summary: "SUSE Bug 1113769 for CVE-2018-18281", url: "https://bugzilla.suse.com/1113769", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2018-18281", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "low", }, ], title: "CVE-2018-18445", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-19824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19824", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19824", url: "https://www.suse.com/security/cve/CVE-2018-19824", }, { category: "external", summary: "SUSE Bug 1118152 for CVE-2018-19824", url: "https://bugzilla.suse.com/1118152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Desktop 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Desktop 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:cluster-md-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:dlm-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:gfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise High Availability Extension 12 SP4:ocfs2-kmp-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-base-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-devel-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-default-man-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-devel-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-macros-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-source-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.aarch64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:kernel-syms-4.12.14-95.3.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-docs-4.12.14-95.3.1.noarch", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.aarch64", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP4:kernel-obs-build-4.12.14-95.3.2.x86_64", "SUSE Linux Enterprise Workstation Extension 12 SP4:kernel-default-extra-4.12.14-95.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:31Z", details: "moderate", }, ], title: "CVE-2018-19824", }, ], }
suse-su-2018:4072-1
Vulnerability from csaf_suse
Published
2018-12-11 08:24
Modified
2018-12-11 08:24
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).
- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removed entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry could remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).
- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).
- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).
- ACPICA: Tables: Add WSMT support (bsc#1089350).
- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).
- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).
- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).
- ACPI, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128).
- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).
- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).
- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).
- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).
- act_ife: fix a potential use-after-free (networking-stable-18_09_11).
- Add the cherry-picked dup id for PCI dwc fix
- Add version information to KLP_SYMBOLS file
- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).
- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).
- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).
- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).
- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- ALSA: hda: fix unused variable warning (bsc#1051510).
- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).
- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).
- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).
- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).
- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).
- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).
- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).
- ALSA: hda/realtek - Support ALC300 (bsc#1051510).
- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).
- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).
- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).
- ALSA: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).
- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).
- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).
- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).
- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).
- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).
- ARM: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).
- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)
- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).
- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- ata: Fix racy link clearance (bsc#1107866).
- ataflop: fix error handling during setup (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).
- bitops: protect variables in set_mask_bits() macro (bsc#1051510).
- Blacklist commit that modifies Scsi_Host/kabi (bsc#1114579)
- Blacklist sd_zbc patch that is too invasive (bsc#1114583)
- Blacklist virtio patch that uses bio_integrity_bytes() (bsc#1114585)
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: copy ioprio in __bio_clone_fast() (bsc#1082653).
- block: respect virtual boundary mask in bvecs (bsc#1113412).
- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).
- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).
- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).
- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).
- bonding: avoid possible dead-lock (networking-stable-18_10_16).
- bonding: fix length of actor system (networking-stable-18_11_02).
- bonding: fix warning message (networking-stable-18_10_16).
- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).
- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).
- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).
- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).
- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).
- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).
- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).
- Btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- Btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).
- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).
- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).
- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).
- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).
- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).
- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).
- Btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).
- Btrfs: fix use-after-free during inode eviction (bsc#1116701).
- Btrfs: fix use-after-free when dumping free space (bsc#1116862).
- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).
- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).
- Btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- Btrfs: make sure we create all new block groups (bsc#1116699).
- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).
- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).
- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).
- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).
- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).
- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).
- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).
- can: hi311x: Use level-triggered interrupt (bsc#1051510).
- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).
- can: rcar_can: Fix erroneous registration (bsc#1051510).
- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).
- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).
- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).
- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).
- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).
- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).
- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).
- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).
- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).
- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).
- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).
- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).
- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- configfs: replace strncpy with memcpy (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- Documentation/l1tf: Fix typos (bsc#1051510).
- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).
- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/ast: change resolution may cause screen blurred (boo#1112963).
- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).
- drm/ast: Fix incorrect free on ioregs (bsc#1051510).
- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)
- drm/dp_mst: Check if primary mstb is null (bsc#1051510).
- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).
- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).
- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).
- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915/glk: Remove 99% limitation (bsc#1051510).
- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).
- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).
- drm/i915: Mark pin flags as u64 (bsc#1051510).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).
- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/meson: add support for 1080p25 mode (bsc#1051510).
- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).
- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).
- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).
- EDAC: Raise the maximum number of memory controllers (bsc#1113780).
- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).
- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- Enable LSPCON instead of blindly disabling HDMI
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).
- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).
- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).
- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).
- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).
- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).
- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).
- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).
- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).
- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).
- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- fbdev: fix broken menu dependencies (bsc#1113722)
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).
- firmware: dcdbas: include linux/io.h (bsc#1089350).
- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).
- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).
- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).
- fscache: fix race between enablement and dropping of object (bsc#1107385).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fs: Make extension of struct super_block transparent (bsc#1117822).
- fsnotify: Fix busy inodes during unmount (bsc#1117822).
- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).
- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).
- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).
- ftrace: Remove incorrect setting of glob search field (bsc#1117184).
- genirq: Fix race on spurious interrupt detection (bsc#1051510).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).
- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).
- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- HID: hiddev: fix potential Spectre v1 (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).
- hv: avoid crash in vmbus sysfs files (bnc#1108377).
- hv_netvsc: fix schedule in RCU context ().
- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).
- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).
- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).
- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).
- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).
- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).
- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).
- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).
- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).
- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).
- hwrng: core - document the quality field (bsc#1051510).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- ibmvnic: fix accelerated VLAN handling ().
- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).
- ibmvnic: remove ndo_poll_controller ().
- ibmvnic: Update driver queues after change in ring size support ().
- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).
- iio: ad5064: Fix regulator handling (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- iio:st_magn: Fix enable device after trigger (bsc#1051510).
- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).
- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).
- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).
- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- Input: atakbd - fix Atari keymap (bsc#1051510).
- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).
- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).
- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).
- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).
- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).
- Input: xpad - fix some coding style issues (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).
- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).
- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).
- ipmi: Fix timer race with module unload (bsc#1051510).
- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).
- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).
- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).
- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).
- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).
- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).
- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).
- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).
- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).
- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).
- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).
- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).
- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).
- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- KABI fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
- KABI: mask raw in struct bpf_reg_state (bsc#1083647).
- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- KABI: powerpc: Revert npu callback signature change (bsc#1055120).
- KABI: protect struct fib_nh_exception (kabi).
- KABI: protect struct rtable (kabi).
- KABI/severities: ignore __xive_vm_h_* KVM internal symbols.
- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).
- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).
- KVM: Make VM ioctl do valloc for some archs (bsc#1111506).
- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).
- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).
- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).
- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).
- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
- KVM/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- KVM: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).
- libceph: fall back to sendmsg for slab pages (bsc#1118316).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).
- libnvdimm, badrange: remove a WARN for list_empty (bsc#1112128).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).
- libnvdimm: Introduce locked DIMM capacity support (bsc#1112128).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm: move poison list functions to a new 'badrange' file (bsc#1112128).
- libnvdimm/nfit_test: add firmware download emulation (bsc#1112128).
- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#1112128).
- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).
- libnvdimm, testing: Add emulation for smart injection commands (bsc#1112128).
- libnvdimm, testing: update the default smart ctrl_temperature (bsc#1112128).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- livepatch: create and include UAPI headers ().
- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Always report TX status (bsc#1051510).
- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).
- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- mach64: fix display corruption on big endian machines (bsc#1113722)
- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)
- mailbox: PCC: handle parse error (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- md: allow metadata updates while suspending an array - fix (git-fixes).
- MD: fix invalid stored role for a disk - try2 (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).
- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).
- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).
- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).
- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: rework memcg kernel stack accounting (bnc#1113677).
- modpost: ignore livepatch unresolved relocations ().
- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).
- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).
- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).
- move changes without Git-commit out of sorted section
- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).
- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).
- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).
- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).
- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).
- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).
- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).
- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).
- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).
- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).
- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).
- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).
- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).
- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).
- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).
- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).
- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).
- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).
- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).
- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).
- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).
- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).
- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).
- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).
- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).
- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).
- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).
- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).
- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).
- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).
- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).
- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).
- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).
- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).
- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).
- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).
- net: ibm: fix return type of ndo_start_xmit function ().
- net/ibmnvic: Fix deadlock problem in reset ().
- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).
- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).
- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).
- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).
- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).
- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).
- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).
- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).
- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).
- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).
- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).
- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).
- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).
- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).
- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).
- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).
- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).
- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).
- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).
- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).
- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).
- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).
- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).
- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).
- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).
- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).
- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).
- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).
- net: socket: fix a missing-check bug (networking-stable-18_11_02).
- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).
- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).
- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).
- net: systemport: Protect stop from timeout (networking-stable-18_11_21).
- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).
- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- nfit_test: add error injection DSMs (bsc#1112128).
- nfit_test: fix buffer overrun, add sanity check (bsc#1112128).
- nfit_test: improve structure offset handling (bsc#1112128).
- nfit_test: prevent parsing error of nfit_test.0 (bsc#1112128).
- nfit_test: when clearing poison, also remove badrange entries (bsc#1112128).
- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).
- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
- NFS: Avoid RCU usage in tracepoints (git-fixes).
- NFS: commit direct writes even if they fail partially (git-fixes).
- nfsd4: permit layoutget of executable-only files (git-fixes).
- nfsd: check for use of the closed special stateid (git-fixes).
- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).
- nfsd: deal with revoked delegations appropriately (git-fixes).
- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).
- nfsd: Fix another OPEN stateid race (git-fixes).
- nfsd: fix corrupted reply to badly ordered compound (git-fixes).
- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).
- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).
- NFS: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).
- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).
- NFS: Ensure we commit after writeback is complete (bsc#1111809).
- NFS: Fix an incorrect type in struct nfs_direct_req (git-fixes).
- NFS: Fix a typo in nfs_rename() (git-fixes).
- NFS: Fix typo in nomigration mount option (git-fixes).
- NFS: Fix unstable write completion (git-fixes).
- NFSv4.0 fix client reference leak in callback (git-fixes).
- NFSv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).
- NFSv4.1 fix infinite loop on I/O (git-fixes).
- NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).
- NFSv4.1: Fix up replays of interrupted requests (git-fixes).
- NFSv4: Fix a typo in nfs41_sequence_process (git-fixes).
- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).
- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).
- nospec: Include <asm/barrier.h> dependency (bsc#1114279).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- nvme: Free ctrl device name on init failure ().
- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).
- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).
- ocfs2: fix ocfs2 read block panic (bsc#1117815).
- ocfs2: free up write context when direct IO failed (bsc#1117821).
- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).
- of: add helper to lookup compatible child node (bsc#1106110)
- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).
- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- PCI: hv: Use effective affinity mask (bsc#1109772).
- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).
- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).
- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).
- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).
- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).
- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).
- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).
- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).
- perf: fix invalid bit in diagnostic entry (git-fixes).
- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).
- pinctrl: meson: fix pinconf bias disable (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).
- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).
- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).
- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).
- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).
- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).
- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).
- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).
- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).
- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/mm: Fix typo in comments (bsc#1065729).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).
- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).
- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).
- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).
- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).
- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).
- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).
- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).
- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).
- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).
- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- provide linux/set_memory.h (bsc#1113295).
- ptp: fix Spectre v1 vulnerability (bsc#1051510).
- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).
- pxa168fb: prepare the clock (bsc#1051510).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).
- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- r8169: fix NAPI handling under high load (networking-stable-18_11_02).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- random: rate limit unseeded randomness warnings (git-fixes).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rds: fix two RCU related problems (networking-stable-18_09_18).
- README: Clean-up trailing whitespace
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).
- rename a hv patch to reduce conflicts in -AZURE
- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).
- reset: imx7: Fix always writing bits as 0 (bsc#1051510).
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).
- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).
- Revert 'rpm/kernel-binary.spec.in: allow unsupported modules for -extra'
- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).
- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).
- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).
- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).
- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).
- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).
- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).
- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).
- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).
- s390/qeth: handle failure on workqueue creation (git-fixes).
- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).
- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).
- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).
- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).
- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).
- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).
- sched/numa: Limit the conditions where scan period is reset ().
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).
- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).
- scsi: lpfc: add Trunking support (bsc#1114015).
- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).
- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).
- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).
- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).
- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).
- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).
- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).
- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).
- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).
- scsi: lpfc: Fix errors in log messages (bsc#1114015).
- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).
- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).
- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).
- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).
- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).
- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).
- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).
- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).
- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).
- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).
- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).
- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).
- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).
- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).
- scsi: sg: fix minor memory leak in error path (bsc#1114584).
- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).
- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).
- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).
- scsi: target: tcmu: add read length support (bsc#1097755).
- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).
- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).
- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).
- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).
- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).
- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- skip LAYOUTRETURN if layout is invalid (git-fixes).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- staging:iio:ad7606: fix voltage scales (bsc#1051510).
- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).
- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).
- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).
- sunrpc: Do not use stack buffer with scatterlist (git-fixes).
- sunrpc: Fix rpc_task_begin trace point (git-fixes).
- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).
- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).
- test_firmware: fix error return getting clobbered (bsc#1051510).
- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).
- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).
- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).
- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).
- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).
- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).
- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#1112128).
- tools/testing/nvdimm: allow custom error code injection (bsc#1112128).
- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#1112128).
- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#1112128).
- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#1112128).
- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#1112128).
- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#1112128).
- tools/testing/nvdimm: improve emulation of smart injection (bsc#1112128).
- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#1112128).
- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#1112128).
- tools/testing/nvdimm: smart alarm/threshold control (bsc#1112128).
- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#1112128).
- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#1112128).
- tools/testing/nvdimm: unit test clear-error commands (bsc#1112128).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).
- tpm: add retry logic (bsc#1082555).
- tpm: consolidate the TPM startup code (bsc#1082555).
- tpm: do not suspend/resume if power stays on (bsc#1082555).
- tpm: fix intermittent failure with self tests (bsc#1082555).
- tpm: fix response size validation in tpm_get_random() (bsc#1082555).
- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).
- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).
- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).
- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).
- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).
- tpm: Restore functionality to xen vtpm driver (bsc#1082555).
- tpm: self test failure should not cause suspend to fail (bsc#1082555).
- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).
- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).
- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).
- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).
- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).
- tracing: Erase irqsoff trace with empty write (bsc#1117189).
- tty: check name length in tty_find_polling_driver() (bsc#1051510).
- tty: Do not block on IO when ldisc change is pending (bnc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).
- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).
- tty: wipe buffer (bsc#1051510).
- tty: wipe buffer if not echoing data (bsc#1051510).
- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).
- tuntap: fix multiqueue rx (networking-stable-18_11_21).
- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).
- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).
- udp6: fix encap return code for resubmitting (git-fixes).
- uio: ensure class is registered before devices (bsc#1051510).
- uio: Fix an Oops on load (bsc#1051510).
- uio: make symbol 'uio_class_registered' static (bsc#1051510).
- Update config files. Enabled ENA (Amazon network driver) for arm64.
- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: core: Fix hub port connection events lost (bsc#1051510).
- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).
- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).
- usb: dwc3: core: Clean up ULPI device (bsc#1051510).
- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).
- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).
- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).
- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).
- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).
- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).
- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).
- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).
- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).
- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).
- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).
- usb: serial: option: drop redundant interface-class test (bsc#1051510).
- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).
- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- Use upstream version of pci-hyperv patch (35a88a1)
- VFS: close race between getcwd() and d_move() (git-fixes).
- VFS: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vhost: Fix Spectre V1 vulnerability (bsc#1051510).
- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).
- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).
- VMCI: Resource wildcard match fixed (bsc#1051510).
- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).
- x86/eisa: Add missing include (bsc#1110006).
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).
- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).
- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).
- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).
- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).
- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#1112128).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/speculation: Support Enhanced IBRS on future CPUs ().
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).
- xen/balloon: Support xend-based toolstack (bnc#1065600).
- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).
- xen: fix race in xen_qlock_wait() (bnc#1107256).
- xen: fix xen_qlock_wait() (bnc#1107256).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).
- xen: make xen_qlock_wait() nestable (bnc#1107256).
- xen/netfront: do not bug in case of too many frags (bnc#1104824).
- xen/pvh: do not try to unplug emulated devices (bnc#1065600).
- xen/pvh: increase early stack size (bnc#1065600).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).
- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).
- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).
- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).
- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).
- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).
Patchnames
SUSE-SLE-Live-Patching-12-SP4-2018-2894
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-19824: A local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c (bnc#1118152).\n- CVE-2018-18281: The mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removed entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry could remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. (bnc#1113769).\n- CVE-2018-18710: An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bnc#1113751).\n- CVE-2018-18445: Faulty computation of numeric bounds in the BPF verifier permitted out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omitted use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- ACPI/APEI: Handle GSIV and GPIO notification types (bsc#1115567).\n- ACPICA: Tables: Add WSMT support (bsc#1089350).\n- ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value (bsc#1051510).\n- ACPI / LPSS: Add alternative ACPI HIDs for Cherry Trail DMA controllers (bsc#1051510).\n- ACPI, nfit: Fix ARS overflow continuation (bsc#1116895).\n- ACPI, nfit: Prefer _DSM over _LSR for namespace label reads (bsc#1112128).\n- ACPI/nfit, x86/mce: Handle only uncorrectable machine checks (bsc#1114279).\n- ACPI/nfit, x86/mce: Validate a MCE's address before using it (bsc#1114279).\n- ACPI / platform: Add SMB0001 HID to forbidden_id_list (bsc#1051510).\n- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- ACPI / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (bsc#1051510).\n- act_ife: fix a potential use-after-free (networking-stable-18_09_11).\n- Add the cherry-picked dup id for PCI dwc fix\n- Add version information to KLP_SYMBOLS file\n- ALSA: ac97: Fix incorrect bit shift at AC97-SPSA control write (bsc#1051510).\n- ALSA: ca0106: Disable IZD on SB0570 DAC to fix audio pops (bsc#1051510).\n- ALSA: control: Fix race between adding and removing a user element (bsc#1051510).\n- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add ASRock N68C-S UCC the power_save blacklist (bsc#1051510).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- ALSA: hda/ca0132 - Call pci_iounmap() instead of iounmap() (bsc#1051510).\n- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- ALSA: hda: fix unused variable warning (bsc#1051510).\n- ALSA: hda/realtek - Add auto-mute quirk for HP Spectre x360 laptop (bsc#1051510).\n- ALSA: hda/realtek - Add GPIO data update helper (bsc#1051510).\n- ALSA: hda/realtek - Allow skipping spec->init_amp detection (bsc#1051510).\n- ALSA: hda/realtek - fix headset mic detection for MSI MS-B171 (bsc#1051510).\n- ALSA: hda/realtek - Fix HP Headset Mic can't record (bsc#1051510).\n- ALSA: hda/realtek - fix the pop noise on headphone for lenovo laptops (bsc#1051510).\n- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- ALSA: hda/realtek - Manage GPIO bits commonly (bsc#1051510).\n- ALSA: hda/realtek - Simplify Dell XPS13 GPIO handling (bsc#1051510).\n- ALSA: hda/realtek - Support ALC300 (bsc#1051510).\n- ALSA: oss: Use kvzalloc() for local buffer allocations (bsc#1051510).\n- ALSA: sparc: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- ALSA: usb-audio: Add vendor and product name for Dell WD19 Dock (bsc#1051510).\n- ALSA: usb-audio: update quirk for B&W PX to remove microphone (bsc#1051510).\n- ALSA: wss: Fix invalid snd_free_pages() at error path (bsc#1051510).\n- amd/iommu: Fix Guest Virtual APIC Log Tail Address Register (bsc#1106105).\n- arm64: KVM: Move CPU ID reg trap setup off the world switch path (bsc#1110998).\n- arm64: KVM: Sanitize PSTATE.M when being set from userspace (bsc#1110998).\n- arm64: KVM: Tighten guest core register access from userspace (bsc#1110998).\n- ARM: dts: at91: add new compatibility string for macb on sama5d3 (bsc#1051510).\n- ASoC: dwc: Added a quirk DW_I2S_QUIRK_16BIT_IDX_OVERRIDE to dwc (bsc#1085535)\n- ASoC: Intel: cht_bsw_max98090: add support for Baytrail (bsc#1051510).\n- ASoC: intel: cht_bsw_max98090_ti: Add quirk for boards using pmc_plt_clk_0 (bsc#1051510).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: sun8i-codec: fix crash on module removal (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- ata: Fix racy link clearance (bsc#1107866).\n- ataflop: fix error handling during setup (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: schedule hardware restart if WMI command times out (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Expand merged fragment buffer for full packet (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- batman-adv: Use explicit tvlv padding for ELP packets (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- bitops: protect variables in bit_clear_unless() macro (bsc#1051510).\n- bitops: protect variables in set_mask_bits() macro (bsc#1051510).\n- Blacklist commit that modifies Scsi_Host/kabi (bsc#1114579)\n- Blacklist sd_zbc patch that is too invasive (bsc#1114583)\n- Blacklist virtio patch that uses bio_integrity_bytes() (bsc#1114585)\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: copy ioprio in __bio_clone_fast() (bsc#1082653).\n- block: respect virtual boundary mask in bvecs (bsc#1113412).\n- Bluetooth: btbcm: Add entry for BCM4335C0 UART bluetooth (bsc#1051510).\n- Bluetooth: SMP: fix crash in unpairing (bsc#1051510).\n- bnxt_en: Fix TX timeout during netpoll (networking-stable-18_10_16).\n- bnxt_en: free hwrm resources, if driver probe fails (networking-stable-18_10_16).\n- bonding: avoid possible dead-lock (networking-stable-18_10_16).\n- bonding: fix length of actor system (networking-stable-18_11_02).\n- bonding: fix warning message (networking-stable-18_10_16).\n- bonding: pass link-local packets to bonding master also (networking-stable-18_10_16).\n- bpf: fix partial copy of map_ptr when dst is scalar (bsc#1083647).\n- bpf, net: add skb_mac_header_len helper (networking-stable-18_09_24).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: wait for running BPF programs when updating map-in-map (bsc#1083647).\n- brcmfmac: fix for proper support of 160MHz bandwidth (bsc#1051510).\n- brcmfmac: fix reporting support for 160 MHz channels (bsc#1051510).\n- brcmutil: really fix decoding channel info for 160 MHz bandwidth (bsc#1051510).\n- bridge: do not add port to router list when receives query with source 0.0.0.0 (networking-stable-18_11_02).\n- Btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- Btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- Btrfs: fix assertion failure during fsync in no-holes mode (bsc#1118136).\n- Btrfs: fix assertion on fsync of regular file when using no-holes feature (bsc#1118137).\n- Btrfs: fix cur_offset in the error case for nocow (bsc#1118140).\n- Btrfs: fix data corruption due to cloning of eof block (bsc#1116878).\n- Btrfs: fix deadlock on tree root leaf when finding free extent (bsc#1116876).\n- Btrfs: fix deadlock when writing out free space caches (bsc#1116700).\n- Btrfs: fix infinite loop on inode eviction after deduplication of eof block (bsc#1116877).\n- Btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- Btrfs: fix null pointer dereference on compressed write path error (bsc#1116698).\n- Btrfs: fix use-after-free during inode eviction (bsc#1116701).\n- Btrfs: fix use-after-free when dumping free space (bsc#1116862).\n- Btrfs: fix warning when replaying log after fsync of a tmpfile (bsc#1116692).\n- Btrfs: fix wrong dentries after fsync of file that got its parent replaced (bsc#1116693).\n- Btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- Btrfs: make sure we create all new block groups (bsc#1116699).\n- Btrfs: protect space cache inode alloc with GFP_NOFS (bsc#1116863).\n- Btrfs: send, fix infinite loop due to directory rename dependencies (bsc#1118138).\n- cachefiles: fix the race between cachefiles_bury_object() and rmdir(2) (bsc#1051510).\n- can: dev: __can_get_echo_skb(): Do not crash the kernel if can_priv::echo_skb is accessed out of bounds (bsc#1051510).\n- can: dev: can_get_echo_skb(): factor out non sending code to __can_get_echo_skb() (bsc#1051510).\n- can: dev: __can_get_echo_skb(): print error message, if trying to echo non existing skb (bsc#1051510).\n- can: dev: __can_get_echo_skb(): replace struct can_frame by canfd_frame to access frame length (bsc#1051510).\n- can: hi311x: Use level-triggered interrupt (bsc#1051510).\n- can: raw: check for CAN FD capable netdev in raw_sendmsg() (bsc#1051510).\n- can: rcar_can: Fix erroneous registration (bsc#1051510).\n- can: rx-offload: introduce can_rx_offload_get_echo_skb() and can_rx_offload_queue_sorted() functions (bsc#1051510).\n- cdc-acm: correct counting of UART states in serial state notification (bsc#1051510).\n- cdc-acm: do not reset notification buffer index upon urb unlinking (bsc#1051510).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- ceph: fix dentry leak in ceph_readdir_prepopulate (bsc#1114839).\n- ceph: quota: fix null pointer dereference in quota check (bsc#1114839).\n- cfg80211: Address some corner cases in scan result channel updating (bsc#1051510).\n- cfg80211: fix use-after-free in reg_process_hint() (bsc#1051510).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- clk: at91: Fix division by zero in PLL recalc_rate() (bsc#1051510).\n- clk: fixed-factor: fix of_node_get-put imbalance (bsc#1051510).\n- clk: fixed-rate: fix of_node_get-put imbalance (bsc#1051510).\n- clk: mmp2: fix the clock id for sdh2_clk and sdh3_clk (bsc#1051510).\n- clk: rockchip: Fix static checker warning in rockchip_ddrclk_get_parent call (bsc#1051510).\n- clk: s2mps11: Add used attribute to s2mps11_dt_match (bsc#1051510).\n- clk: s2mps11: Fix matching when built as module and DT node contains compatible (bsc#1051510).\n- clk: samsung: exynos5420: Enable PERIS clocks for suspend (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clockevents/drivers/i8253: Add support for PIT shutdown quirk (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- configfs: replace strncpy with memcpy (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: simd - correctly take reqsize of wrapped skcipher into account (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- Documentation/l1tf: Fix typos (bsc#1051510).\n- Documentation/l1tf: Remove Yonah processors from not vulnerable list (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- driver/dma/ioat: Call del_timer_sync() without holding prep_lock (bsc#1051510).\n- drm/amdgpu: add missing CHIP_HAINAN in amdgpu_ucode_get_load_type (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/ast: change resolution may cause screen blurred (boo#1112963).\n- drm/ast: fixed cursor may disappear sometimes (bsc#1051510).\n- drm/ast: Fix incorrect free on ioregs (bsc#1051510).\n- drm/ast: Remove existing framebuffers before loading driver (boo#1112963)\n- drm/dp_mst: Check if primary mstb is null (bsc#1051510).\n- drm/dp_mst: Skip validating ports during destruction, just ref (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for BOE panel in HP Pavilion 15-n233sl (bsc#1113722)\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm: fb-helper: Reject all pixel format changing requests (bsc#1113722)\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915: Do not oops during modeset shutdown after lpe audio deinit (bsc#1051510).\n- drm/i915: Do not unset intel_connector->mst_port (bsc#1051510).\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n- drm/i915/execlists: Force write serialisation into context image vs execution (bsc#1051510).\n- drm/i915: Fix ilk+ watermarks when disabling pipes (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915/glk: Remove 99% limitation (bsc#1051510).\n- drm/i915/hdmi: Add HDMI 2.0 audio clock recovery N values (bsc#1051510).\n- drm/i915: Large page offsets for pread/pwrite (bsc#1051510).\n- drm/i915: Mark pin flags as u64 (bsc#1051510).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm/i915: Skip vcpi allocation for MSTB ports that are gone (bsc#1051510).\n- drm/i915: Write GPU relocs harder with gen3 (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/meson: add support for 1080p25 mode (bsc#1051510).\n- drm/meson: Enable fast_io in meson_dw_hdmi_regmap_config (bsc#1051510).\n- drm/meson: Fix OOB memory accesses in meson_viu_set_osd_lut() (bsc#1051510).\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau: Check backlight IDs are >= 0, not > 0 (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/omap: fix memory barrier bug in DMM driver (bsc#1051510).\n- drm/rockchip: Allow driver to be shutdown on reboot/kexec (bsc#1051510).\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- EDAC, {i7core,sb,skx}_edac: Fix uncorrected error counting (bsc#1114279).\n- EDAC: Raise the maximum number of memory controllers (bsc#1113780).\n- EDAC, skx_edac: Fix logical channel intermediate decoding (bsc#1114279).\n- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- Enable LSPCON instead of blindly disabling HDMI\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: add missing brelse() add_new_gdb_meta_bg()'s error path (bsc#1117795).\n- ext4: add missing brelse() in set_flexbg_block_bitmap()'s error path (bsc#1117794).\n- ext4: add missing brelse() update_backups()'s error path (bsc#1117796).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid buffer leak in ext4_orphan_add() after prior errors (bsc#1117802).\n- ext4: avoid buffer leak on shutdown in ext4_mark_iloc_dirty() (bsc#1117801).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: avoid potential extra brelse in setup_new_flex_group_blocks() (bsc#1117792).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix buffer leak in __ext4_read_dirblock() on error path (bsc#1117807).\n- ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (bsc#1117806).\n- ext4: fix missing cleanup if ext4_alloc_flex_bg_array() fails while resizing (bsc#1117798).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix possible inode leak in the retry loop of ext4_resize_fs() (bsc#1117799).\n- ext4: fix possible leak of sbi->s_group_desc_leak in error path (bsc#1117803).\n- ext4: fix possible leak of s_journal_flag_rwsem in error path (bsc#1117804).\n- ext4: fix setattr project check in fssetxattr ioctl (bsc#1117789).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: fix use-after-free race in ext4_remount()'s error path (bsc#1117791).\n- ext4: initialize retries variable in ext4_da_write_inline_data_begin() (bsc#1117788).\n- ext4: propagate error from dquot_initialize() in EXT4_IOC_FSSETXATTR (bsc#1117790).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: release bs.bh before re-using in ext4_xattr_block_find() (bsc#1117805).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev: fix broken menu dependencies (bsc#1113722)\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware: dcdbas: Add support for WSMT ACPI table (bsc#1089350 ).\n- firmware: dcdbas: include linux/io.h (bsc#1089350).\n- Fix kABI for 'Ensure we commit after writeback is complete' (bsc#1111809).\n- floppy: fix race condition in __floppy_read_block_0() (bsc#1051510).\n- flow_dissector: do not dissect l4 ports for fragments (networking-stable-18_11_21).\n- fscache: fix race between enablement and dropping of object (bsc#1107385).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fs: Make extension of struct super_block transparent (bsc#1117822).\n- fsnotify: Fix busy inodes during unmount (bsc#1117822).\n- fsnotify: fix ignore mask logic in fsnotify() (bsc#1115074).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- ftrace: Fix debug preempt config name in stack_tracer_{en,dis}able (bsc#1117172).\n- ftrace: Fix kmemleak in unregister_ftrace_graph (bsc#1117181).\n- ftrace: Fix memleak when unregistering dynamic ops when tracing disabled (bsc#1117174).\n- ftrace: Remove incorrect setting of glob search field (bsc#1117184).\n- genirq: Fix race on spurious interrupt detection (bsc#1051510).\n- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).\n- gpio: do not free unallocated ida on gpiochip_add_data_with_key() error path (bsc#1051510).\n- grace: replace BUG_ON by WARN_ONCE in exit_net hook (git-fixes).\n- gso_segment: Reset skb->mac_len after modifying network header (networking-stable-18_09_24).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- HID: hiddev: fix potential Spectre v1 (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: fix schedule in RCU context ().\n- hv_netvsc: ignore devices that are not PCI (networking-stable-18_09_11).\n- hwmon: (core) Fix double-free in __hwmon_device_register() (bsc#1051510).\n- hwmon: (ibmpowernv) Remove bogus __init annotations (bsc#1051510).\n- hwmon: (ina2xx) Fix current value calculation (bsc#1051510).\n- hwmon (ina2xx) Fix NULL id pointer in probe() (bsc#1051510).\n- hwmon: (nct6775) Fix potential Spectre v1 (bsc#1051510).\n- hwmon: (pmbus) Fix page count auto-detection (bsc#1051510).\n- hwmon: (pwm-fan) Set fan speed to 0 on suspend (bsc#1051510).\n- hwmon: (raspberrypi) Fix initial notify (bsc#1051510).\n- hwmon: (w83795) temp4_type has writable permission (bsc#1051510).\n- hwrng: core - document the quality field (bsc#1051510).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- ibmvnic: fix accelerated VLAN handling ().\n- ibmvnic: fix index in release_rx_pools (bsc#1115440, bsc#1115433).\n- ibmvnic: remove ndo_poll_controller ().\n- ibmvnic: Update driver queues after change in ring size support ().\n- iio: accel: adxl345: convert address field usage in iio_chan_spec (bsc#1051510).\n- iio: ad5064: Fix regulator handling (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- iio:st_magn: Fix enable device after trigger (bsc#1051510).\n- ima: fix showing large 'violations' or 'runtime_measurements_count' (bsc#1051510).\n- include/linux/pfn_t.h: force '~' to be parsed as an unary operator (bsc#1051510).\n- inet: make sure to grab rcu_read_lock before using ireq->ireq_opt (networking-stable-18_10_16).\n- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- Input: atakbd - fix Atari keymap (bsc#1051510).\n- Input: elan_i2c - add ACPI ID for Lenovo IdeaPad 330-15IGM (bsc#1051510).\n- Input: synaptics - avoid using uninitialized variable when probing (bsc#1051510).\n- Input: xpad - add PDP device id 0x02a4 (bsc#1051510).\n- Input: xpad - add support for Xbox1 PDP Camo series gamepad (bsc#1051510).\n- Input: xpad - avoid using __set_bit() for capabilities (bsc#1051510).\n- Input: xpad - fix some coding style issues (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/arm-smmu: Ensure that page-table updates are visible before TLBI (bsc#1106237).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/ipmmu-vmsa: Fix crash on early domain free (bsc#1106105).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix NULL pointer dereference in prq_event_thread() (bsc#1106105).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- iommu/vt-d: Use memunmap to free memremap (bsc#1106105).\n- ip6_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip6_tunnel: Fix encapsulation layout (networking-stable-18_11_02).\n- ip6_vti: fix a null pointer deference when destroy vti6 tunnel (networking-stable-18_09_11).\n- ipmi: Fix timer race with module unload (bsc#1051510).\n- ip_tunnel: be careful when accessing the inner header (networking-stable-18_10_16).\n- ip_tunnel: do not force DF when MTU is locked (networking-stable-18_11_21).\n- ipv4: lock mtu in fnhe when received PMTU < net.ipv4.route.min_pmtu (networking-stable-18_11_21).\n- ipv4: tcp: send zero IPID for RST and ACK sent in SYN-RECV and TIME-WAIT state (networking-stable-18_09_11).\n- ipv6: Fix PMTU updates for UDP/raw sockets in presence of VRF (networking-stable-18_11_21).\n- ipv6: fix possible use-after-free in ip6_xmit() (networking-stable-18_09_24).\n- ipv6: mcast: fix a use-after-free in inet6_mc_check (networking-stable-18_11_02).\n- ipv6/ndisc: Preserve IPv6 control buffer if protocol error handlers are called (networking-stable-18_11_02).\n- ipv6: take rcu lock in rawv6_send_hdrinc() (networking-stable-18_10_16).\n- iwlwifi: dbg: allow wrt collection before ALIVE (bsc#1051510).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: do not WARN on trying to dump dead firmware (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: check for short GI only for OFDM (bsc#1051510).\n- iwlwifi: mvm: check return value of rs_rate_from_ucode_rate() (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: do not use SAR Geo if basic SAR is not used (bsc#1051510).\n- iwlwifi: mvm: fix BAR seq ctrl reporting (bsc#1051510).\n- iwlwifi: mvm: fix regulatory domain update when the firmware starts (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: mvm: support sta_statistics() even on older firmware (bsc#1051510).\n- iwlwifi: pcie: avoid empty free RB queue (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- KABI fix for 'NFSv4.1: Fix up replays of interrupted requests' (git-fixes).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- KABI: mask raw in struct bpf_reg_state (bsc#1083647).\n- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- KABI: powerpc: Revert npu callback signature change (bsc#1055120).\n- KABI: protect struct fib_nh_exception (kabi).\n- KABI: protect struct rtable (kabi).\n- KABI/severities: ignore __xive_vm_h_* KVM internal symbols.\n- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- kbuild: fix kernel/bounds.c 'W=1' warning (bsc#1051510).\n- kbuild: move '_all' target out of $(KBUILD_SRC) conditional (bsc#1114279).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- kgdboc: Passing ekgdboc to command line causes panic (bsc#1051510).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- KVM: arm/arm64: Introduce vcpu_el1_is_32bit (bsc#1110998).\n- KVM: Make VM ioctl do valloc for some archs (bsc#1111506).\n- KVM: nVMX: Always reflect #NM VM-exits to L1 (bsc#1106240).\n- KVM: nVMX: move check_vmentry_postreqs() call to nested_vmx_enter_non_root_mode() (bsc#1106240).\n- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).\n- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).\n- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).\n- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).\n- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- KVM: s390: vsie: copy wrapping keys to right place (git-fixes).\n- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- KVM: svm: Ensure an IBPB on all affected CPUs when freeing a vmcb (bsc#1114279).\n- KVM: VMX: re-add ple_gap module parameter (bsc#1106240).\n- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall (bsc#1106240).\n- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- KVM/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- KVM: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- libceph: bump CEPH_MSG_MAX_DATA_LEN (bsc#1114839).\n- libceph: fall back to sendmsg for slab pages (bsc#1118316).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- libertas: do not set URB_ZERO_PACKET on IN USB transfer (bsc#1051510).\n- libnvdimm, badrange: remove a WARN for list_empty (bsc#1112128).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: Hold reference on parent while scheduling async init (bsc#1116891).\n- libnvdimm: Introduce locked DIMM capacity support (bsc#1112128).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm: move poison list functions to a new 'badrange' file (bsc#1112128).\n- libnvdimm/nfit_test: add firmware download emulation (bsc#1112128).\n- libnvdimm/nfit_test: adding support for unit testing enable LSS status (bsc#1112128).\n- libnvdimm, region: Fail badblocks listing for inactive regions (bsc#1116899).\n- libnvdimm, testing: Add emulation for smart injection commands (bsc#1112128).\n- libnvdimm, testing: update the default smart ctrl_temperature (bsc#1112128).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- livepatch: create and include UAPI headers ().\n- llc: set SOCK_RCU_FREE in llc_sap_add_socket() (networking-stable-18_11_02).\n- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Always report TX status (bsc#1051510).\n- mac80211: fix TX status reporting for ieee80211s (bsc#1051510).\n- mac80211_hwsim: do not omit multicast announce of first added radio (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: TDLS: fix skb queue/priority assignment (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- mach64: fix display corruption on big endian machines (bsc#1113722)\n- mach64: fix image corruption due to reading accelerator registers (bsc#1113722)\n- mailbox: PCC: handle parse error (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- md: allow metadata updates while suspending an array - fix (git-fixes).\n- MD: fix invalid stored role for a disk - try2 (git-fixes).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- memory_hotplug: cond_resched in __remove_pages (bnc#1114178).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mfd: menelaus: Fix possible race condition and leak (bsc#1051510).\n- mfd: omap-usb-host: Fix dts probe of children (bsc#1051510).\n- mlxsw: spectrum: Fix IP2ME CPU policer configuration (networking-stable-18_11_21).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mmc: dw_mmc-rockchip: correct property names in debug (bsc#1051510).\n- mmc: sdhci-pci-o2micro: Add quirk for O2 Micro dev 0x8620 rev 0x01 (bsc#1051510).\n- mm: handle no memcg case in memcg_kmem_charge() properly (bnc#1113677).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: rework memcg kernel stack accounting (bnc#1113677).\n- modpost: ignore livepatch unresolved relocations ().\n- mount: Do not allow copying MNT_UNBINDABLE|MNT_LOCKED mounts (bsc#1117819).\n- mount: Prevent MNT_DETACH from disconnecting locked mounts (bsc#1117820).\n- mount: Retest MNT_LOCKED in do_umount (bsc#1117818).\n- move changes without Git-commit out of sorted section\n- neighbour: confirm neigh entries when ARP packet is received (networking-stable-18_09_24).\n- net/af_iucv: drop inbound packets with invalid flags (bnc#1113501, LTC#172679).\n- net/af_iucv: fix skb handling on HiperTransport xmit error (bnc#1113501, LTC#172679).\n- net/appletalk: fix minor pointer leak to userspace in SIOCFINDIPDDPRT (networking-stable-18_09_24).\n- net: aquantia: memory corruption on jumbo frames (networking-stable-18_10_16).\n- net: bcmgenet: Poll internal PHY for GENETv5 (networking-stable-18_11_02).\n- net: bcmgenet: protect stop from timeout (networking-stable-18_11_21).\n- net: bcmgenet: use MAC link status for fixed phy (networking-stable-18_09_11).\n- net: bridge: remove ipv6 zero address check in mcast queries (git-fixes).\n- net: dsa: bcm_sf2: Call setup during switch resume (networking-stable-18_10_16).\n- net: dsa: bcm_sf2: Fix unbind ordering (networking-stable-18_10_16).\n- net: ena: add functions for handling Low Latency Queues in ena_com (bsc#1111696 bsc#1117561).\n- net: ena: add functions for handling Low Latency Queues in ena_netdev (bsc#1111696 bsc#1117561).\n- net: ena: change rx copybreak default to reduce kernel memory pressure (bsc#1111696 bsc#1117561).\n- net: ena: complete host info to match latest ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: enable Low Latency Queues (bsc#1111696 bsc#1117561).\n- net: ena: explicit casting and initialization, and clearer error handling (bsc#1111696 bsc#1117561).\n- net: ena: fix auto casting to boolean (bsc#1111696 bsc#1117561).\n- net: ena: fix compilation error in xtensa architecture (bsc#1111696 bsc#1117561).\n- net: ena: fix crash during failed resume from hibernation (bsc#1111696 bsc#1117561).\n- net: ena: fix indentations in ena_defs for better readability (bsc#1111696 bsc#1117561).\n- net: ena: Fix Kconfig dependency on X86 (bsc#1111696 bsc#1117561).\n- net: ena: fix NULL dereference due to untimely napi initialization (bsc#1111696 bsc#1117561).\n- net: ena: fix rare bug when failed restart/resume is followed by driver removal (bsc#1111696 bsc#1117561).\n- net: ena: fix warning in rmmod caused by double iounmap (bsc#1111696 bsc#1117561).\n- net: ena: introduce Low Latency Queues data structures according to ENA spec (bsc#1111696 bsc#1117561).\n- net: ena: limit refill Rx threshold to 256 to avoid latency issues (bsc#1111696 bsc#1117561).\n- net: ena: minor performance improvement (bsc#1111696 bsc#1117561).\n- net: ena: remove ndo_poll_controller (bsc#1111696 bsc#1117561).\n- net: ena: remove redundant parameter in ena_com_admin_init() (bsc#1111696 bsc#1117561).\n- net: ena: update driver version to 2.0.1 (bsc#1111696 bsc#1117561).\n- net: ena: use CSUM_CHECKED device indication to report skb's checksum status (bsc#1111696 bsc#1117561).\n- net: fec: do not dump RX FIFO register when not available (networking-stable-18_11_02).\n- net-gro: reset skb->pkt_type in napi_reuse_skb() (networking-stable-18_11_21).\n- net: hns: fix for unmapping problem when SMMU is on (networking-stable-18_10_16).\n- net: hp100: fix always-true check for link up state (networking-stable-18_09_24).\n- net: ibm: fix return type of ndo_start_xmit function ().\n- net/ibmnvic: Fix deadlock problem in reset ().\n- net/ibmvnic: Fix RTNL deadlock during device reset (bnc#1115431).\n- net: ipmr: fix unresolved entry dumps (networking-stable-18_11_02).\n- net: ipv4: do not let PMTU updates increase route MTU (git-fixes).\n- net/ipv6: Display all addresses in output of /proc/net/if_inet6 (networking-stable-18_10_16).\n- net/ipv6: Fix index counter for unicast addresses in in6_dump_addrs (networking-stable-18_11_02).\n- netlabel: check for IPV4MASK in addrinfo_get (networking-stable-18_10_16).\n- net: macb: do not disable MDIO bus at open/close time (networking-stable-18_09_11).\n- net/mlx5: Check for error in mlx5_attach_interface (networking-stable-18_09_18).\n- net/mlx5e: Fix selftest for small MTUs (networking-stable-18_11_21).\n- net/mlx5e: Set vlan masks for all offloaded TC rules (networking-stable-18_10_16).\n- net/mlx5: E-Switch, Fix memory leak when creating switchdev mode FDB tables (networking-stable-18_09_18).\n- net/mlx5: E-Switch, Fix out of bound access when setting vport rate (networking-stable-18_10_16).\n- net/mlx5: Fix debugfs cleanup in the device init/remove flow (networking-stable-18_09_18).\n- net/mlx5: Fix use-after-free in self-healing flow (networking-stable-18_09_18).\n- net/mlx5: Take only bit 24-26 of wqe.pftype_wq for page fault type (networking-stable-18_11_02).\n- net: mvpp2: Extract the correct ethtype from the skb for tx csum offload (networking-stable-18_10_16).\n- net: mvpp2: fix a txq_done race condition (networking-stable-18_10_16).\n- net/packet: fix packet drop as of virtio gso (networking-stable-18_10_16).\n- net: phy: mdio-gpio: Fix working over slow can_sleep GPIOs (networking-stable-18_11_21).\n- net: qca_spi: Fix race condition in spi transfers (networking-stable-18_09_18).\n- net: qmi_wwan: add Wistron Neweb D19Q1 (bsc#1051510).\n- net: sched: action_ife: take reference to meta module (networking-stable-18_09_11).\n- net/sched: act_pedit: fix dump of extended layered op (networking-stable-18_09_11).\n- net/sched: act_sample: fix NULL dereference in the data path (networking-stable-18_09_24).\n- net: sched: Fix for duplicate class dump (networking-stable-18_11_02).\n- net: sched: Fix memory exposure from short TCA_U32_SEL (networking-stable-18_09_11).\n- net: sched: gred: pass the right attribute to gred_change_table_def() (networking-stable-18_11_02).\n- net: smsc95xx: Fix MTU range (networking-stable-18_11_21).\n- net: socket: fix a missing-check bug (networking-stable-18_11_02).\n- net: stmmac: Fix stmmac_mdio_reset() when building stmmac as modules (networking-stable-18_11_02).\n- net: stmmac: Fixup the tail addr setting in xmit path (networking-stable-18_10_16).\n- net: systemport: Fix wake-up interrupt race during resume (networking-stable-18_10_16).\n- net: systemport: Protect stop from timeout (networking-stable-18_11_21).\n- net: udp: fix handling of CHECKSUM_COMPLETE packets (networking-stable-18_11_02).\n- net/usb: cancel pending work when unbinding smsc75xx (networking-stable-18_10_16).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- nfit_test: add error injection DSMs (bsc#1112128).\n- nfit_test: fix buffer overrun, add sanity check (bsc#1112128).\n- nfit_test: improve structure offset handling (bsc#1112128).\n- nfit_test: prevent parsing error of nfit_test.0 (bsc#1112128).\n- nfit_test: when clearing poison, also remove badrange entries (bsc#1112128).\n- nfp: wait for posted reconfigs when disabling the device (networking-stable-18_09_11).\n- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n- NFS: Avoid RCU usage in tracepoints (git-fixes).\n- NFS: commit direct writes even if they fail partially (git-fixes).\n- nfsd4: permit layoutget of executable-only files (git-fixes).\n- nfsd: check for use of the closed special stateid (git-fixes).\n- nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) (git-fixes).\n- nfsd: deal with revoked delegations appropriately (git-fixes).\n- nfsd: Ensure we check stateid validity in the seqid operation checks (git-fixes).\n- nfsd: Fix another OPEN stateid race (git-fixes).\n- nfsd: fix corrupted reply to badly ordered compound (git-fixes).\n- nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo (git-fixes).\n- nfsd: Fix stateid races between OPEN and CLOSE (git-fixes).\n- NFS: do not wait on commit in nfs_commit_inode() if there were no commit requests (git-fixes).\n- nfsd: restrict rd_maxcount to svc_max_payload in nfsd_encode_readdir (git-fixes).\n- NFS: Ensure we commit after writeback is complete (bsc#1111809).\n- NFS: Fix an incorrect type in struct nfs_direct_req (git-fixes).\n- NFS: Fix a typo in nfs_rename() (git-fixes).\n- NFS: Fix typo in nomigration mount option (git-fixes).\n- NFS: Fix unstable write completion (git-fixes).\n- NFSv4.0 fix client reference leak in callback (git-fixes).\n- NFSv4.1: Fix a potential layoutget/layoutrecall deadlock (git-fixes).\n- NFSv4.1 fix infinite loop on I/O (git-fixes).\n- NFSv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (git-fixes).\n- NFSv4.1: Fix up replays of interrupted requests (git-fixes).\n- NFSv4: Fix a typo in nfs41_sequence_process (git-fixes).\n- nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (bsc#1051510).\n- nl80211: Fix possible Spectre-v1 for NL80211_TXRATE_HT (bsc#1051510).\n- nospec: Include <asm/barrier.h> dependency (bsc#1114279).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvme: Free ctrl device name on init failure ().\n- ocfs2: fix a misuse a of brelse after failing ocfs2_check_dir_entry (bsc#1117817).\n- ocfs2: fix locking for res->tracking and dlm->tracking_list (bsc#1117816).\n- ocfs2: fix ocfs2 read block panic (bsc#1117815).\n- ocfs2: free up write context when direct IO failed (bsc#1117821).\n- ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent (bsc#1117808).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- openvswitch: Fix push/pop ethernet validation (networking-stable-18_11_02).\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- PCI: Add Device IDs for Intel GPU 'spurious interrupt' quirk (bsc#1051510).\n- PCI/ASPM: Do not initialize link state when aspm_disabled is set (bsc#1051510).\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- PCI: dwc: remove duplicate fix References: bsc#1115269 Patch has been already applied by the following commit: 9f73db8b7c PCI: dwc: Fix enumeration end when reaching root subordinate (bsc#1051510)\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- PCI: hv: Use effective affinity mask (bsc#1109772).\n- PCI: imx6: Fix link training status detection in link up check (bsc#1109806).\n- PCI: iproc: Remove PAXC slot check to allow VF support (bsc#1109806).\n- PCI/MSI: Warn and return error if driver enables MSI/MSI-X twice (bsc#1051510).\n- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- PCI: vmd: Assign vector zero to all bridges (bsc#1109806).\n- PCI: vmd: Detach resources after stopping root bus (bsc#1109806).\n- PCI: vmd: White list for fast interrupt handlers (bsc#1109806).\n- pcmcia: Implement CLKRUN protocol disabling for Ricoh bridges (bsc#1051510).\n- percpu: make this_cpu_generic_read() atomic w.r.t. interrupts (bsc#1114279).\n- perf: fix invalid bit in diagnostic entry (git-fixes).\n- pinctrl: at91-pio4: fix has_config check in atmel_pctl_dt_subnode_to_map() (bsc#1051510).\n- pinctrl: meson: fix pinconf bias disable (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix drive strength setting (bsc#1051510).\n- pinctrl: qcom: spmi-mpp: Fix err handling of pmic_mpp_set_mux (bsc#1051510).\n- pinctrl: spmi-mpp: Fix pmic_mpp_config_get() to be compliant (bsc#1051510).\n- pinctrl: ssbi-gpio: Fix pm8xxx_pin_config_get() to be compliant (bsc#1051510).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- platform/x86: acerhdf: Add BIOS entry for Gateway LT31 v1.3307 (bsc#1051510).\n- platform/x86: intel_telemetry: report debugfs failure (bsc#1051510).\n- pNFS: Always free the session slot on error in nfs4_layoutget_handle_exception (git-fixes).\n- pNFS: Do not release the sequence slot until we've processed layoutget on open (git-fixes).\n- pNFS: Prevent the layout header refcount going to zero in pnfs_roc() (git-fixes).\n- powerpc/64s/hash: Do not use PPC_INVALIDATE_ERAT on CPUs before POWER9 (bsc#1065729).\n- powerpc/boot: Fix opal console in boot wrapper (bsc#1065729).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/mm: Fix typo in comments (bsc#1065729).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm/keys: Move pte bits to correct headers (bsc#1078248).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/npu-dma.c: Fix crash after __mmu_notifier_register failure (bsc#1055120).\n- powerpc/perf: Update raw-event code encoding comment for power8 (bsc#1065729).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv: Do not select the cpufreq governors (bsc#1065729).\n- powerpc/powernv: Fix concurrency issue with npu->mmio_atsd_usage (bsc#1055120).\n- powerpc/powernv: Fix opal_event_shutdown() called with interrupts disabled (bsc#1065729).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv/npu: Add lock to prevent race in concurrent context init/destroy (bsc#1055120).\n- powerpc/powernv/npu: Do not explicitly flush nmmu tlb (bsc#1055120).\n- powerpc/powernv/npu: Fix deadlock in mmio_invalidate() (bsc#1055120).\n- powerpc/powernv/npu: Prevent overwriting of pnv_npu2_init_contex() callback parameters (bsc#1055120).\n- powerpc/powernv/npu: Use flush_all_mm() instead of flush_tlb_mm() (bsc#1055120).\n- powerpc/powernv/pci: Work around races in PCI bridge enabling (bsc#1055120).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix DTL buffer registration (bsc#1065729).\n- powerpc/pseries: Fix how we iterate over the DTL entries (bsc#1065729).\n- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n- powerpc/pseries/mobility: Extend start/stop topology update scope (bsc#1116950, bsc#1115709).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- power: supply: max8998-charger: Fix platform data retrieval (bsc#1051510).\n- pppoe: fix reception of frames with no mac header (networking-stable-18_09_24).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- printk: Fix panic caused by passing log_buf_len to command line (bsc#1117168).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- provide linux/set_memory.h (bsc#1113295).\n- ptp: fix Spectre v1 vulnerability (bsc#1051510).\n- pwm: lpss: Release runtime-pm reference from the driver's remove callback (bsc#1051510).\n- pxa168fb: prepare the clock (bsc#1051510).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: apply SET_DTR quirk to the SIMCOM shared device ID (bsc#1051510).\n- qmi_wwan: Support dynamic config on Quectel EP06 (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- r8169: fix NAPI handling under high load (networking-stable-18_11_02).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rds: fix two RCU related problems (networking-stable-18_09_18).\n- README: Clean-up trailing whitespace\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- remoteproc: qcom: Fix potential device node leaks (bsc#1051510).\n- rename a hv patch to reduce conflicts in -AZURE\n- reset: hisilicon: fix potential NULL pointer dereference (bsc#1051510).\n- reset: imx7: Fix always writing bits as 0 (bsc#1051510).\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- Revert 'ceph: fix dentry leak in splice_dentry()' (bsc#1114839).\n- Revert 'powerpc/64: Fix checksum folding in csum_add()' (bsc#1065729).\n- Revert 'rpm/kernel-binary.spec.in: allow unsupported modules for -extra'\n- Revert 'usb: dwc3: gadget: skip Set/Clear Halt when invalid' (bsc#1051510).\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- rtnetlink: Disallow FDB configuration for non-Ethernet device (networking-stable-18_11_02).\n- rtnetlink: fix rtnl_fdb_dump() for ndmsg header (networking-stable-18_10_16).\n- rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096 (networking-stable-18_10_16).\n- s390/cpum_sf: Add data entry sizes to sampling trailer entry (git-fixes).\n- s390/kvm: fix deadlock when killed by oom (bnc#1113501, LTC#172235).\n- s390/mm: Check for valid vma before zapping in gmap_discard (git-fixes).\n- s390/mm: correct allocate_pgste proc_handler callback (git-fixes).\n- s390: qeth_core_mpc: Use ARRAY_SIZE instead of reimplementing its function (bnc#1113501, LTC#172682).\n- s390/qeth: fix HiperSockets sniffer (bnc#1113501, LTC#172953).\n- s390: qeth: Fix potential array overrun in cmd/rc lookup (bnc#1113501, LTC#172682).\n- s390/qeth: handle failure on workqueue creation (git-fixes).\n- s390/qeth: report 25Gbit link speed (bnc#1113501, LTC#172959).\n- s390: revert ELF_ET_DYN_BASE base changes (git-fixes).\n- s390/sclp_tty: enable line mode tty even if there is an ascii console (git-fixes).\n- s390/sthyi: add cache to store hypervisor info (LTC#160415, bsc#1068273).\n- s390/sthyi: add s390_sthyi system call (LTC#160415, bsc#1068273).\n- s390/sthyi: reorganize sthyi implementation (LTC#160415, bsc#1068273).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (bsc#1114578).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: libsas: remove irq save in sas_ata_qc_issue() (bsc#1114580).\n- scsi: lpfc: add support to retrieve firmware logs (bsc#1114015).\n- scsi: lpfc: add Trunking support (bsc#1114015).\n- scsi: lpfc: Correct errors accessing fw log (bsc#1114015).\n- scsi: lpfc: Correct invalid EQ doorbell write on if_type=6 (bsc#1114015).\n- scsi: lpfc: Correct irq handling via locks when taking adapter offline (bsc#1114015).\n- scsi: lpfc: Correct LCB RJT handling (bsc#1114015).\n- scsi: lpfc: Correct loss of fc4 type on remote port address change (bsc#1114015).\n- scsi: lpfc: Correct race with abort on completion path (bsc#1114015).\n- scsi: lpfc: Correct soft lockup when running mds diagnostics (bsc#1114015).\n- scsi: lpfc: Correct speeds on SFP swap (bsc#1114015).\n- scsi: lpfc: fcoe: Fix link down issue after 1000+ link bounces (bsc#1114015).\n- scsi: lpfc: Fix errors in log messages (bsc#1114015).\n- scsi: lpfc: Fix GFT_ID and PRLI logic for RSCN (bsc#1114015).\n- scsi: lpfc: Fix LOGO/PLOGI handling when triggerd by ABTS Timeout event (bsc#1114015).\n- scsi: lpfc: Fix lpfc_sli4_read_config return value check (bsc#1114015).\n- scsi: lpfc: Fix odd recovery in duplicate FLOGIs in point-to-point (bsc#1114015).\n- scsi: lpfc: Implement GID_PT on Nameserver query to support faster failover (bsc#1114015).\n- scsi: lpfc: Raise nvme defaults to support a larger io and more connectivity (bsc#1114015).\n- scsi: lpfc: raise sg count for nvme to use available sg resources (bsc#1114015).\n- scsi: lpfc: reduce locking when updating statistics (bsc#1114015).\n- scsi: lpfc: Remove set but not used variable 'sgl_size' (bsc#1114015).\n- scsi: lpfc: Reset link or adapter instead of doing infinite nameserver PLOGI retry (bsc#1114015).\n- scsi: lpfc: Synchronize access to remoteport via rport (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.7 (bsc#1114015).\n- scsi: lpfc: update driver version to 12.0.0.8 (bsc#1114015).\n- scsi: qlogicpti: Fix an error handling path in 'qpti_sbus_probe()' (bsc#1114581).\n- scsi: scsi_transport_srp: Fix shost to rport translation (bsc#1114582).\n- scsi: sg: fix minor memory leak in error path (bsc#1114584).\n- scsi: sysfs: Introduce sysfs_{un,}break_active_protection() (bsc#1114578).\n- scsi: target: Fix fortify_panic kernel exception (bsc#1114576).\n- scsi: target/tcm_loop: Avoid that static checkers warn about dead code (bsc#1114577).\n- scsi: target: tcmu: add read length support (bsc#1097755).\n- sctp: fix race on sctp_id2asoc (networking-stable-18_11_02).\n- sctp: fix strchange_flags name for Stream Change Event (networking-stable-18_11_21).\n- sctp: hold transport before accessing its asoc in sctp_transport_get_next (networking-stable-18_09_11).\n- sctp: not allow to set asoc prsctp_enable by sockopt (networking-stable-18_11_21).\n- sctp: not increase stream's incnt before sending addstrm_in request (networking-stable-18_11_21).\n- sctp: update dst pmtu with the correct daddr (networking-stable-18_10_16).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- skip LAYOUTRETURN if layout is invalid (git-fixes).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- soc: fsl: qbman: qman: avoid allocating from non existing gen_pool (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soc: ti: QMSS: Fix usage of irq_set_affinity_hint (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- staging:iio:ad7606: fix voltage scales (bsc#1051510).\n- staging: rtl8723bs: Fix the return value in case of error in 'rtw_wx_read32()' (bsc#1051510).\n- staging: vchiq_arm: fix compat VCHIQ_IOC_AWAIT_COMPLETION (bsc#1051510).\n- sunrpc: Allow connect to return EHOSTUNREACH (git-fixes).\n- sunrpc: Do not use stack buffer with scatterlist (git-fixes).\n- sunrpc: Fix rpc_task_begin trace point (git-fixes).\n- sunrpc: Fix tracepoint storage issues with svc_recv and svc_rqst_status (git-fixes).\n- target: fix buffer offset in core_scsi3_pri_read_full_status (bsc1117349).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- tcp: do not restart timewait timer on rst reception (networking-stable-18_09_11).\n- test_firmware: fix error return getting clobbered (bsc#1051510).\n- tg3: Add PHY reset for 5717/5719/5720 in change ring and flow control paths (networking-stable-18_11_21).\n- thermal: bcm2835: enable hwmon explicitly (bsc#1108468).\n- thermal: da9062/61: Prevent hardware access during system suspend (bsc#1051510).\n- thermal: rcar_thermal: Prevent hardware access during system suspend (bsc#1051510).\n- tipc: do not assume linear buffer when reading ancillary data (networking-stable-18_11_21).\n- tipc: fix a missing rhashtable_walk_exit() (networking-stable-18_09_11).\n- tipc: fix flow control accounting for implicit connect (networking-stable-18_10_16).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools/testing/nvdimm: advertise a write cache for nfit_test (bsc#1112128).\n- tools/testing/nvdimm: allow custom error code injection (bsc#1112128).\n- tools/testing/nvdimm: disable labels for nfit_test.1 (bsc#1112128).\n- tools/testing/nvdimm: enable labels for nfit_test.1 dimms (bsc#1112128).\n- tools/testing/nvdimm: fix missing newline in nfit_test_dimm 'handle' attribute (bsc#1112128).\n- tools/testing/nvdimm: Fix support for emulating controller temperature (bsc#1112128).\n- tools/testing/nvdimm: force nfit_test to depend on instrumented modules (bsc#1112128).\n- tools/testing/nvdimm: improve emulation of smart injection (bsc#1112128).\n- tools/testing/nvdimm: kaddr and pfn can be NULL to ->direct_access() (bsc#1112128).\n- tools/testing/nvdimm: Make DSM failure code injection an override (bsc#1112128).\n- tools/testing/nvdimm: smart alarm/threshold control (bsc#1112128).\n- tools/testing/nvdimm: stricter bounds checking for error injection commands (bsc#1112128).\n- tools/testing/nvdimm: support nfit_test_dimm attributes under nfit_test.1 (bsc#1112128).\n- tools/testing/nvdimm: unit test clear-error commands (bsc#1112128).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tpm2-cmd: allow more attempts for selftest execution (bsc#1082555).\n- tpm: add retry logic (bsc#1082555).\n- tpm: consolidate the TPM startup code (bsc#1082555).\n- tpm: do not suspend/resume if power stays on (bsc#1082555).\n- tpm: fix intermittent failure with self tests (bsc#1082555).\n- tpm: fix response size validation in tpm_get_random() (bsc#1082555).\n- tpm: move endianness conversion of ordinals to tpm_input_header (bsc#1082555).\n- tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header (bsc#1082555).\n- tpm: move the delay_msec increment after sleep in tpm_transmit() (bsc#1082555).\n- tpm: React correctly to RC_TESTING from TPM 2.0 self tests (bsc#1082555).\n- tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers (bsc#1082555).\n- tpm: Restore functionality to xen vtpm driver (bsc#1082555).\n- tpm: self test failure should not cause suspend to fail (bsc#1082555).\n- tpm: tpm-interface: fix tpm_transmit/_cmd kdoc (bsc#1082555).\n- tpm: Trigger only missing TPM 2.0 self tests (bsc#1082555).\n- tpm: Use dynamic delay to wait for TPM 2.0 self test result (bsc#1082555).\n- tpm: use tpm2_pcr_read() in tpm2_do_selftest() (bsc#1082555).\n- tpm: use tpm_buf functions in tpm2_pcr_read() (bsc#1082555).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tracing: Apply trace_clock changes to instance max buffer (bsc#1117188).\n- tracing: Erase irqsoff trace with empty write (bsc#1117189).\n- tty: check name length in tty_find_polling_driver() (bsc#1051510).\n- tty: Do not block on IO when ldisc change is pending (bnc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bnc#1105428).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bnc#1105428).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bnc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bnc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bnc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bnc#1105428).\n- tty: Simplify tty->count math in tty_reopen() (bnc#1105428).\n- tty: wipe buffer (bsc#1051510).\n- tty: wipe buffer if not echoing data (bsc#1051510).\n- tun: Consistently configure generic netdev params via rtnetlink (bsc#1051510).\n- tuntap: fix multiqueue rx (networking-stable-18_11_21).\n- udp4: fix IP_CMSG_CHECKSUM for connected sockets (networking-stable-18_09_24).\n- udp6: add missing checks on edumux packet processing (networking-stable-18_09_24).\n- udp6: fix encap return code for resubmitting (git-fixes).\n- uio: ensure class is registered before devices (bsc#1051510).\n- uio: Fix an Oops on load (bsc#1051510).\n- uio: make symbol 'uio_class_registered' static (bsc#1051510).\n- Update config files. Enabled ENA (Amazon network driver) for arm64.\n- usb: cdc-acm: add entry for Hiro (Conexant) modem (bsc#1051510).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: core: Fix hub port connection events lost (bsc#1051510).\n- usb: dwc2: host: do not delay retries for CONTROL IN transfers (bsc#1114385).\n- usb: dwc2: host: Do not retry NAKed transactions right away (bsc#1114385).\n- usb: dwc3: core: Clean up ULPI device (bsc#1051510).\n- usb: dwc3: gadget: fix ISOC TRB type on unaligned transfers (bsc#1051510).\n- usb: dwc3: gadget: Properly check last unaligned/zero chain TRB (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usb: gadget: storage: Fix Spectre v1 vulnerability (bsc#1051510).\n- usb: gadget: udc: atmel: handle at91sam9rl PMC (bsc#1051510).\n- usb: gadget: u_ether: fix unsafe list iteration (bsc#1051510).\n- usb: host: ohci-at91: fix request of irq for optional gpio (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- usbip:vudc: BUG kmalloc-2048 (Not tainted): Poison overwritten (bsc#1051510).\n- usb: misc: appledisplay: add 20' Apple Cinema Display (bsc#1051510).\n- usbnet: smsc95xx: disable carrier check while suspending (bsc#1051510).\n- usb: omap_udc: fix rejection of out transfers when DMA is used (bsc#1051510).\n- usb: quirks: Add delay-init quirk for Corsair K70 LUX RGB (bsc#1051510).\n- usb: quirks: Add no-lpm quirk for Raydium touchscreens (bsc#1051510).\n- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- usb: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- usb: serial: option: add two-endpoints device-id flag (bsc#1051510).\n- usb: serial: option: drop redundant interface-class test (bsc#1051510).\n- usb: serial: option: improve Quectel EP06 detection (bsc#1051510).\n- usb: xhci: fix timeout for transition from RExit to U0 (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- VFS: close race between getcwd() and d_move() (git-fixes).\n- VFS: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vhost: Fix Spectre V1 vulnerability (bsc#1051510).\n- vhost/scsi: truncate T10 PI iov_iter to prot_bytes (bsc#1051510).\n- virtio_net: avoid using netif_tx_disable() for serializing tx routine (networking-stable-18_11_02).\n- VMCI: Resource wildcard match fixed (bsc#1051510).\n- w1: omap-hdq: fix missing bus unregister at removal (bsc#1051510).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bnc#1112878).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/corruption-check: Fix panic in memory_corruption_check() when boot option without value is provided (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/cpu/vmware: Do not trace vmware_sched_clock() (bsc#1114279).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86, hibernate: Fix nosave_regions setup for hibernation (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/ldt: Remove unused variable in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Split out sanity check in map_ldt_struct() (bsc#1114279).\n- x86/ldt: Unmap PTEs for the slot before freeing LDT pages (bsc#1114279).\n- x86/MCE/AMD: Fix the thresholding machinery initialization order (bsc#1114279).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Make correctable error detection look at the Deferred bit (bsc#1114279).\n- x86/mm/pat: Disable preemption around __flush_tlb_all() (bsc#1114279).\n- x86, nfit_test: Add unit test for memcpy_mcsafe() (bsc#1112128).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/speculation: Support Enhanced IBRS on future CPUs ().\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/xen: Fix boot loader version reported for PVH guests (bnc#1065600).\n- xen/balloon: Support xend-based toolstack (bnc#1065600).\n- xen/blkfront: avoid NULL blkfront_info dereference on device removal (bsc#1111062).\n- xen: fix race in xen_qlock_wait() (bnc#1107256).\n- xen: fix xen_qlock_wait() (bnc#1107256).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen: make xen_qlock_wait() nestable (bnc#1107256).\n- xen/netfront: do not bug in case of too many frags (bnc#1104824).\n- xen/pvh: do not try to unplug emulated devices (bnc#1065600).\n- xen/pvh: increase early stack size (bnc#1065600).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xen-swiotlb: use actually allocated size on check physical continuous (bnc#1065600).\n- xen/x86: add diagnostic printout to xen_mc_flush() in case of error (bnc#1116183).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xfs: Fix error code in 'xfs_ioc_getbmap()' (git-fixes).\n- xfs: Properly detect when DAX won't be used on any device (bsc#1115976).\n- xhci: Add check for invalid byte size error when UAS devices are connected (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n- xhci: Fix leaking USB3 shared_hcd at xhci removal (bsc#1051510).\n- xprtrdma: Do not defer fencing an async RPC's chunks (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Live-Patching-12-SP4-2018-2894", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_4072-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:4072-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20184072-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:4072-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-December/004953.html", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1068273", url: "https://bugzilla.suse.com/1068273", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1078248", url: "https://bugzilla.suse.com/1078248", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1082653", url: "https://bugzilla.suse.com/1082653", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1085535", url: "https://bugzilla.suse.com/1085535", }, { category: "self", summary: "SUSE Bug 1086196", url: "https://bugzilla.suse.com/1086196", }, { category: "self", summary: "SUSE Bug 1089350", url: "https://bugzilla.suse.com/1089350", }, { category: "self", summary: "SUSE Bug 1091800", url: "https://bugzilla.suse.com/1091800", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1097755", url: "https://bugzilla.suse.com/1097755", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1103356", url: "https://bugzilla.suse.com/1103356", }, { category: "self", summary: "SUSE Bug 1103925", url: "https://bugzilla.suse.com/1103925", }, { category: "self", summary: "SUSE Bug 1104124", url: "https://bugzilla.suse.com/1104124", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105428", url: "https://bugzilla.suse.com/1105428", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1107256", url: "https://bugzilla.suse.com/1107256", }, { category: "self", summary: "SUSE Bug 1107385", url: "https://bugzilla.suse.com/1107385", }, { category: "self", summary: "SUSE Bug 1107866", url: "https://bugzilla.suse.com/1107866", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109911", url: "https://bugzilla.suse.com/1109911", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110998", url: "https://bugzilla.suse.com/1110998", }, { category: "self", summary: "SUSE Bug 1111040", url: "https://bugzilla.suse.com/1111040", }, { category: "self", summary: "SUSE Bug 1111062", url: "https://bugzilla.suse.com/1111062", }, { category: "self", summary: "SUSE Bug 1111174", url: "https://bugzilla.suse.com/1111174", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111696", url: "https://bugzilla.suse.com/1111696", }, { category: "self", summary: "SUSE Bug 1111809", url: "https://bugzilla.suse.com/1111809", }, { category: "self", summary: "SUSE Bug 1111921", url: "https://bugzilla.suse.com/1111921", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112128", url: "https://bugzilla.suse.com/1112128", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112173", url: "https://bugzilla.suse.com/1112173", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112221", url: "https://bugzilla.suse.com/1112221", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112878", url: "https://bugzilla.suse.com/1112878", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1112963", url: "https://bugzilla.suse.com/1112963", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE Bug 1113295", url: "https://bugzilla.suse.com/1113295", }, { category: "self", summary: "SUSE Bug 1113408", url: "https://bugzilla.suse.com/1113408", }, { category: "self", summary: "SUSE Bug 1113412", url: "https://bugzilla.suse.com/1113412", }, { category: "self", summary: "SUSE Bug 1113501", url: "https://bugzilla.suse.com/1113501", }, { category: "self", summary: "SUSE Bug 1113667", url: "https://bugzilla.suse.com/1113667", }, { category: "self", summary: "SUSE Bug 1113677", url: "https://bugzilla.suse.com/1113677", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113769", url: "https://bugzilla.suse.com/1113769", }, { category: "self", summary: "SUSE Bug 1113780", url: "https://bugzilla.suse.com/1113780", }, { category: "self", summary: "SUSE Bug 1113972", url: "https://bugzilla.suse.com/1113972", }, { category: "self", summary: "SUSE Bug 1114015", url: "https://bugzilla.suse.com/1114015", }, { category: "self", summary: "SUSE Bug 1114178", url: "https://bugzilla.suse.com/1114178", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 1114385", url: "https://bugzilla.suse.com/1114385", }, { category: "self", summary: "SUSE Bug 1114576", url: "https://bugzilla.suse.com/1114576", }, { category: "self", summary: "SUSE Bug 1114577", url: "https://bugzilla.suse.com/1114577", }, { category: "self", summary: "SUSE Bug 1114578", url: "https://bugzilla.suse.com/1114578", }, { category: "self", summary: "SUSE Bug 1114579", url: "https://bugzilla.suse.com/1114579", }, { category: "self", summary: "SUSE Bug 1114580", url: "https://bugzilla.suse.com/1114580", }, { category: "self", summary: "SUSE Bug 1114581", url: "https://bugzilla.suse.com/1114581", }, { category: "self", summary: "SUSE Bug 1114582", url: "https://bugzilla.suse.com/1114582", }, { category: "self", summary: "SUSE Bug 1114583", url: "https://bugzilla.suse.com/1114583", }, { category: "self", summary: "SUSE Bug 1114584", url: "https://bugzilla.suse.com/1114584", }, { category: "self", summary: "SUSE Bug 1114585", url: "https://bugzilla.suse.com/1114585", }, { category: "self", summary: "SUSE Bug 1114839", url: "https://bugzilla.suse.com/1114839", }, { category: "self", summary: "SUSE Bug 1115074", url: "https://bugzilla.suse.com/1115074", }, { category: "self", summary: "SUSE Bug 1115269", url: "https://bugzilla.suse.com/1115269", }, { category: "self", summary: "SUSE Bug 1115431", url: "https://bugzilla.suse.com/1115431", }, { category: "self", summary: "SUSE Bug 1115433", url: "https://bugzilla.suse.com/1115433", }, { category: "self", summary: "SUSE Bug 1115440", url: "https://bugzilla.suse.com/1115440", }, { category: "self", summary: "SUSE Bug 1115567", url: "https://bugzilla.suse.com/1115567", }, { category: "self", summary: "SUSE Bug 1115709", url: "https://bugzilla.suse.com/1115709", }, { category: "self", summary: "SUSE Bug 1115976", url: "https://bugzilla.suse.com/1115976", }, { category: "self", summary: "SUSE Bug 1116183", url: "https://bugzilla.suse.com/1116183", }, { category: "self", summary: "SUSE Bug 1116692", url: "https://bugzilla.suse.com/1116692", }, { category: "self", summary: "SUSE Bug 1116693", url: "https://bugzilla.suse.com/1116693", }, { category: "self", summary: "SUSE Bug 1116698", url: "https://bugzilla.suse.com/1116698", }, { category: "self", summary: "SUSE Bug 1116699", url: "https://bugzilla.suse.com/1116699", }, { category: "self", summary: "SUSE Bug 1116700", url: "https://bugzilla.suse.com/1116700", }, { category: "self", summary: "SUSE Bug 1116701", url: "https://bugzilla.suse.com/1116701", }, { category: "self", summary: "SUSE Bug 1116862", url: "https://bugzilla.suse.com/1116862", }, { category: "self", summary: "SUSE Bug 1116863", url: "https://bugzilla.suse.com/1116863", }, { category: "self", summary: "SUSE Bug 1116876", url: "https://bugzilla.suse.com/1116876", }, { category: "self", summary: "SUSE Bug 1116877", url: "https://bugzilla.suse.com/1116877", }, { category: "self", summary: "SUSE Bug 1116878", url: "https://bugzilla.suse.com/1116878", }, { category: "self", summary: "SUSE Bug 1116891", url: "https://bugzilla.suse.com/1116891", }, { category: "self", summary: "SUSE Bug 1116895", url: "https://bugzilla.suse.com/1116895", }, { category: "self", summary: "SUSE Bug 1116899", url: "https://bugzilla.suse.com/1116899", }, { category: "self", summary: "SUSE Bug 1116950", url: "https://bugzilla.suse.com/1116950", }, { category: "self", summary: "SUSE Bug 1117168", url: "https://bugzilla.suse.com/1117168", }, { category: "self", summary: "SUSE Bug 1117172", url: "https://bugzilla.suse.com/1117172", }, { category: "self", summary: "SUSE Bug 1117174", url: "https://bugzilla.suse.com/1117174", }, { category: "self", summary: "SUSE Bug 1117181", url: "https://bugzilla.suse.com/1117181", }, { category: "self", summary: "SUSE Bug 1117184", url: "https://bugzilla.suse.com/1117184", }, { category: "self", summary: "SUSE Bug 1117188", url: "https://bugzilla.suse.com/1117188", }, { category: "self", summary: "SUSE Bug 1117189", url: "https://bugzilla.suse.com/1117189", }, { category: "self", summary: "SUSE Bug 1117349", url: "https://bugzilla.suse.com/1117349", }, { category: "self", summary: "SUSE Bug 1117561", url: "https://bugzilla.suse.com/1117561", }, { category: "self", summary: "SUSE Bug 1117788", url: "https://bugzilla.suse.com/1117788", }, { category: "self", summary: "SUSE Bug 1117789", url: "https://bugzilla.suse.com/1117789", }, { category: "self", summary: "SUSE Bug 1117790", url: "https://bugzilla.suse.com/1117790", }, { category: "self", summary: "SUSE Bug 1117791", url: "https://bugzilla.suse.com/1117791", }, { category: "self", summary: "SUSE Bug 1117792", url: "https://bugzilla.suse.com/1117792", }, { category: "self", summary: "SUSE Bug 1117794", url: "https://bugzilla.suse.com/1117794", }, { category: "self", summary: "SUSE Bug 1117795", url: "https://bugzilla.suse.com/1117795", }, { category: "self", summary: "SUSE Bug 1117796", url: "https://bugzilla.suse.com/1117796", }, { category: "self", summary: "SUSE Bug 1117798", url: "https://bugzilla.suse.com/1117798", }, { category: "self", summary: "SUSE Bug 1117799", url: "https://bugzilla.suse.com/1117799", }, { category: "self", summary: "SUSE Bug 1117801", url: "https://bugzilla.suse.com/1117801", }, { category: "self", summary: "SUSE Bug 1117802", url: "https://bugzilla.suse.com/1117802", }, { category: "self", summary: "SUSE Bug 1117803", url: "https://bugzilla.suse.com/1117803", }, { category: "self", summary: "SUSE Bug 1117804", url: "https://bugzilla.suse.com/1117804", }, { category: "self", summary: "SUSE Bug 1117805", url: "https://bugzilla.suse.com/1117805", }, { category: "self", summary: "SUSE Bug 1117806", url: "https://bugzilla.suse.com/1117806", }, { category: "self", summary: "SUSE Bug 1117807", url: "https://bugzilla.suse.com/1117807", }, { category: "self", summary: "SUSE Bug 1117808", url: "https://bugzilla.suse.com/1117808", }, { category: "self", summary: "SUSE Bug 1117815", url: "https://bugzilla.suse.com/1117815", }, { category: "self", summary: "SUSE Bug 1117816", url: "https://bugzilla.suse.com/1117816", }, { category: "self", summary: "SUSE Bug 1117817", url: "https://bugzilla.suse.com/1117817", }, { category: "self", summary: "SUSE Bug 1117818", url: "https://bugzilla.suse.com/1117818", }, { category: "self", summary: "SUSE Bug 1117819", url: "https://bugzilla.suse.com/1117819", }, { category: "self", summary: "SUSE Bug 1117820", url: "https://bugzilla.suse.com/1117820", }, { category: "self", summary: "SUSE Bug 1117821", url: "https://bugzilla.suse.com/1117821", }, { category: "self", summary: "SUSE Bug 1117822", url: "https://bugzilla.suse.com/1117822", }, { category: "self", summary: "SUSE Bug 1118102", url: "https://bugzilla.suse.com/1118102", }, { category: "self", summary: "SUSE Bug 1118136", url: "https://bugzilla.suse.com/1118136", }, { category: "self", summary: "SUSE Bug 1118137", url: "https://bugzilla.suse.com/1118137", }, { category: "self", summary: "SUSE Bug 1118138", url: "https://bugzilla.suse.com/1118138", }, { category: "self", summary: "SUSE Bug 1118140", url: "https://bugzilla.suse.com/1118140", }, { category: "self", summary: "SUSE Bug 1118152", url: "https://bugzilla.suse.com/1118152", }, { category: "self", summary: "SUSE Bug 1118316", url: "https://bugzilla.suse.com/1118316", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-18281 page", url: "https://www.suse.com/security/cve/CVE-2018-18281/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-19824 page", url: "https://www.suse.com/security/cve/CVE-2018-19824/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-12-11T08:24:24Z", generator: { date: "2018-12-11T08:24:24Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:4072-1", initial_release_date: "2018-12-11T08:24:24Z", revision_history: [ { date: "2018-12-11T08:24:24Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", product: { name: "kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", product_id: "kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", product: { name: "kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", product_id: "kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 12 SP4", product: { name: "SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-live-patching:12:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", }, product_reference: "kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, { category: "default_component_of", full_product_name: { name: "kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP4", product_id: "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", }, product_reference: "kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 12 SP4", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-18281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18281", }, ], notes: [ { category: "general", text: "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18281", url: "https://www.suse.com/security/cve/CVE-2018-18281", }, { category: "external", summary: "SUSE Bug 1113769 for CVE-2018-18281", url: "https://bugzilla.suse.com/1113769", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2018-18281", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "low", }, ], title: "CVE-2018-18445", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-19824", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-19824", }, ], notes: [ { category: "general", text: "In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-19824", url: "https://www.suse.com/security/cve/CVE-2018-19824", }, { category: "external", summary: "SUSE Bug 1118152 for CVE-2018-19824", url: "https://bugzilla.suse.com/1118152", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.ppc64le", "SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-1-7.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-12-11T08:24:24Z", details: "moderate", }, ], title: "CVE-2018-19824", }, ], }
suse-su-2018:3961-1
Vulnerability from csaf_suse
Published
2018-11-30 16:43
Modified
2018-11-30 16:43
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 azure kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-9363: Fixed an integer overflow that could have been used for an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation (bsc#1105292).
- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c was fixed in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bsc#1106511).
- CVE-2018-6554: Fixed memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bsc#1106509).
- CVE-2018-18710: An information leak was fixed in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c that could have been used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bsc#1113751).
- CVE-2018-18445: Fixed faulty computation of numeric bounds in the BPF verifier that now permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bsc#1112372).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c was fixed that was vulnerable to sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. (bsc#1108399).
- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c was fixed that could have leed to be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bsc#1107689).
- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c was not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. (bsc#1102517)
- CVE-2018-14633: A security flaw was fixed in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107829).
- CVE-2018-14617: A NULL pointer dereference and panic in hfsplus_lookup() was fixed when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. (bsc#1102870)
- CVE-2018-14613: An invalid pointer dereference in io_ctl_map_page() was fixed when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. (bsc#1102896)
- CVE-2018-13095: A denial of service (memory corruption and BUG) was fixed to prevent a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. (bsc#1099999)
- CVE-2018-13093: A NULL pointer dereference and panic in lookup_slow() on a NULL was fixed to prevent pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. (bsc#1100001)
- CVE-2018-12896: An integer overflow in the POSIX timer code was fixed to prevent overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. (bsc#1099922)
- CVE-2018-1129: The signature calculation was fixed to by the cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. (bsc#1096748)
- CVE-2018-1128: The cephx authentication protocol was fixed to verify ceph clients correctly and to prevent the vulnerability to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could have used this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable (bsc#1096748).
- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c was fixed to prevent local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903).
- CVE-2018-10938: A flaw was fixed how the kernel handled network packet sent remotely by an attacker that may forced the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. (bsc#1106016)
- CVE-2018-10902: The the raw midi kernel driver was fixed to be protected against concurrent access which could have lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bsc#1105322).
- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bsc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bsc#1066674).
The following security bug was previously fixed by has now an assigned CVE number:
- CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
The following non-security bugs were fixed:
- /dev/mem: Add bounce buffer for copy-out (git-fixes).
- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).
- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).
- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).
- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).
- ACPI / APEI: Remove ghes_ioremap_area (bsc#1051510).
- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).
- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).
- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).
- ACPI / PM: save NVS memory for ASUS 1025C laptop (bsc#1051510).
- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).
- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).
- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).
- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).
- ACPICA: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).
- ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path (bsc#1051510).
- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bsc#1051510).
- ALSA: cs46xx: Deliver indirect-PCM transfer error ().
- ALSA: cs5535audio: Fix invalid endian conversion (bsc#1051510).
- ALSA: emu10k1: Deliver indirect-PCM transfer error ().
- ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bsc#1051510).
- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).
- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).
- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).
- ALSA: fireworks: fix memory leak of response buffer at error path (bsc#1051510).
- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).
- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).
- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).
- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).
- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bsc#1051510).
- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bsc#1051510).
- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).
- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).
- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bsc#1051510).
- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bsc#1051510).
- ALSA: hda: fix unused variable warning (bsc#1051510).
- ALSA: memalloc: Do not exceed over the requested size (bsc#1051510).
- ALSA: mips: Deliver indirect-PCM transfer error ().
- ALSA: msnd: Fix the default sample sizes (bsc#1051510).
- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).
- ALSA: oxfw: fix memory leak of private data (bsc#1051510).
- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers ().
- ALSA: pcm: Fix snd_interval_refine first/last with open min/max (bsc#1051510).
- ALSA: pcm: Simplify forward/rewind codes ().
- ALSA: pcm: Use a common helper for PCM state check and hwsync ().
- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ().
- ALSA: rme32: Deliver indirect-PCM transfer error ().
- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bsc#1051510).
- ALSA: usb-audio: update quirk for B W PX to remove microphone (bsc#1051510).
- ALSA: virmidi: Fix too long output trigger loop (bsc#1051510).
- ALSA: vx222: Fix invalid endian conversions (bsc#1051510).
- ALSA: vxpocket: Fix invalid endian conversions (bsc#1051510).
- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).
- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).
- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
- ARM: exynos: Clear global variable on init error path (bsc#1051510).
- ARM: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).
- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).
- ARM: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).
- ARM: imx: flag failure of of_iomap (bsc#1051510).
- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).
- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).
- ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).
- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (bsc#1051510).
- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bsc#1051510).
- ASoC: cs4265: fix MMTLR Data switch control (bsc#1051510).
- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bsc#1051510).
- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).
- ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).
- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).
- ASoC: rsnd: update pointer more accurate (bsc#1051510).
- ASoC: rt5514: Add the I2S ASRC support (bsc#1051510).
- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).
- ASoC: rt5514: Eliminate the noise in the ASRC case (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- ASoC: wm8994: Fix missing break in switch (bsc#1051510).
- Apparmor fixes from git-fixes
- Backport stable-patches for x86 architecture
- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bsc#1051510).
- Bluetooth: Use lock_sock_nested in bt_accept_enqueue (bsc#1051510).
- Bluetooth: avoid killing an already killed socket (bsc#1051510).
- Bluetooth: btsdio: Do not bind to non-removable BCM43430 (bsc#1103587).
- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).
- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).
- Bluetooth: hidp: buffer overflow in hidp_process_report (bsc#1051510).
- Btrfs: fix data corruption when deduplicating between different files (bsc#1110647).
- Btrfs: fix duplicate extents after fsync of file with prealloc extents (bsc#1110644).
- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
- Btrfs: fix fsync after hole punching when using no-holes feature (bsc#1110642).
- Btrfs: fix loss of prealloc extents past i_size after fsync log replay (bsc#1110643).
- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
- Btrfs: fix return value on rename exchange failure (bsc#1110645).
- Btrfs: fix send failure when root has deleted files still open (bsc#1110650).
- Btrfs: rework outstanding_extents (dependency for bsc#1031392).
- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
- Btrfs: sync log after logging new name (bsc#1110646).
- CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- Cleanup out-of-tree subsection
- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).
- Documentation/l1tf: Fix small spelling typo (bsc#1051510).
- Documentation: add some docs for errseq_t (bsc#1107008).
- Documentation: ip-sysctl.txt: document addr_gen_mode (bsc#1051510).
- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).
- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).
- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).
- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).
- Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1051510).
- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).
- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).
- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).
- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).
- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).
- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).
- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).
- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).
- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).
- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).
- Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bsc#1051510).
- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).
- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).
- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).
- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (bsc#1051510).
- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).
- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
- EDAC: Fix memleak in module init error path (bsc#1051510).
- EDAC: Raise the maximum number of memory controllers (bsc#1113780).
- Filesystem and FUSE fixes from upstream
- Fix kexec forbidding kernels signed with keys in the secondary keyring to boot (bsc#1110006).
- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).
- HID: add support for Apple Magic Keyboards (bsc#1051510).
- HID: hid-ntrig: add error handling for sysfs_create_group (bsc#1051510).
- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device ().
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- IB/IPoIB: Set ah valid flag in multicast send flow (bsc#1046307 ).
- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).
- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).
- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).
- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).
- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).
- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).
- IB/mlx4: Test port number before querying type (bsc#1046302 ).
- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).
- IB/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (bsc#1046305).
- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- Input: atakbd - fix Atari keymap (bsc#1051510).
- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).
- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).
- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).
- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).
- Input: elantech - enable middle button of touchpad on ThinkPad P72 (bsc#1051510).
- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).
- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).
- KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).
- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).
- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).
- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).
- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).
- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).
- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).
- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).
- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).
- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).
- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).
- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).
- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).
- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).
- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).
- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).
- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).
- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).
- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).
- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).
- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).
- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).
- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).
- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).
- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).
- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).
- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).
- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).
- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).
- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).
- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).
- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).
- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).
- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).
- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).
- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).
- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).
- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).
- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).
- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).
- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).
- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).
- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).
- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).
- KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() (bsc#1061840, git-fixes).
- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).
- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).
- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).
- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).
- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).
- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).
- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).
- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).
- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).
- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).
- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).
- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).
- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).
- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).
- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).
- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1106240).
- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: VMX: raise internal error for exception during invalid protected mode state (bsc#1110006).
- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- KVM: X86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).
- KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).
- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).
- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).
- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).
- KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).
- KVM: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).
- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).
- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).
- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).
- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).
- KVM: s390: force bp isolation for VSIE (bsc#1103421).
- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).
- KVM: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).
- KVM: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).
- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).
- KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault (bsc#1106240).
- KVM: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240).
- KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
- KVM: x86: Invert emulation re-execute behavior to make it opt-in (bsc#1106240).
- KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE (bsc#1106240).
- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).
- KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).
- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).
- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207).
- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1107207).
- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
- KVM: x86: fix APIC page invalidation (bsc#1106240).
- KVM: x86: fix escape of guest dr6 to the host (bsc#1110006).
- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).
- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).
- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).
- KVM: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).
- Limit kernel-source build to architectures for which we build binaries (bsc#1108281).
- MAINTAINERS: fix location of ina2xx.txt device tree file (bsc#1051510).
- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).
- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands (bsc#1051510).
- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).
- NFC: trf7970a: fix check of clock frequencies (bsc#1051510).
- NFS/filelayout: Fix racy setting of fl->dsaddr in filelayout_check_deviceid() (bsc#1105190).
- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).
- NFS: Use an appropriate work queue for direct-write completion (bsc#1082519).
- NFSv4 client live hangs after live data migration recovery (git-fixes).
- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).
- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).
- Netperf performance issue due to AppArmor net mediation (bsc#1108520)
- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).
- PCI/portdrv: Compute MSI/MSI-X IRQ vectors after final allocation (bsc#1109806).
- PCI/portdrv: Factor out Interrupt Message Number lookup (bsc#1109806).
- PCI: Add PCI resource type mask #define (bsc#1105355).
- PCI: Add pci_resize_resource() for resizing BARs (bsc#1105355).
- PCI: Add resizable BAR infrastructure (bsc#1105355).
- PCI: Allow release of resources that were never assigned (bsc#1105355).
- PCI: Cleanup PCI_REBAR_CTRL_BAR_SHIFT handling (bsc#1105355).
- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).
- PCI: OF: Fix I/O space page leak (git-fixes).
- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).
- PCI: Restore resized BAR state on resume (bsc#1105355).
- PCI: Skip MPS logic for Virtual Functions (VFs) (bsc#1051510).
- PCI: aardvark: Fix I/O space page leak (git-fixes).
- PCI: aardvark: Size bridges before resources allocation (bsc#1109806).
- PCI: designware: Fix I/O space page leak (bsc#1109806).
- PCI: dwc: Fix scheduling while atomic issues (git-fixes).
- PCI: faraday: Add missing of_node_put() (bsc#1109806).
- PCI: faraday: Fix I/O space page leak (bsc#1109806).
- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).
- PCI: hv: Convert remove_lock to refcount (bsc#1107207).
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1107207).
- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).
- PCI: hv: Make sure the bus domain is really unique (git-fixes).
- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).
- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).
- PCI: hv: Use effective affinity mask (bsc#1107207).
- PCI: hv: Use list_for_each_entry() (bsc#1107207).
- PCI: hv: support reporting serial number as slot information (bsc#1107207).
- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).
- PCI: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1051510).
- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).
- PCI: versatile: Fix I/O space page leak (bsc#1109806).
- PCI: xgene: Fix I/O space page leak (bsc#1109806).
- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1109806).
- PCI: xilinx: Add missing of_node_put() (bsc#1109806).
- PM / Domains: Fix error path during attach in genpd (bsc#1051510).
- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).
- PM / core: Clear the direct_complete flag on errors (bsc#1051510).
- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).
- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bsc#1051510).
- PM: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).
- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).
- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).
- RDMA/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).
- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).
- RDMA/uverbs: Expand primary and alt AV port checks (bsc#1046306 ).
- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
- Tools: hv: Fix a bug in the key delete code (bsc#1107207).
- USB: Add quirk to support DJI CineSSD (bsc#1051510).
- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
- USB: cdc-wdm: do not enable interrupts in USB-giveback (bsc#1051510).
- USB: fix error handling in usb_driver_claim_interface() (bsc#1051510).
- USB: handle NULL config in usb_find_alt_setting() (bsc#1051510).
- USB: net2280: Fix erroneous synchronization change (bsc#1051510).
- USB: option: add support for DW5821e (bsc#1051510).
- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).
- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).
- USB: serial: kobil_sct: fix modem-status error handling (bsc#1051510).
- USB: serial: pl2303: add a new device id for ATEN (bsc#1051510).
- USB: serial: sierra: fix potential deadlock at close (bsc#1051510).
- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).
- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).
- USB: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).
- VFS: do not test owner for NFS in set_posix_acl() (bsc#1103405).
- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).
- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).
- X86/Hyper-V: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).
- X86/Hyper-V: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).
- X86/Hyper-V: Consolidate code for converting cpumask to vpset (bsc#1107207).
- X86/Hyper-V: Consolidate the allocation of the hypercall input page (bsc#1107207).
- X86/Hyper-V: Enable IPI enlightenments (bsc#1107207).
- X86/Hyper-V: Enhanced IPI enlightenment (bsc#1107207).
- X86/Hyper-V: Enlighten APIC access (bsc#1107207).
- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
- affs_lookup(): close a race with affs_remove_link() (bsc#1105355).
- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).
- apparmor: Fix regression in profile conflict logic (bsc#1106427)
- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).
- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).
- apparmor: fix mediation of prlimit (bsc#1051510).
- apparmor: fix memory leak when deduping profile load (bsc#1051510).
- apparmor: fix ptrace read check (bsc#1051510).
- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).
- arm/asm/tlb.h: Fix build error implicit func declaration (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).
- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).
- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).
- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).
- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).
- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).
- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).
- arm64: enable thunderx gpio driver
- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).
- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).
- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).
- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).
- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).
- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).
- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).
- arm64: move patches to sorted section
- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).
- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).
- asix: Check for supported Wake-on-LAN modes (bsc#1051510).
- ata: Fix ZBC_OUT all bit handling (bsc#1051510).
- ata: Fix ZBC_OUT command block check (bsc#1051510).
- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).
- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).
- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: prevent active scans on potential unusable channels (bsc#1051510).
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
- ath10k: update the phymode along with bandwidth change request (bsc#1051510).
- ath9k: add MSI support ().
- ath9k: report tx status on EOSP (bsc#1051510).
- ath9k_hw: fix channel maximum power level test (bsc#1051510).
- atm: Preserve value of skb->truesize when accounting to vcc (networking-stable-18_07_19).
- atm: horizon: Fix irq release error (bsc#1105355).
- atm: zatm: Fix potential Spectre v1 (networking-stable-18_07_19).
- atm: zatm: fix memcmp casting (bsc#1105355).
- audit: Fix extended comparison of GID/EGID (bsc#1051510).
- audit: allow not equal op for audit by executable (bsc#1051510).
- audit: fix use-after-free in audit_add_watch (bsc#1051510).
- autofs: fix autofs_sbi() does not check super block type (git-fixes).
- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).
- autofs: mount point create should honour passed in mode (git-fixes).
- ax88179_178a: Check for supported Wake-on-LAN modes (bsc#1051510).
- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).
- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).
- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
- batman-adv: Prevent duplicated global TT entry (bsc#1051510).
- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix I/O significant decline while backend devices registering.
- bcache: fix error setting writeback_rate through sysfs interface.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle.
- bcache: simplify the calculation of the total amount of flash dirty data.
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
- be2net: remove unused old AIC info (bsc#1086288).
- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
- binfmt_elf: Respect error return from `regset->active' (bsc#1051510).
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).
- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).
- block, dax: remove dead code in blkdev_writepages() (bsc#1104888).
- block: Invalidate cache on discard v2 (bsc#1109992).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).
- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
- block: do not print a message when the device went away (bsc#1098459).
- block: do not warn for flush on read-only device (bsc#1107756).
- block: fix warning when I/O elevator is changed as request_queue is being removed (bsc#1109979).
- block: pass inclusive 'lend' parameter to truncate_inode_pages_range (bsc#1109992).
- block: properly protect the 'queue' kobj in blk_unregister_queue (bsc#1109979).
- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
- bnxt_en: Clean up unused functions (bsc#1086282).
- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).
- bnxt_en: Fix VF mac address regression (bsc#1086282 ).
- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).
- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).
- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).
- bpf: fix uninitialized variable in bpf tools (bsc#1083647).
- bpf: hash map: decrement counter on error (bsc#1083647).
- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).
- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).
- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).
- brcmsmac: fix wrap around in conversion from constant to s16 (bsc#1051510).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).
- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).
- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).
- btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392).
- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).
- btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Remove unused parameters from various functions (bsc#1110649).
- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: add a comp_refs() helper (dependency for bsc#1031392).
- btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392).
- btrfs: check-integrity: Fix NULL pointer dereference for degraded mount (bsc#1107947).
- btrfs: cleanup extent locking sequence (dependency for bsc#1031392).
- btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392).
- btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392).
- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).
- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- btrfs: log csums for all modified extents (bsc#1110639).
- btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392).
- btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392).
- btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392).
- btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392).
- btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392).
- btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392).
- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (dependency for bsc#1031392).
- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (dependency for bsc#1031392).
- btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392).
- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependency for bsc#1031392).
- btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392).
- btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392).
- btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392).
- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (dependency for bsc#1031392).
- btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392).
- btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392).
- btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392).
- btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392).
- btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392).
- btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392).
- btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392).
- btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392).
- btrfs: round down size diff when shrinking/growing device (bsc#1097105).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (follow up for bsc#1108096).
- btrfs: scrub: Do not use inode pages for device replace (follow up for bsc#1108096).
- btrfs: switch args for comp_*_refs (dependency for bsc#1031392).
- btrfs: tests/qgroup: Fix wrong tree backref level (bsc#1107928).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- ceph: fix incorrect use of strncpy (bsc#1107319).
- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).
- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bsc#1051510).
- cgroup: avoid copying strings longer than the buffers (bsc#1051510).
- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: check kmalloc before use (bsc#1051510).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).
- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).
- clk: core: Potentially free connection id (bsc#1051510).
- clk: imx6ul: fix missing of_node_put() (bsc#1051510).
- clk: meson: gxbb: remove HHI_GEN_CLK_CTNL duplicate definition (bsc#1051510).
- clk: mvebu: armada-38x: add support for 1866MHz variants (bsc#1105355).
- clk: mvebu: armada-38x: add support for missing clocks (bsc#1105355).
- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).
- clk: rockchip: fix clk_i2sout parent selection bits on rk3399 (bsc#1051510).
- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- coresight: Handle errors in finding input/output ports (bsc#1051510).
- coresight: tpiu: Fix disabling timeouts (bsc#1051510).
- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
- cpufreq / CPPC: Set platform specific transition_delay_us (bsc#1101480).
- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bsc#1108841).
- cpufreq: CPPC: Do not set transition_latency (bsc#1101480).
- cpufreq: CPPC: Use transition_delay_us depending transition_latency (bsc#1101480).
- cpufreq: remove setting of policy->cpu in policy->cpus during init (bsc#1101480).
- crypto: ablkcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: blkcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).
- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).
- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).
- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).
- crypto: ccp - Check for NULL PSP pointer at module unload (bsc#1051510).
- crypto: ccp - Fix command completion detection race (bsc#1051510).
- crypto: ccp - add timeout support in the SEV command (bsc#1106838).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: clarify licensing of OpenSSL asm code ().
- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).
- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
- crypto: sharah - Unregister correct algorithms for SAHARA 3 (bsc#1051510).
- crypto: skcipher - Fix -Wstringop-truncation warnings (bsc#1051510).
- crypto: skcipher - fix aligning block size in skcipher_copy_iv() (bsc#1051510).
- crypto: skcipher - fix crash flushing dcache in error path (bsc#1051510).
- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).
- crypto: vmac - require a block cipher with 128-bit block size (bsc#1051510).
- crypto: vmac - separate tfm and request context (bsc#1051510).
- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).
- crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).
- crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() (bsc#1051510).
- cxgb4: Fix the condition to check if the card is T5 (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).
- cxgb4: fix abort_req_rss6 struct (bsc#1046540).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).
- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- dax: Introduce a ->copy_to_iter dax operation (bsc#1098782).
- dax: Make extension of dax_operations transparent (bsc#1098782).
- dax: Report bytes remaining in dax_iomap_actor() (bsc#1098782).
- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).
- dax: remove default copy_from_iter fallback (bsc#1098782).
- dax: require 'struct page' by default for filesystem dax (bsc#1104888).
- dax: store pfns in the radix (bsc#1104888).
- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- declance: Fix continuation with the adapter identification message (bsc#1051510).
- device-dax: Add missing address_space_operations (bsc#1107783).
- device-dax: Enable page_mapping() (bsc#1107783).
- device-dax: Set page->index (bsc#1107783).
- devicectree: bindings: fix location of leds common file (bsc#1051510).
- dma-buf: remove redundant initialization of sg_table (bsc#1051510).
- dmaengine: hsu: Support dmaengine_terminate_sync() (bsc#1051510).
- dmaengine: idma64: Support dmaengine_terminate_sync() (bsc#1051510).
- dmaengine: mv_xor_v2: kill the tasklets upon exit (bsc#1051510).
- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
- do d_instantiate/unlock_new_inode combinations safely (git-fixes).
- doc/README.SUSE: Remove mentions of cloneconfig (bsc#1103636).
- driver core: add __printf verification to __ata_ehi_pushv_desc (bsc#1051510).
- drivers/base: stop new probing during shutdown (bsc#1051510).
- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).
- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)
- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
- drm/amdgpu: add new polaris pci id (bsc#1051510).
- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).
- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).
- drm/amdgpu: update tmr mc address (bsc#1100132).
- drm/amdgpu:add new firmware id for VCN (bsc#1051510).
- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).
- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).
- drm/armada: fix colorkey mode property (bsc#1051510).
- drm/armada: fix irq handling (bsc#1051510).
- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).
- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).
- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).
- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).
- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).
- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).
- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).
- drm/fb-helper: Fix typo on kerneldoc (bsc#1051510).
- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)
- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)
- drm/i915/aml: Introducing Amber Lake platform ().
- drm/i915/audio: Fix audio enumeration issue on BXT ().
- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)
- drm/i915/cfl: Add a new CFL PCI ID ().
- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).
- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).
- drm/i915/gvt: Off by one in intel_vgpu_write_fence() (bsc#1051510).
- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).
- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).
- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).
- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).
- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).
- drm/i915/whl: Introducing Whiskey Lake platform ().
- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)
- drm/i915: Increase LSPCON timeout (bsc#1051510).
- drm/i915: Nuke the LVDS lid notifier (bsc#1051510).
- drm/i915: Only show debug for state changes when banning (bsc#1051510).
- drm/i915: Restore user forcewake domains across suspend (bsc#1100132).
- drm/i915: Restore vblank interrupts earlier (bsc#1051510).
- drm/i915: Unmask user interrupts writes into HWSP on snb/ivb/vlv/hsw (bsc#1051510).
- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).
- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).
- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).
- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)
- drm/modes: Introduce drm_mode_match() ().
- drm/msm: fix OF child-node lookup (bsc#1106110)
- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).
- drm/nouveau/disp: fix DP disable race (bsc#1051510).
- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).
- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).
- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).
- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).
- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1051510).
- drm/rockchip: lvds: add missing of_node_put (bsc#1051510).
- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).
- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).
- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).
- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)
- drm: Add DRM client cap for aspect-ratio ().
- drm: Add and handle new aspect ratios in DRM layer ().
- drm: Add aspect ratio parsing in DRM layer ().
- drm: Expose modes with aspect ratio, only if requested ().
- drm: Handle aspect ratio info in legacy modeset path ().
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).
- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).
- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)
- enable MLX5 in azure (bsc#1108260)
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- errseq: Add to documentation tree (bsc#1107008).
- errseq: Always report a writeback error once (bsc#1107008).
- ethtool: Remove trailing semicolon for static inline (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
- ext2, dax: introduce ext2_dax_aops (bsc#1104888).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext2: auto disable dax instead of failing mount (bsc#1104888).
- ext4, dax: add ext4_bmap to ext4_dax_aops (bsc#1104888).
- ext4, dax: introduce ext4_dax_aops (bsc#1104888).
- ext4, dax: set ext4_dax_aops for dax files (bsc#1104888).
- ext4: auto disable dax instead of failing mount (bsc#1104888).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).
- extcon: Release locking when sending the notification of connector state (bsc#1051510).
- f2fs: remove unneeded memory footprint accounting (bsc#1106233).
- f2fs: remove unneeded memory footprint accounting (bsc#1106297).
- f2fs: validate before set/clear free nat bitmap (bsc#1106231).
- f2fs: validate before set/clear free nat bitmap (bsc#1106297).
- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).
- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- fbdev/via: fix defined but not used warning (bsc#1051510).
- fbdev: Distinguish between interlaced and progressive modes (bsc#1051510).
- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).
- filesystem-dax: Introduce dax_lock_mapping_entry() (bsc#1107783).
- filesystem-dax: Set page->index (bsc#1107783).
- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).
- firmware: raspberrypi: Register hwmon driver (bsc#1108468).
- fix __legitimize_mnt()/mntput() race (bsc#1106297).
- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).
- fix mntput/mntput race (bsc#1106297).
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
- fs, dax: prepare for dax-specific address_space_operations (bsc#1104888).
- fs, dax: use page->mapping to warn if truncate collides with a busy page (bsc#1104888).
- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).
- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).
- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).
- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).
- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
- fuse: Fix oops at process_init_reply() (bsc#1106291).
- fuse: fix double request_end() (bsc#1106291).
- fuse: fix initial parallel dirops (bsc#1106291).
- fuse: fix unlocked access to processing queue (bsc#1106291).
- fuse: umount should wait for all requests (bsc#1106291).
- gen_stats: Fix netlink stats dumping in the presence of padding (netfilter-stable-18_07_23).
- genirq: Add handle_fasteoi_{level,edge}_irq flow handlers (bsc#1105378).
- genirq: Export more irq_chip_*_parent() functions (bsc#1105378).
- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).
- getxattr: use correct xattr length (bsc#1106235).
- getxattr: use correct xattr length (bsc#1106297).
- gpio: Add gpio driver support for ThunderX and OCTEON-TX (bsc#1105378).
- gpio: Fix crash due to registration race (bsc#1051510).
- gpio: Fix wrong rounding in gpio-menz127 (bsc#1051510).
- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).
- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).
- gpio: pxa: Fix potential NULL dereference (bsc#1051510).
- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).
- gpio: thunderx: fix error return code in thunderx_gpio_probe() (bsc#1105378).
- gpio: thunderx: remove unused .map() hook from irq_domain_ops (bsc#1105378).
- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).
- gpiolib: Free the last requested descriptor (bsc#1051510).
- gpiolib: Mark gpio_suffixes array with __maybe_unused (bsc#1051510).
- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).
- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).
- gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes (bsc#1051510).
- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hotplug/cpu: Add operation queuing function ().
- hotplug/cpu: Conditionally acquire/release DRC index ().
- hotplug/cpu: Provide CPU readd operation ().
- hv: Synthetic typo correction (bsc#1107207).
- hv: add SPDX license id to Kconfig (bsc#1107207).
- hv: add SPDX license to trace (bsc#1107207).
- hv: avoid crash in vmbus sysfs files (bsc#1108377).
- hv_balloon: trace post_status (bsc#1107207).
- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).
- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).
- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).
- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).
- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).
- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1107207).
- hv_netvsc: Fix the return status in RX path (bsc#1107207).
- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).
- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).
- hv_netvsc: add trace points (bsc#1107207).
- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).
- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).
- hv_netvsc: fix schedule in RCU context ().
- hv_netvsc: fix schedule in RCU context (bsc#1107207).
- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).
- hv_netvsc: ignore devices that are not PCI (bsc#1107207).
- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).
- hv_netvsc: pair VF based on serial number (bsc#1107207).
- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).
- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).
- hv_netvsc: select needed ucs2_string routine (bsc#1107207).
- hv_netvsc: simplify receive side calling arguments (bsc#1107207).
- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).
- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).
- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
- hwmon: Add support for RPi voltage sensor (bsc#1108468).
- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
- hwrng: core - document the quality field (bsc#1051510).
- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).
- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).
- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).
- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).
- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bsc#1051510).
- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).
- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).
- i2c: imx: Fix race condition in dma read (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).
- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).
- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).
- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).
- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).
- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).
- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).
- ibmvnic: Include missing return code checks in reset function (bsc#1107966).
- ieee802154: ca8210: fix uninitialised data read (bsc#1051510).
- ieee802154: fix gcc-4.9 warnings (bsc#1051510).
- ieee802154: mrf24j40: fix incorrect mask in mrf24j40_stop (bsc#1051510).
- iio: 104-quad-8: Fix off-by-one error in register selection (bsc#1051510).
- iio: ad9523: Fix displayed phase (bsc#1051510).
- iio: ad9523: Fix return value for ad952x_store() (bsc#1051510).
- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).
- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).
- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).
- iio: adc: ina2xx: avoid kthread_stop() with stale task_struct (bsc#1051510).
- iio: adc: sun4i-gpadc: select REGMAP_IRQ (bsc#1051510).
- iio: sca3000: Fix an error handling path in 'sca3000_probe()' (bsc#1051510).
- iio: sca3000: Fix missing return in switch (bsc#1051510).
- ima: based on policy verify firmware signatures (pre-allocated buffer) (bsc#1051510).
- include/rdma/opa_addr.h: Fix an endianness issue (bsc#1046306 ).
- input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).
- intel_th: Fix device removal logic (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/amd: Add support for IOMMU XT mode ().
- iommu/amd: Add support for higher 64-bit IOMMU Control Register ().
- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).
- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).
- iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105).
- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).
- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix a potential memory leak (bsc#1106105).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).
- ioremap: Update pgtable free interfaces with addr (bsc#1110006).
- ip: hash fragments consistently (netfilter-stable-18_07_27).
- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (netfilter-stable-18_07_27).
- ipc/shm: fix shmat() nil address after round-down when remapping (bsc#1090078).
- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).
- ipmi: Fix some counter issues (bsc#1105907).
- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).
- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).
- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).
- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (netfilter-stable-18_07_23).
- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).
- ipv6: fix useless rol32 call on hash (netfilter-stable-18_07_23).
- ipv6: ila: select CONFIG_DST_CACHE (netfilter-stable-18_07_23).
- ipv6: make DAD fail with enhanced DAD when nonce length differs (netfilter-stable-18_07_23).
- ipv6: sr: fix passing wrong flags to crypto_alloc_shash() (networking-stable-18_07_19).
- ipvlan: fix IFLA_MTU ignored on NEWLINK (networking-stable-18_07_19).
- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).
- irqdomain: Add irq_domain_{push,pop}_irq() functions (bsc#1105378).
- irqdomain: Check for NULL function pointer in irq_domain_free_irqs_hierarchy() (bsc#1105378).
- irqdomain: Factor out code to add and remove items to and from the revmap (bsc#1105378).
- irqdomain: Prevent potential NULL pointer dereference in irq_domain_push_irq() (bsc#1105378).
- irqdomain: Update the comments of fwnode field of irq_domain structure (bsc#1051510).
- isdn: Disable IIOCDBGVAR (bsc#1051510).
- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- iwlwifi: pcie: do not access periphery registers when not available (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).
- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- kABI: protect eswitch.h include (kabi).
- kABI: protect struct nf_conn (kabi).
- kABI: protect struct vsock_sock (kabi).
- kABI: reexport tcp_send_ack (kabi).
- kABI: reexport vsock_pending_work (kabi).
- kabi fix for check_disk_size_change() (bsc#1098459).
- kabi protect enum mem_type (bsc#1099125).
- kabi protect hnae_ae_ops (bsc#1107924).
- kabi protect struct kvm_sync_regs (bsc#1106948).
- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).
- kabi/severities: add qeth inter-module symbols to ignore list.
- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.
- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.
- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).
- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).
- kernfs: update comment about kernfs_path() return value (bsc#1051510).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).
- kprobes/x86: Release insn_slot in failure path (bsc#1110006).
- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).
- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).
- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).
- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- kvm: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
- kvm: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).
- kvm: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207).
- kvm: x86: vmx: fix vpid leak (bsc#1106240).
- kvmclock: fix TSC calibration for nested guests (bsc#1110006).
- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).
- lan78xx: Check for supported Wake-on-LAN modes (bsc#1051510).
- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).
- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).
- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).
- leds: max8997: use mode when calling max8997_led_set_mode (bsc#1051510).
- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).
- lib/iov_iter: Fix pipe handling in _copy_to_iter_mcsafe() (bsc#1098782).
- lib/rhashtable: consider param->min_size when setting initial table size (bsc#1051510).
- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- lib/vsprintf: Remove atomic-unsafe support for %pCr (bsc#1051510).
- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).
- libata: Fix command retry decision (bsc#1051510).
- libata: Fix compile warning with ATA_DEBUG enabled (bsc#1051510).
- libbpf: Makefile set specified permission mode (bsc#1083647).
- libceph: check authorizer reply/challenge length before reading (bsc#1096748).
- libceph: factor out __ceph_x_decrypt() (bsc#1096748).
- libceph: factor out __prepare_write_connect() (bsc#1096748).
- libceph: factor out encrypt_authorizer() (bsc#1096748).
- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).
- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- libertas: fix suspend and resume for SDIO connected cards (bsc#1051510).
- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).
- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).
- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).
- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).
- libnvdimm, pmem: Fix memcpy_mcsafe() return code handling in nsio_rw_bytes() (bsc#1098782).
- libnvdimm, pmem: Restore page attributes when clearing errors (bsc#1107783).
- libnvdimm: Use max contiguous area for namespace size (git-fixes).
- libnvdimm: fix ars_status output length calculation (bsc#1104890).
- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).
- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).
- liquidio: fix kernel panic in VF driver (bsc#1067126).
- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).
- livepatch: Validate module/old func name length (bsc#1071995).
- livepatch: create and include UAPI headers ().
- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).
- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).
- mac80211: always account for A-MSDU header changes (bsc#1051510).
- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
- mac80211: fix a race between restart and CSA flows (bsc#1051510).
- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).
- mac80211: fix pending queue hang due to TX_DROP (bsc#1051510).
- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).
- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: restrict delayed tailroom needed decrement (bsc#1051510).
- mac80211: shorten the IBSS debug messages (bsc#1051510).
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211_hwsim: require at least one channel (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).
- mailbox: xgene-slimpro: Fix potential NULL pointer dereference (bsc#1051510).
- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).
- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).
- md-cluster: do not send msg if array is closing (bsc#1106333).
- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).
- md-cluster: show array's status more accurate (bsc#1106333).
- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).
- md/raid1: add error handling of read error from FailFast device (git-fixes).
- md/raid5-cache: disable reshape completely (git-fixes).
- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).
- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).
- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).
- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).
- media: dvb: fix compat ioctl translation (bsc#1051510).
- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).
- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).
- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bsc#1051510).
- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
- media: helene: fix xtal frequency setting at power on (bsc#1051510).
- media: mem2mem: Remove excessive try_run call (bsc#1051510).
- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bsc#1051510).
- media: pci: cx23885: handle adding to list failure (bsc#1051510).
- media: rtl28xxu: be sure that it won't go past the array size (bsc#1051510).
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).
- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).
- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).
- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).
- media: tvp5150: fix switch exit in set control handler (bsc#1051510).
- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).
- media: tw686x: Fix oops on buffer alloc failure (bsc#1051510).
- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).
- media: v4l2-mem2mem: Fix missing v4l2_m2m_try_run call (bsc#1051510).
- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).
- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).
- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).
- mei: bus: type promotion bug in mei_nfc_if_version() (bsc#1051510).
- mei: do not update offset in write (bsc#1051510).
- mei: ignore not found client in the enumeration (bsc#1051510).
- mei: me: enable asynchronous probing ().
- memcg, thp: do not invoke oom killer on thp charges (bsc#1089663).
- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).
- memory: tegra: Do not handle spurious interrupts (bsc#1051510).
- merge hyperv part of f5caf621
- mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).
- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).
- mfd: arizona: Do not use regmap_read_poll_timeout (bsc#1051510).
- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).
- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).
- mfd: sm501: Set coherent_dma_mask when creating subdevices (bsc#1051510).
- mfd: ti_am335x_tscadc: Fix struct clk memory leak (bsc#1051510).
- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).
- mm, dax: introduce pfn_t_special() (bsc#1104888).
- mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages (bsc#1107783).
- mm, madvise_inject_error: Let memory_failure() optionally take a page reference (bsc#1107783).
- mm, memory_failure: Collect mapping size in collect_procs() (bsc#1107783).
- mm, memory_failure: Teach memory_failure() about dev_pagemap pages (bsc#1107783).
- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bsc#1101669 optimise numa balancing for fast migrate).
- mm, numa: Remove rate-limiting of automatic numa balancing migration (bsc#1101669 optimise numa balancing for fast migrate).
- mm, numa: Remove rate-limiting of automatic numa balancing migration kabi (bsc#1101669 optimise numa balancing for fast migrate).
- mm, page_alloc: double zone's batchsize (bsc#971975 VM performance -- page allocator).
- mm/huge_memory.c: fix data loss when splitting a file pmd (bsc#1107074).
- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bsc#1106697).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm/vmalloc: add interfaces to free unmapped page table (bsc#1110006).
- mm/vmscan: wake up flushers for legacy cgroups too (bsc#1107061).
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).
- mm: memcg: fix use after free in mem_cgroup_iter() (bsc#1107065).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).
- mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips (bsc#1051510).
- mmc: sdhci: do not try to use 3.3V signaling if not supported (bsc#1051510).
- mmc: tegra: prevent HS200 on Tegra 3 (bsc#1051510).
- modpost: ignore livepatch unresolved relocations ().
- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).
- move a hyperv related patch to correct place in series.conf
- move changes without Git-commit out of sorted section
- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
- net/9p/client.c: version pointer uninitialized (bsc#1051510).
- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).
- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).
- net/9p: Switch to wait_event_killable() (bsc#1051510).
- net/9p: fix error path of p9_virtio_probe (bsc#1051510).
- net/ipv4: Set oif in fib_compute_spec_dst (netfilter-stable-18_07_23).
- net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager (networking-stable-18_07_19).
- net/mlx5e: Avoid dealing with vport representors if not being e-switch manager (networking-stable-18_07_19).
- net/packet: fix use-after-free (networking-stable-18_07_19).
- net: add support for Cavium PTP coprocessor (bsc#1110096).
- net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() (bsc#1051510).
- net: bcmgenet: Fix unmapping of fragments in bcmgenet_xmit() (bsc#1051510).
- net: bcmgenet: correct bad merge (bsc#1051510).
- net: bcmgenet: enable loopback during UniMAC sw_reset (bsc#1051510).
- net: bcmgenet: prevent duplicate calls of bcmgenet_dma_teardown (bsc#1051510).
- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).
- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (networking-stable-18_07_19).
- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (networking-stable-18_07_19).
- net: diag: Do not double-free TCP_NEW_SYN_RECV sockets in tcp_abort (netfilter-stable-18_07_23).
- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).
- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).
- net: ena: fix device destruction to gracefully free resources (bsc#1108093).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).
- net: ena: fix incorrect usage of memory barriers (bsc#1108093).
- net: ena: fix missing calls to READ_ONCE (bsc#1108093).
- net: ena: fix missing lock during device destruction (bsc#1108093).
- net: ena: fix potential double ena_destroy_device() (bsc#1108093).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).
- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).
- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).
- net: fix use-after-free in GRO with ESP (networking-stable-18_07_19).
- net: hns3: Fix MSIX allocation issue for VF (bsc#1104353 ).
- net: hns3: Fix comments for hclge_get_ring_chain_from_mbx (bsc#1104353).
- net: hns3: Fix desc num set to default when setting channel (bsc#1104353).
- net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero (bsc#1104353).
- net: hns3: Fix for information of phydev lost problem when down/up (bsc#1104353).
- net: hns3: Fix for l4 checksum offload bug (bsc#1104353 ).
- net: hns3: Fix for mac pause not disable in pfc mode (bsc#1104353).
- net: hns3: Fix for mailbox message truncated problem (bsc#1104353).
- net: hns3: Fix for phy link issue when using marvell phy driver (bsc#1104353).
- net: hns3: Fix for reset_level default assignment probelm (bsc#1104353).
- net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx (bsc#1104353).
- net: hns3: Fix for waterline not setting correctly (bsc#1104353).
- net: hns3: Fix get_vector ops in hclgevf_main module (bsc#1104353).
- net: hns3: Fix return value error in hns3_reset_notify_down_enet (bsc#1104353).
- net: hns3: Fix warning bug when doing lp selftest (bsc#1104353 ).
- net: hns3: Prevent sending command during global or core reset (bsc#1104353).
- net: hns3: Standardize the handle of return value (bsc#1104353 ).
- net: hns3: add unlikely for error check (bsc#1104353 ).
- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).
- net: hns3: fix return value error while hclge_cmd_csq_clean failed (bsc#1104353).
- net: hns3: modify hnae_ to hnae3_ (bsc#1104353).
- net: hns3: remove some redundant assignments (bsc#1104353 ).
- net: hns3: remove unnecessary ring configuration operation while resetting (bsc#1104353).
- net: hns3: simplify hclge_cmd_csq_clean (bsc#1104353 ).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).
- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).
- net: mvneta: fix the Rx desc DMA address in the Rx path (networking-stable-18_07_19).
- net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv (netfilter-stable-18_07_27).
- net: phy: fix flag masking in __set_phy_supported (netfilter-stable-18_07_23).
- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).
- net: skb_segment() should not return NULL (netfilter-stable-18_07_27).
- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).
- net: stmmac: mark PM functions as __maybe_unused (git-fixes).
- net: sungem: fix rx checksum support (networking-stable-18_07_19).
- net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite (netfilter-stable-18_07_23).
- net: thunder: change q_len's type to handle max ring size (bsc#1110096).
- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).
- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
- net: thunderx: add multicast filter management support (bsc#1110096).
- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).
- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).
- net: thunderx: add timestamping support (bsc#1110096).
- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).
- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
- net: thunderx: fix double free error (bsc#1110096).
- net: thunderx: move filter register related macro into proper place (bsc#1110096).
- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).
- net: thunderx: remove a couple of redundant assignments (bsc#1110096).
- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).
- net_sched: blackhole: tell upper qdisc about dropped packets (networking-stable-18_07_19).
- netfilter: do not set F_IFACE on ipv6 fib lookups (netfilter-stable-18_06_25).
- netfilter: ip6t_rpfilter: provide input interface for route lookup (netfilter-stable-18_06_25).
- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).
- netfilter: nat: Revert 'netfilter: nat: convert nat bysrc hash to rhashtable' (netfilter-stable-17_11_16).
- netfilter: nf_tables: add missing netlink attrs to policies (netfilter-stable-18_06_27).
- netfilter: nf_tables: do not assume chain stats are set when jumplabel is set (netfilter-stable-18_06_27).
- netfilter: nf_tables: fix memory leak on error exit return (netfilter-stable-18_06_27).
- netfilter: nf_tables: nft_compat: fix refcount leak on xt module (netfilter-stable-18_06_27).
- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (netfilter-stable-18_06_25).
- netfilter: nft_compat: fix handling of large matchinfo size (netfilter-stable-18_06_27).
- netfilter: nft_compat: prepare for indirect info storage (netfilter-stable-18_06_27).
- netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval (netfilter-stable-18_06_27).
- netlink: Do not shift on 64 for ngroups (git-fixes).
- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).
- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).
- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).
- nfs/filelayout: fix oops when freeing filelayout segment (bsc#1105190).
- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).
- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).
- nfsd: remove blocked locks on client teardown (git-fixes).
- nl80211: Add a missing break in parse_station_flags (bsc#1051510).
- nl80211: check nla_parse_nested() return values (bsc#1051510).
- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).
- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).
- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).
- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- objtool, kprobes/x86: Sync the latest asm/insn.h header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
- of: add helper to lookup compatible child node (bsc#1106110)
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
- ovl: fix format of setxattr debug (git-fixes).
- parport: sunbpp: fix error return code (bsc#1051510).
- partitions/aix: append null character to print data from disk (bsc#1051510).
- partitions/aix: fix usage of uninitialized lv_info and lvname structures (bsc#1051510).
- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).
- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).
- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).
- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).
- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).
- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).
- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).
- pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant (bsc#1051510).
- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).
- pipe: match pipe_max_size data type with procfs (git-fixes).
- platform/x86: alienware-wmi: Correct a memory leak (bsc#1051510).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).
- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1051510).
- platform/x86: toshiba_acpi: Fix defined but not used build warnings (bsc#1051510).
- pmem: Switch to copy_to_iter_mcsafe() (bsc#1098782).
- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).
- power: gemini-poweroff: Avoid more spurious poweroffs (bsc#1051510).
- power: generic-adc-battery: check for duplicate properties copied from iio channels (bsc#1051510).
- power: generic-adc-battery: fix out-of-bounds write when copying channel properties (bsc#1051510).
- power: remove possible deadlock when unregistering power_supply (bsc#1051510).
- power: supply: axp288_charger: Fix initial constant_charge_current value (bsc#1051510).
- power: supply: max77693_charger: fix unintentional fall-through (bsc#1051510).
- power: vexpress: fix corruption in notifier registration (bsc#1051510).
- powernv/pseries: consolidate code for mce early handling (bsc#1094244).
- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).
- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).
- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).
- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).
- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).
- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).
- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).
- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).
- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).
- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).
- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).
- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).
- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
- powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363).
- powerpc/perf: Fix IMC allocation routine (bsc#1054914).
- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).
- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).
- powerpc/pkeys: Fix reading of ibm, processor-storage-keys property (bsc#1109244).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).
- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).
- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).
- powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range (bsc#1055120).
- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).
- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).
- powerpc/powernv: Rework TCE level allocation (bsc#1061840).
- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).
- powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).
- powerpc/pseries: Define MCE error event section (bsc#1094244).
- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1065729).
- powerpc/pseries: Display machine check error details (bsc#1094244).
- powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).
- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).
- powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).
- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).
- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).
- powerpc/rtas: Fix a potential race between CPU-Offline Migration (bsc#1111870).
- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).
- powerpc/xive: Fix trying to 'push' an already active pool VP (bsc#1085030, git-fixes).
- powerpc/xive: Move definition of ESB bits (bsc#1061840).
- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).
- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).
- powerpc: Avoid code patching freed init sections (bsc#1107735).
- powerpc: Fix size calculation using resource_size() (bsc#1012382).
- powerpc: KABI add aux_ptr to hole in paca_struct to extend it with additional members (bsc#1094244).
- powerpc: KABI: move mce_data_buf into paca_aux (bsc#1094244).
- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).
- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).
- ppp: Destroy the mutex when cleanup (bsc#1051510).
- ppp: fix __percpu annotation (bsc#1051510).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).
- ptp: fix missing break in switch (bsc#1105355).
- ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (bsc#1105355).
- ptr_ring: fix up after recent ptr_ring changes (bsc#1105355).
- ptr_ring: prevent integer overflow when calculating size (bsc#1105355).
- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).
- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).
- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).
- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).
- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).
- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).
- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).
- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
- qed: Wait for ready indication before rereading the shmem (bsc#1050536).
- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
- qlge: Fix netdev features configuration (bsc#1098822).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8152: Check for supported Wake-on-LAN Modes (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- r8169: add support for NCube 8168 network card (bsc#1051510).
- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).
- random: add new ioctl RNDRESEEDCRNG (bsc#1051510).
- random: fix possible sleeping allocation from irq context (bsc#1051510).
- random: mix rdrand with entropy sent in from userspace (bsc#1051510).
- random: rate limit unseeded randomness warnings (git-fixes).
- random: set up the NUMA crng instances after the CRNG is fully initialized (bsc#1051510).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).
- regulator: fix crash caused by null driver data (bsc#1051510).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).
- rename a hv patch to reduce conflicts in -AZURE
- rename/renumber hv patches to simplify upcoming upstream merges Good Bye automerge. Hello Conflicts.
- rename/renumber hv patches to simplify upcoming upstream merges No code changes.
- reorder a qedi patch to allow further work in this branch
- resort series.conf
- resource: Include resource end in walk_*() interfaces (bsc#1114279).
- rhashtable: add schedule points (bsc#1051510).
- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bsc#1051510).
- root dentries need RCU-delayed freeing (bsc#1106297).
- rpc_pipefs: fix double-dput() (bsc#1051510).
- rpm/kernel-binary.spec.in: fix call of split-modules split-modules is called with some parameters depending on config options. But since we do not use backslash consistelny, the call to split-modules might be evaluated so that also the following cat command is appended. Avoid this behaviour by using backslashes everywhere and add %nil to the end. This perhaps never happens, but stay on the safe side.
- rpm/mkspec: build dtbs for architectures marked -!needs_updating
- rpm/mkspec: fix ppc64 kernel-source build.
- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).
- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).
- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
- rtnetlink: add rtnl_link_state check in rtnl_configure_link (netfilter-stable-18_07_27).
- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).
- s390/crypto: Fix return code checking in cbc_paes_crypt() (bsc#1108323, LTC#171709).
- s390/entry.S: use assembler alternatives (bsc#1103421).
- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).
- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).
- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).
- s390/pci: fix out of bounds access during irq setup (bsc#1108323, LTC#171068).
- s390/qdio: reset old sbal_state flags (LTC#171525, bsc#1106948).
- s390/qeth: consistently re-enable device features (bsc#1104482, LTC#170340).
- s390/qeth: do not clobber buffer on async TX completion (bsc#1104482, LTC#170340).
- s390/qeth: rely on kernel for feature recovery (bsc#1104482, LTC#170340).
- s390/qeth: use vzalloc for QUERY OAT buffer (LTC#171527, bsc#1106948).
- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).
- s390: Prevent hotplug rwsem recursion (bsc#1105731).
- s390: always save and restore all registers on context switch (bsc#1103421).
- s390: detect etoken facility (bsc#1103421).
- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).
- s390: fix compat system call table (bsc#1103421).
- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).
- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).
- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).
- sched/fair: Fix bandwidth timer clock drift condition (Git-fixes).
- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).
- sched/isolcpus: Fix 'isolcpus=' boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).
- sched/numa: Avoid task migration for small NUMA improvement (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Evaluate move once per node (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Limit the conditions where scan period is reset ().
- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Pass destination CPU as a parameter to migrate_task_rq kabi (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove numa_has_capacity() (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Reset scan rate whenever task moves across nodes (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: Stop multiple tasks from moving to the CPU at the same time kabi (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused code from update_numa_stats() (bsc#1101669 optimise numa balancing for fast migrate).
- sched/numa: remove unused nr_running field (bsc#1101669 optimise numa balancing for fast migrate).
- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.
- scripts/git_sort/git_sort.py: add libnvdimm-for-next branch
- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue
- scripts: modpost: check memory allocation results (bsc#1051510).
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: cxlflash: Abstract hardware dependent assignments ().
- scsi: cxlflash: Acquire semaphore before invoking ioctl services ().
- scsi: cxlflash: Adapter context init can return error ().
- scsi: cxlflash: Adapter context support for OCXL ().
- scsi: cxlflash: Add argument identifier names ().
- scsi: cxlflash: Add include guards to backend.h ().
- scsi: cxlflash: Avoid clobbering context control register value ().
- scsi: cxlflash: Enable OCXL operations ().
- scsi: cxlflash: Explicitly cache number of interrupts per context ().
- scsi: cxlflash: Handle spurious interrupts ().
- scsi: cxlflash: Hardware AFU for OCXL ().
- scsi: cxlflash: Introduce OCXL backend ().
- scsi: cxlflash: Introduce OCXL context state machine ().
- scsi: cxlflash: Introduce object handle fop ().
- scsi: cxlflash: Isolate external module dependencies ().
- scsi: cxlflash: Limit the debug logs in the IO path ().
- scsi: cxlflash: MMIO map the AFU ().
- scsi: cxlflash: Preserve number of interrupts for master contexts ().
- scsi: cxlflash: Read host AFU configuration ().
- scsi: cxlflash: Read host function configuration ().
- scsi: cxlflash: Register for translation errors ().
- scsi: cxlflash: Remove commmands from pending list on timeout ().
- scsi: cxlflash: Remove embedded CXL work structures ().
- scsi: cxlflash: Setup AFU PASID ().
- scsi: cxlflash: Setup AFU acTag range ().
- scsi: cxlflash: Setup LISNs for master contexts ().
- scsi: cxlflash: Setup LISNs for user contexts ().
- scsi: cxlflash: Setup OCXL transaction layer ().
- scsi: cxlflash: Setup function OCXL link ().
- scsi: cxlflash: Setup function acTag range ().
- scsi: cxlflash: Staging to support future accelerators ().
- scsi: cxlflash: Support AFU interrupt management ().
- scsi: cxlflash: Support AFU interrupt mapping and registration ().
- scsi: cxlflash: Support AFU reset ().
- scsi: cxlflash: Support AFU state toggling ().
- scsi: cxlflash: Support adapter context discovery ().
- scsi: cxlflash: Support adapter context mmap and release ().
- scsi: cxlflash: Support adapter context polling ().
- scsi: cxlflash: Support adapter context reading ().
- scsi: cxlflash: Support adapter file descriptors for OCXL ().
- scsi: cxlflash: Support file descriptor mapping ().
- scsi: cxlflash: Support image reload policy modification ().
- scsi: cxlflash: Support process element lifecycle ().
- scsi: cxlflash: Support process specific mappings ().
- scsi: cxlflash: Support reading adapter VPD data ().
- scsi: cxlflash: Support starting an adapter context ().
- scsi: cxlflash: Support starting user contexts ().
- scsi: cxlflash: Synchronize reset and remove ops ().
- scsi: cxlflash: Use IDR to manage adapter contexts ().
- scsi: cxlflash: Use local mutex for AFU serialization ().
- scsi: cxlflash: Yield to active send threads ().
- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).
- scsi: hisi_sas: Add SATA FIS check for v3 hw ().
- scsi: hisi_sas: Add a flag to filter PHY events during reset ().
- scsi: hisi_sas: Add missing PHY spinlock init ().
- scsi: hisi_sas: Adjust task reject period during host reset ().
- scsi: hisi_sas: Drop hisi_sas_slot_abort() ().
- scsi: hisi_sas: Fix the conflict between dev gone and host reset ().
- scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout ().
- scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw ().
- scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw() ().
- scsi: hisi_sas: Pre-allocate slot DMA buffers ().
- scsi: hisi_sas: Release all remaining resources in clear nexus ha ().
- scsi: hisi_sas: Tidy hisi_sas_task_prep() ().
- scsi: hisi_sas: Use dmam_alloc_coherent() ().
- scsi: hisi_sas: add memory barrier in task delivery function ().
- scsi: hisi_sas: relocate some common code for v3 hw ().
- scsi: hisi_sas: tidy channel interrupt handler for v3 hw ().
- scsi: hisi_sas: tidy host controller reset function a bit ().
- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).
- scsi: ipr: Eliminate duplicate barriers ().
- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).
- scsi: ipr: Use dma_pool_zalloc() ().
- scsi: ipr: fix incorrect indentation of assignment statement ().
- scsi: libfc: Add lockdep annotations (bsc#1077989).
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).
- scsi: libfc: fixup lockdep annotations (bsc#1077989).
- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).
- scsi: mpt3sas: Fix calltrace observed while running IO reset (bsc#1077989).
- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).
- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).
- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).
- scsi: qla2xxx: Add longer window for chip reset (bsc#1086327,).
- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).
- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).
- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).
- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).
- scsi: qla2xxx: Cleanup for N2N code (bsc#1086327,).
- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).
- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).
- scsi: qla2xxx: Fix ISP recovery on unload (bsc#1086327,).
- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1086327,).
- scsi: qla2xxx: Fix N2N link re-connect (bsc#1086327,).
- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).
- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).
- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).
- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).
- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).
- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).
- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1086327,).
- scsi: qla2xxx: Fix login retry count (bsc#1086327,).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).
- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).
- scsi: qla2xxx: Fix premature command free (bsc#1108870).
- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).
- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1086327,).
- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).
- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1086327,).
- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1086327,).
- scsi: qla2xxx: Fix stalled relogin (bsc#1086327,).
- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).
- scsi: qla2xxx: Fix unintended Logout (bsc#1086327,).
- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1086327,).
- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).
- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).
- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1086327,).
- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).
- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).
- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).
- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1086327,).
- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).
- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).
- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).
- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).
- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).
- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).
- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
- scsi: qla2xxx: Save frame payload size from ICB (bsc#1086327,).
- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).
- scsi: qla2xxx: Silent erroneous message (bsc#1086327,).
- scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1086327,).
- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).
- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).
- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1086327,).
- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).
- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).
- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).
- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).
- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).
- scsi: storsvc: do not set a bounce limit (bsc#1107207).
- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).
- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).
- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).
- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).
- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).
- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).
- security: check for kstrdup() failure in lsm_append() (bsc#1051510).
- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).
- selftests/bpf: fix a typo in map in map test (bsc#1083647).
- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).
- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
- serial: 8250: Do not service RX FIFO if interrupts are disabled (bsc#1051510).
- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).
- serial: 8250_dw: Add ACPI support for uart on Broadcom SoC (bsc#1051510).
- serial: 8250_dw: always set baud rate in dw8250_set_termios (bsc#1051510).
- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
- serial: core: mark port as initialized after successful IRQ change (bsc#1051510).
- serial: cpm_uart: return immediately from console poll (bsc#1051510).
- serial: enable spi in sc16is7xx driver References: bsc#1105672
- serial: imx: restore handshaking irq for imx1 (bsc#1051510).
- serial: make sc16is7xx driver supported References: bsc#1105672
- serial: pxa: Fix an error handling path in 'serial_pxa_probe()' (bsc#1051510).
- serial: sh-sci: Stop RX FIFO timer during port shutdown (bsc#1051510).
- serial: xuartps: fix typo in cdns_uart_startup (bsc#1051510).
- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bsc#1112514).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- slab: __GFP_ZERO is incompatible with a constructor (bsc#1107060).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- smsc75xx: Check for Wake-on-LAN modes (bsc#1051510).
- smsc95xx: Check for Wake-on-LAN modes (bsc#1051510).
- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).
- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).
- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
- soreuseport: initialise timewait reuseport field (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT ().
- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).
- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).
- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).
- spi: davinci: fix a NULL pointer dereference (bsc#1051510).
- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).
- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).
- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: fix deferred probing (bsc#1051510).
- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).
- squashfs metadata 2: electric boogaloo (bsc#1051510).
- squashfs: be more careful about metadata corruption (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- sr9800: Check for supported Wake-on-LAN modes (bsc#1051510).
- sr: get/drop reference to device in revalidate and check_events (bsc#1109979).
- staging: bcm2835-audio: Check if workqueue allocation failed ().
- staging: bcm2835-audio: Deliver indirect-PCM transfer error ().
- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit() ().
- staging: bcm2835-audio: Do not leak workqueue if open fails ().
- staging: bcm2835-audio: constify snd_pcm_ops structures ().
- staging: bcm2835-audio: make snd_pcm_hardware const ().
- staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout (bsc#1051510).
- staging: bcm2835-camera: handle wait_for_completion_timeout return properly (bsc#1051510).
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).
- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).
- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).
- staging: lustre: disable preempt while sampling processor id (bsc#1051510).
- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).
- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).
- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).
- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).
- staging: lustre: llite: correct removexattr detection (bsc#1051510).
- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).
- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).
- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).
- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).
- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).
- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).
- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).
- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).
- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).
- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).
- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).
- staging: rts5208: fix missing error check on call to rtsx_write_register (bsc#1051510).
- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings ().
- staging: vc04_services: bcm2835-audio Format multiline comment ().
- staging: vc04_services: bcm2835-audio: Add blank line after declaration ().
- staging: vc04_services: bcm2835-audio: Change to unsigned int * ().
- staging: vc04_services: bcm2835-audio: add SPDX identifiers ().
- staging: vc04_services: bcm2835-audio: remove redundant license text ().
- staging: vc04_services: please do not use multiple blank lines ().
- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).
- stmmac: fix DMA channel hang in half-duplex mode (networking-stable-18_07_19).
- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).
- strparser: Remove early eaten to fix full tcp receive buffer stall (networking-stable-18_07_19).
- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).
- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
- sys: do not hold uts_sem while accessing userspace memory (bsc#1106995).
- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- target_core_rbd: break up free_device callback (bsc#1105524).
- target_core_rbd: use RCU in free_device (bsc#1105524).
- team: Forbid enslaving team device to itself (bsc#1051510).
- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).
- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).
- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).
- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).
- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).
- tools build: fix # escaping in .cmd files for future Make (git-fixes).
- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).
- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).
- tools/power turbostat: fix -S on UP systems (bsc#1051510).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207).
- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).
- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).
- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).
- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).
- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).
- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).
- tpm: fix race condition in tpm_common_write() (bsc#1082555).
- tpm: fix use after free in tpm2_load_context() (bsc#1082555).
- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).
- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).
- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).
- tracepoint: Do not warn on ENOMEM (bsc#1051510).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tsl2550: fix lux1_input error in low light (bsc#1051510).
- tty/ldsem: Add lockdep asserts for ldisc_sem (bsc#1105428).
- tty/ldsem: Convert to regular lockdep annotations (bsc#1105428).
- tty/ldsem: Decrement wait_readers on timeouted down_read() (bsc#1105428).
- tty/ldsem: Wake up readers after timed out down_write() (bsc#1105428).
- tty: Do not block on IO when ldisc change is pending (bsc#1105428).
- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).
- tty: Hold tty_ldisc_lock() during tty_reopen() (bsc#1105428).
- tty: Simplify tty->count math in tty_reopen() (bsc#1105428).
- tty: fix data race between tty_init_dev and flush of buf (bsc#1105428).
- tty: fix termios input-speed encoding (bsc#1051510).
- tty: fix termios input-speed encoding when using BOTHER (bsc#1051510).
- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).
- tty: serial: 8250: Revert NXP SC16C2552 workaround (bsc#1051510).
- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).
- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).
- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).
- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).
- ubifs: Check data node size before truncate (bsc#1051510).
- ubifs: Check for name being NULL while mounting (bsc#1051510).
- ubifs: Fix directory size calculation for symlinks (bsc#1106230).
- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).
- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).
- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).
- udl-kms: avoid division (bsc#1051510).
- udl-kms: change down_interruptible to down (bsc#1051510).
- udl-kms: fix crash due to uninitialized memory (bsc#1051510).
- udl-kms: handle allocation failure (bsc#1051510).
- udlfb: set optimal write delay (bsc#1051510).
- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).
- uio, lib: Fix CONFIG_ARCH_HAS_UACCESS_MCSAFE compilation (bsc#1098782).
- uio: potential double frees if __uio_register_device() fails (bsc#1051510).
- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).
- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).
- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).
- uio_hv_generic: support sub-channels (bsc#1107207).
- uio_hv_generic: use correct channel in isr (bsc#1107207).
- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).
- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bsc#1051510).
- uprobes: Use synchronize_rcu() not synchronize_sched() (bsc#1051510).
- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).
- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).
- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).
- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).
- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).
- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).
- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).
- usb: dwc3: change stream event enable bit back to 13 (bsc#1051510).
- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).
- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).
- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).
- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).
- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).
- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).
- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).
- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).
- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).
- usb: uas: add support for more quirk flags (bsc#1051510).
- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).
- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
- usb: xhci: increase CRS timeout value (bsc#1051510).
- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).
- use the new async probing feature for the hyperv drivers (bsc#1107207).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- userns: move user access out of the mutex (bsc#1051510).
- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).
- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).
- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).
- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).
- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).
- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).
- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).
- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).
- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).
- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).
- vhost_net: validate sock before trying to put its fd (networking-stable-18_07_19).
- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).
- video: goldfishfb: fix memory leak on driver remove (bsc#1051510).
- virtio: pci-legacy: Validate queue pfn (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1107207).
- vmci: type promotion bug in qp_host_get_user_memory() (bsc#1105355).
- vmw_balloon: VMCI_DOORBELL_SET does not check status (bsc#1051510).
- vmw_balloon: do not use 2MB without batching (bsc#1051510).
- vmw_balloon: fix VMCI use when balloon built into kernel (bsc#1051510).
- vmw_balloon: fix inflation of 64-bit GFNs (bsc#1051510).
- vmw_balloon: remove inflation rate limiting (bsc#1051510).
- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).
- vti4: Do not count header length twice on tunnel setup (bsc#1051510).
- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
- vxlan: add new fdb alloc and create helpers (netfilter-stable-18_07_27).
- vxlan: fix default fdb entry netlink notify ordering during netdev create (netfilter-stable-18_07_27).
- vxlan: make netlink notify in vxlan_fdb_destroy optional (netfilter-stable-18_07_27).
- wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc (bsc#1051510).
- watchdog: Mark watchdog touch functions as notrace (git-fixes).
- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bsc#1051510).
- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).
- x86-64/realmode: Add instruction suffix (bsc#1110006).
- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available ().
- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).
- x86/CPU: Add a microcode loader callback (bsc#1110006).
- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).
- x86/CPU: Modify detect_extended_topology() to return result ().
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/Hyper-V/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).
- x86/Hyper-V/hv_apic: Include asm/apic.h (bsc#1107207).
- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).
- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).
- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).
- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Remove min interval polling limitation (bsc#1110006).
- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).
- x86/MCE: Serialize sysfs changes (bsc#1110006).
- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bsc#1110006).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).
- x86/apic/vector: Fix off by one in error path (bsc#1110006).
- x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).
- x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006).
- x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006).
- x86/asm/memcpy_mcsafe: Add labels for __memcpy_mcsafe() write fault handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Add write-protection-fault handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Define copy_to_iter_mcsafe() (bsc#1098782).
- x86/asm/memcpy_mcsafe: Fix copy_to_user_mcsafe() exception handling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Provide original memcpy_mcsafe_unrolled (bsc#1098782).
- x86/asm/memcpy_mcsafe: Remove loop unrolling (bsc#1098782).
- x86/asm/memcpy_mcsafe: Return bytes remaining (bsc#1098782).
- x86/asm: Add _ASM_ARG* constants for argument registers to asm/asm.h (bsc#1110006).
- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).
- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).
- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).
- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bsc#1112878).
- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).
- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).
- x86/boot: Fix kexec booting failure in the SEV bit detection code (bsc#1110301).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).
- x86/build/64: Force the linker to use 2MB page size (bsc#1109603).
- x86/build: Beautify build log of syscall headers (bsc#1110006).
- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).
- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).
- x86/decoder: Add new TEST instruction pattern (bsc#1110006).
- x86/dumpstack: Save first regs set for the executive summary (bsc#1110006).
- x86/dumpstack: Unify show_regs() (bsc#1110006).
- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).
- x86/eisa: Add missing include (bsc#1110006).
- x86/entry/64: Add two more instruction suffixes (bsc#1110006).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bsc#1102715).
- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).
- x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() (bsc#1110006).
- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).
- x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bsc#1110006).
- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).
- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).
- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).
- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).
- x86/headers/UAPI: Use __u64 instead of u64 in uapi/asm/hyperv.h (bsc#1107207).
- x86/hyper-V: Allocate the IDT entry early in boot (bsc#1107207).
- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).
- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).
- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).
- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).
- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).
- x86/hyper-v: Trace PV IPI send (bsc#1107207).
- x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).
- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).
- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).
- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).
- x86/hyper-v: detect nested features (bsc#1107207).
- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).
- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).
- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).
- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).
- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).
- x86/hyperv: Add interrupt handler annotations (bsc#1107207).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1107207).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).
- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).
- x86/hyperv: Reenlightenment notifications support (bsc#1107207).
- x86/idt: Load idt early in start_secondary (bsc#1110006).
- x86/init: fix build with CONFIG_SWAP=n (bsc#1106121).
- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).
- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).
- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).
- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).
- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).
- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006).
- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).
- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).
- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).
- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).
- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).
- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).
- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).
- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).
- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).
- x86/mce/AMD: Get address from already initialized block (bsc#1110006).
- x86/mce: Add notifier_block forward declaration (bsc#1110006).
- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).
- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).
- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).
- x86/mce: Fix set_mce_nospec() to avoid #GP fault (bsc#1107783).
- x86/mce: Improve error message when kernel cannot recover (bsc#1110006).
- x86/mce: Improve error message when kernel cannot recover (bsc#1110301).
- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).
- x86/memory_failure: Introduce {set, clear}_mce_nospec() (bsc#1107783).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).
- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).
- x86/microcode/intel: Look into the patch cache first (bsc#1110006).
- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).
- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).
- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).
- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).
- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).
- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).
- x86/microcode: Fix CPU synchronization routine (bsc#1110006).
- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).
- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).
- x86/microcode: Propagate return value from updating functions (bsc#1110006).
- x86/microcode: Request microcode on the BSP (bsc#1110006).
- x86/microcode: Synchronize late microcode loading (bsc#1110006).
- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).
- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).
- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).
- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).
- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).
- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).
- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).
- x86/mm/pat: Prepare {reserve, free}_memtype() for 'decoy' addresses (bsc#1107783).
- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).
- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).
- x86/mm/tlb: Always use lazy TLB mode (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Leave lazy TLB mode at page table free time (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Make lazy TLB mode lazier (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Restructure switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).
- x86/mm: Add TLB purge to free pmd/pte page interfaces (bsc#1110006).
- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).
- x86/mm: Disable ioremap free page handling on x86-PAE (bsc#1110006).
- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).
- x86/mm: Drop TS_COMPAT on 64-bit exec() syscall (bsc#1110006).
- x86/mm: Expand static page table for fixmap space (bsc#1110006).
- x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging (bsc#1110006).
- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).
- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).
- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).
- x86/mm: implement free pmd/pte page interfaces (bsc#1110006).
- x86/mpx: Do not allow MPX if we have mappings above 47-bit (bsc#1110006).
- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).
- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).
- x86/paravirt: Fix some warning messages (bsc#1065600).
- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bsc#1065600).
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).
- x86/pkeys: Do not special case protection key 0 (bsc#1110006).
- x86/pkeys: Override pkey when moving away from PROT_EXEC (bsc#1110006).
- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).
- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).
- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).
- x86/platform/UV: Use new set memory block size function (bsc#1108243).
- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).
- x86/process: Do not mix user/kernel regs in 64bit __show_regs() (bsc#1110006).
- x86/process: Re-export start_thread() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).
- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).
- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).
- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).
- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).
- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).
- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bsc#1105536).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).
- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).
- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).
- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bsc#1105536).
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).
- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).
- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
- x86/vdso: Fix lsl operand order (bsc#1110006).
- x86/vdso: Fix lsl operand order (bsc#1110301).
- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).
- x86/xen/efi: Initialize only the EFI struct members used by Xen (bsc#1107945).
- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bsc#1065600).
- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).
- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).
- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).
- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).
- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).
- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).
- x86: Delay skip of emulated hypercall instruction (bsc#1107207).
- x86: Delay skip of emulated hypercall instruction (bsc#1110006).
- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).
- x86: i8259: Add missing include file (bsc#1110006).
- x86: irq_remapping: Move irq remapping mode enum ().
- x86: kvm: avoid unused variable warning (bsc#1110006).
- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006).
- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110301).
- xen-netfront: fix bug concerning replacement of MAX_SKB_FRAGS with XEN_NETIF_NR_SLOTS_MIN (bsc#1104824).
- xen-netfront: fix queue name setting (bsc#1065600).
- xen-netfront: fix warn message as irq device name has '/' (bsc#1065600).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bsc#1065600).
- xen/PVH: Set up GS segment for stack canary (bsc#1110006).
- xen/blkback: do not keep persistent grants too long (bsc#1085042).
- xen/blkback: move persistent grants flags to bool (bsc#1085042).
- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).
- xen/blkfront: cleanup stale persistent grants (bsc#1085042).
- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bsc#1065600).
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).
- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bsc#1065600).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xen: issue warning message when out of grant maptrack entries (bsc#1105795).
- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bsc#1065600).
- xen: xenbus_dev_frontend: Really return response string (bsc#1065600).
- xenbus: track caller request id (bsc#1065600).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs, dax: introduce xfs_dax_aops (bsc#1104888).
- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).
- xfs: Remove dead code from inode recover function (bsc#1105396).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix type usage (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: repair malformed inode items during log recovery (bsc#1105396).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
- xhci: Fix use after free for URB cancellation on a reallocated endpoint (bsc#1051510).
- zram: fix null dereference of handle (bsc#1105355).
Patchnames
SUSE-SLE-Module-Public-Cloud-15-2018-2819
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 azure kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2018-9363: Fixed an integer overflow that could have been used for an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation (bsc#1105292).\n- CVE-2018-6555: The irda_setsockopt function in net/irda/af_irda.c was fixed in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (bsc#1106511).\n- CVE-2018-6554: Fixed memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c that allowed local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (bsc#1106509).\n- CVE-2018-18710: An information leak was fixed in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c that could have been used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658 (bsc#1113751).\n- CVE-2018-18445: Fixed faulty computation of numeric bounds in the BPF verifier that now permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bsc#1112372).\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c was fixed that was vulnerable to sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations. (bsc#1108399).\n- CVE-2018-16658: An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c was fixed that could have leed to be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 (bsc#1107689).\n- CVE-2018-15572: The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c was not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks. (bsc#1102517)\n- CVE-2018-14633: A security flaw was fixed in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely (bsc#1107829).\n- CVE-2018-14617: A NULL pointer dereference and panic in hfsplus_lookup() was fixed when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. (bsc#1102870)\n- CVE-2018-14613: An invalid pointer dereference in io_ctl_map_page() was fixed when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. (bsc#1102896)\n- CVE-2018-13095: A denial of service (memory corruption and BUG) was fixed to prevent a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. (bsc#1099999)\n- CVE-2018-13093: A NULL pointer dereference and panic in lookup_slow() on a NULL was fixed to prevent pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. (bsc#1100001)\n- CVE-2018-12896: An integer overflow in the POSIX timer code was fixed to prevent overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. (bsc#1099922)\n- CVE-2018-1129: The signature calculation was fixed to by the cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. (bsc#1096748)\n- CVE-2018-1128: The cephx authentication protocol was fixed to verify ceph clients correctly and to prevent the vulnerability to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network could have used this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable (bsc#1096748).\n- CVE-2018-10940: The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c was fixed to prevent local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903).\n- CVE-2018-10938: A flaw was fixed how the kernel handled network packet sent remotely by an attacker that may forced the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. (bsc#1106016)\n- CVE-2018-10902: The the raw midi kernel driver was fixed to be protected against concurrent access which could have lead to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation (bsc#1105322).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently had a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bsc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bsc#1066674).\n\n\nThe following security bug was previously fixed by has now an assigned CVE number:\n\n- CVE-2018-18386: drivers/tty/n_tty.c in the Linux kernel allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n\n\nThe following non-security bugs were fixed:\n\n- /dev/mem: Add bounce buffer for copy-out (git-fixes).\n- /dev/mem: Avoid overwriting 'err' in read_mem() (git-fixes).\n- 9p/net: Fix zero-copy path in the 9p virtio transport (bsc#1051510).\n- 9p/virtio: fix off-by-one error in sg list bounds check (bsc#1051510).\n- 9p: fix multiple NULL-pointer-dereferences (bsc#1051510).\n- ACPI / APEI: Remove ghes_ioremap_area (bsc#1051510).\n- ACPI / EC: Add another entry for Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Add parameter to force disable the GPE on suspend (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on ThinkPad X1 Yoga 3rd (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on Thinkpad X1 Carbon 6th (bsc#1051510).\n- ACPI / EC: Use ec_no_wakeup on more Thinkpad X1 Carbon 6th systems (bsc#1051510).\n- ACPI / PCI: pci_link: Allow the absence of _PRS and change log level (bsc#1104172).\n- ACPI / PM: save NVS memory for ASUS 1025C laptop (bsc#1051510).\n- ACPI / bus: Only call dmi_check_system on X86 (bsc#1105597, bsc#1106178).\n- ACPI / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- ACPI / scan: Initialize status to ACPI_STA_DEFAULT (bsc#1051510).\n- ACPI/IORT: Remove temporary iort_get_id_mapping_index() ACPICA guard (bsc#1103387).\n- ACPI/PCI: pci_link: reduce verbosity when IRQ is enabled (bsc#1104172).\n- ACPICA: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).\n- ACPICA: iasl: Add SMMUv3 device ID mapping index support (bsc#1103387).\n- ALSA: bebob: fix memory leak for M-Audio FW1814 and ProjectMix I/O at error path (bsc#1051510).\n- ALSA: bebob: use address returned by kmalloc() instead of kernel stack for streaming DMA mapping (bsc#1051510).\n- ALSA: cs46xx: Deliver indirect-PCM transfer error ().\n- ALSA: cs5535audio: Fix invalid endian conversion (bsc#1051510).\n- ALSA: emu10k1: Deliver indirect-PCM transfer error ().\n- ALSA: emu10k1: fix possible info leak to userspace on SNDRV_EMU10K1_IOCTL_INFO (bsc#1051510).\n- ALSA: fireface: fix memory leak in ff400_switch_fetching_mode() (bsc#1051510).\n- ALSA: firewire-digi00x: fix memory leak of private data (bsc#1051510).\n- ALSA: firewire-tascam: fix memory leak of private data (bsc#1051510).\n- ALSA: fireworks: fix memory leak of response buffer at error path (bsc#1051510).\n- ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905) (bsc#1051510).\n- ALSA: hda - Add quirk for ASUS G751 laptop (bsc#1051510).\n- ALSA: hda - Fix cancel_work_sync() stall from jackpoll work (bsc#1051510).\n- ALSA: hda - Fix headphone pin config for ASUS G751 (bsc#1051510).\n- ALSA: hda - Sleep for 10ms after entering D3 on Conexant codecs (bsc#1051510).\n- ALSA: hda - Turn CX8200 into D3 as well upon reboot (bsc#1051510).\n- ALSA: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).\n- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715 (bsc#1051510).\n- ALSA: hda: Add 2 more models to the power_save blacklist (bsc#1051510).\n- ALSA: hda: Add AZX_DCAPS_PM_RUNTIME for AMD Raven Ridge (bsc#1051510).\n- ALSA: hda: Correct Asrock B85M-ITX power_save blacklist entry (bsc#1051510).\n- ALSA: hda: fix unused variable warning (bsc#1051510).\n- ALSA: memalloc: Do not exceed over the requested size (bsc#1051510).\n- ALSA: mips: Deliver indirect-PCM transfer error ().\n- ALSA: msnd: Fix the default sample sizes (bsc#1051510).\n- ALSA: oxfw: fix memory leak for model-dependent data at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of discovered stream formats at error path (bsc#1051510).\n- ALSA: oxfw: fix memory leak of private data (bsc#1051510).\n- ALSA: pcm: Fix negative appl_ptr handling in pcm-indirect helpers ().\n- ALSA: pcm: Fix snd_interval_refine first/last with open min/max (bsc#1051510).\n- ALSA: pcm: Simplify forward/rewind codes ().\n- ALSA: pcm: Use a common helper for PCM state check and hwsync ().\n- ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ().\n- ALSA: rme32: Deliver indirect-PCM transfer error ().\n- ALSA: usb-audio: Fix multiple definitions in AU0828_DEVICE() macro (bsc#1051510).\n- ALSA: usb-audio: update quirk for B W PX to remove microphone (bsc#1051510).\n- ALSA: virmidi: Fix too long output trigger loop (bsc#1051510).\n- ALSA: vx222: Fix invalid endian conversions (bsc#1051510).\n- ALSA: vxpocket: Fix invalid endian conversions (bsc#1051510).\n- ARM: 8780/1: ftrace: Only set kernel memory back to read-only after boot (bsc#1051510).\n- ARM: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).\n- ARM: DRA7/OMAP5: Enable ACTLR[0] (Enable invalidates of BTB) for secondary cores (bsc#1051510).\n- ARM: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- ARM: exynos: Clear global variable on init error path (bsc#1051510).\n- ARM: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: hisi: fix error handling and missing of_node_put (bsc#1051510).\n- ARM: hisi: handle of_iomap and fix missing of_node_put (bsc#1051510).\n- ARM: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).\n- ARM: imx: flag failure of of_iomap (bsc#1051510).\n- ARM: imx_v4_v5_defconfig: Select ULPI support (bsc#1051510).\n- ARM: imx_v6_v7_defconfig: Select ULPI support (bsc#1051510).\n- ARM: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).\n- ARM: pxa: irq: fix handling of ICMR registers in suspend/resume (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: Intel: cht_bsw_max98090: remove useless code, align with ChromeOS driver (bsc#1051510).\n- ASoC: Intel: cht_bsw_max98090_ti: Fix jack initialization (bsc#1051510).\n- ASoC: cs4265: fix MMTLR Data switch control (bsc#1051510).\n- ASoC: dapm: Fix potential DAI widget pointer deref when linking DAIs (bsc#1051510).\n- ASoC: intel: skylake: Add missing break in skl_tplg_get_token() (bsc#1051510).\n- ASoC: msm8916-wcd-digital: fix RX2 MIX1 and RX3 MIX1 (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rsnd: fixup not to call clk_get/set under non-atomic (bsc#1051510).\n- ASoC: rsnd: move rsnd_ssi_config_init() execute condition into it (bsc#1051510).\n- ASoC: rsnd: update pointer more accurate (bsc#1051510).\n- ASoC: rt5514: Add the I2S ASRC support (bsc#1051510).\n- ASoC: rt5514: Add the missing register in the readable table (bsc#1051510).\n- ASoC: rt5514: Eliminate the noise in the ASRC case (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- ASoC: wm8994: Fix missing break in switch (bsc#1051510).\n- Apparmor fixes from git-fixes\n- Backport stable-patches for x86 architecture\n- Bluetooth: Add a new Realtek 8723DE ID 0bda:b009 (bsc#1051510).\n- Bluetooth: Use lock_sock_nested in bt_accept_enqueue (bsc#1051510).\n- Bluetooth: avoid killing an already killed socket (bsc#1051510).\n- Bluetooth: btsdio: Do not bind to non-removable BCM43430 (bsc#1103587).\n- Bluetooth: h5: Fix missing dependency on BT_HCIUART_SERDEV (bsc#1051510).\n- Bluetooth: hidp: Fix handling of strncpy for hid->name information (bsc#1051510).\n- Bluetooth: hidp: buffer overflow in hidp_process_report (bsc#1051510).\n- Btrfs: fix data corruption when deduplicating between different files (bsc#1110647).\n- Btrfs: fix duplicate extents after fsync of file with prealloc extents (bsc#1110644).\n- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- Btrfs: fix fsync after hole punching when using no-holes feature (bsc#1110642).\n- Btrfs: fix loss of prealloc extents past i_size after fsync log replay (bsc#1110643).\n- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- Btrfs: fix return value on rename exchange failure (bsc#1110645).\n- Btrfs: fix send failure when root has deleted files still open (bsc#1110650).\n- Btrfs: rework outstanding_extents (dependency for bsc#1031392).\n- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- Btrfs: sync log after logging new name (bsc#1110646).\n- CIFS: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- Cleanup out-of-tree subsection\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- Do not leak MNT_INTERNAL away from internal mounts (git-fixes).\n- Documentation/l1tf: Fix small spelling typo (bsc#1051510).\n- Documentation: add some docs for errseq_t (bsc#1107008).\n- Documentation: ip-sysctl.txt: document addr_gen_mode (bsc#1051510).\n- Drivers: HV: Send one page worth of kmsg dump over Hyper-V during panic (bsc#1107207).\n- Drivers: hv: vmbus: Add comments on ring buffer signaling (bsc#1107207).\n- Drivers: hv: vmbus: Cleanup synic memory free path (bsc#1107207).\n- Drivers: hv: vmbus: Fix the issue with freeing up hv_ctl_table_hdr (bsc#1107207).\n- Drivers: hv: vmbus: Fix the offer_in_progress in vmbus_process_offer() (bsc#1051510).\n- Drivers: hv: vmbus: Get rid of MSR access from vmbus_drv.c (bsc#1107207).\n- Drivers: hv: vmbus: Implement Direct Mode for stimer0 (bsc#1107207).\n- Drivers: hv: vmbus: Make TLFS #define names architecture neutral (bsc#1107207).\n- Drivers: hv: vmbus: Remove use of slow_virt_to_phys() (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86 MSR refs in arch independent code (bsc#1107207).\n- Drivers: hv: vmbus: Remove x86-isms from arch independent drivers (bsc#1107207).\n- Drivers: hv: vmbus: Removed an unnecessary cast from void * (bsc#1107207).\n- Drivers: hv: vmbus: Reset the channel callback in vmbus_onoffer_rescind() (bsc#1107207).\n- Drivers: hv: vmbus: Use get/put_cpu() in vmbus_connect() (bsc#1107207).\n- Drivers: hv: vmbus: add numa_node to sysfs (bsc#1107207).\n- Drivers: hv: vmbus: do not mark HV_PCIE as perf_device (bsc#1051510).\n- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (bsc#1107207).\n- Drivers: hv: vmbus: respect what we get from hv_get_synint_state() (bsc#1107207).\n- Drivers: hv: vmus: Fix the check for return value from kmsg get dump buffer (bsc#1107207).\n- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).\n- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (bsc#1051510).\n- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).\n- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).\n- EDAC, thunderx: Fix memory leak in thunderx_l2c_threaded_isr() (bsc#1114279).\n- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).\n- EDAC: Fix memleak in module init error path (bsc#1051510).\n- EDAC: Raise the maximum number of memory controllers (bsc#1113780).\n- Filesystem and FUSE fixes from upstream\n- Fix kexec forbidding kernels signed with keys in the secondary keyring to boot (bsc#1110006).\n- HID: add quirk for another PIXART OEM mouse used by HP (bsc#1051510).\n- HID: add support for Apple Magic Keyboards (bsc#1051510).\n- HID: hid-ntrig: add error handling for sysfs_create_group (bsc#1051510).\n- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: i2c-hid: Add no-irq-after-reset quirk for 0911:5288 device ().\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- IB/IPoIB: Set ah valid flag in multicast send flow (bsc#1046307 ).\n- IB/core: type promotion bug in rdma_rw_init_one_mr() (bsc#1046306).\n- IB/hfi1: Invalid NUMA node information can cause a divide by zero (bsc#1060463).\n- IB/hfi1: Remove incorrect call to do_interrupt callback (bsc#1060463).\n- IB/hfi1: Set in_use_ctxts bits for user ctxts only (bsc#1060463 ).\n- IB/ipoib: Avoid a race condition between start_xmit and cm_rep_handler (bsc#1046307).\n- IB/ipoib: Fix error return code in ipoib_dev_init() (bsc#1046307 ).\n- IB/mlx4: Test port number before querying type (bsc#1046302 ).\n- IB/mlx4: Use 4K pages for kernel QP's WQE buffer (bsc#1046302 ).\n- IB/mlx5: fix uaccess beyond 'count' in debugfs read/write handlers (bsc#1046305).\n- Input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- Input: atakbd - fix Atari keymap (bsc#1051510).\n- Input: atmel_mxt_ts - only use first T9 instance (bsc#1051510).\n- Input: edt-ft5x06 - fix error handling for factory mode on non-M06 (bsc#1051510).\n- Input: edt-ft5x06 - implement support for the EDT-M12 series (bsc#1051510).\n- Input: edt-ft5x06 - make distinction between m06/m09/generic more clear (bsc#1051510).\n- Input: elantech - enable middle button of touchpad on ThinkPad P72 (bsc#1051510).\n- Input: synaptics-rmi4 - fix axis-swap behavior (bsc#1051510).\n- KABI: hide new member in struct iommu_table from genksyms (bsc#1061840).\n- KABI: move the new handler to end of machdep_calls and hide it from genksyms (bsc#1094244).\n- KABI: powerpc: export __find_linux_pte as __find_linux_pte_or_hugepte (bsc#1061840).\n- KABI: tpm: change relinquish_locality return value back to void (bsc#1082555).\n- KABI: tpm: do keep the cmd_ready and go_idle as pm ops (bsc#1082555).\n- KVM/VMX: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).\n- KVM/x86: remove WARN_ON() for when vm_munmap() fails (bsc#1106240).\n- KVM: Enforce error in ioctl for compat tasks when !KVM_COMPAT (bsc#1106240).\n- KVM: PPC: Add pt_regs into kvm_vcpu_arch and move vcpu->arch.gpr[] into it (bsc#1061840).\n- KVM: PPC: Avoid marking DMA-mapped pages dirty in real mode (bsc#1061840).\n- KVM: PPC: Book 3S HV: Do ptesync in radix guest exit path (bsc#1061840).\n- KVM: PPC: Book3S HV: Add 'online' register to ONE_REG interface (bsc#1061840).\n- KVM: PPC: Book3S HV: Add of_node_put() in success path (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow HPT and radix on the same core for POWER9 v2.2 (bsc#1061840).\n- KVM: PPC: Book3S HV: Allow creating max number of VCPUs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid crash from THP collapse during radix page fault (bsc#1061840).\n- KVM: PPC: Book3S HV: Avoid shifts by negative amounts (bsc#1061840).\n- KVM: PPC: Book3S HV: Check DR not IR to chose real vs virt mode MMIOs (bsc#1061840).\n- KVM: PPC: Book3S HV: Do SLB load/unload with guest LPCR value loaded (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not truncate HPTE index in xlate function (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use compound_order to determine host mapping size (bsc#1061840).\n- KVM: PPC: Book3S HV: Do not use existing 'prodded' flag for XIVE escalations (bsc#1061840).\n- KVM: PPC: Book3S HV: Enable migration of decrementer register (bsc#1061840).\n- KVM: PPC: Book3S HV: Factor fake-suspend handling out of kvmppc_save/restore_tm (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix VRMA initialization with 2MB or 1GB memory backing (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix conditions for starting vcpu (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix constant size warning (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix duplication of host SLB entries (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of large pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix inaccurate comment (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix kvmppc_bad_host_intr for real mode interrupts (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix trap number return from __kvmppc_vcore_entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Fix typo in kvmppc_hv_get_dirty_log_radix() (bsc#1061840).\n- KVM: PPC: Book3S HV: Handle 1GB pages in radix page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Improve handling of debug-trigger HMIs on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Keep XIVE escalation interrupt masked unless ceded (bsc#1061840).\n- KVM: PPC: Book3S HV: Lockless tlbie for HPT hcalls (bsc#1061840).\n- KVM: PPC: Book3S HV: Make HPT resizing work on POWER9 (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix clear pte when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Make radix use correct tlbie sequence in kvmppc_radix_tlbie_page (bsc#1061840).\n- KVM: PPC: Book3S HV: Make xive_pushed a byte, not a word (bsc#1061840).\n- KVM: PPC: Book3S HV: Pack VCORE IDs to access full VCPU ID space (bsc#1061840).\n- KVM: PPC: Book3S HV: Radix page fault handler optimizations (bsc#1061840).\n- KVM: PPC: Book3S HV: Read kvm->arch.emul_smt_mode under kvm->lock (bsc#1061840).\n- KVM: PPC: Book3S HV: Recursively unmap all page table entries when unmapping (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove useless statement (bsc#1061840).\n- KVM: PPC: Book3S HV: Remove vcpu->arch.dec usage (bsc#1061840).\n- KVM: PPC: Book3S HV: Send kvmppc_bad_interrupt NMIs to Linux handlers (bsc#1061840).\n- KVM: PPC: Book3S HV: Set RWMR on POWER8 so PURR/SPURR count correctly (bsc#1061840).\n- KVM: PPC: Book3S HV: Snapshot timebase offset on guest entry (bsc#1061840).\n- KVM: PPC: Book3S HV: Streamline setting of reference and change bits (bsc#1061840).\n- KVM: PPC: Book3S HV: Use __gfn_to_pfn_memslot() in page fault handler (bsc#1061840).\n- KVM: PPC: Book3S HV: Use a helper to unmap ptes in the radix fault path (bsc#1061840).\n- KVM: PPC: Book3S HV: Use correct pagesize in kvm_unmap_radix() (bsc#1061840, git-fixes).\n- KVM: PPC: Book3S HV: XIVE: Resend re-routed interrupts on CPU priority change (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Do not clear partition PTE when RC or write bits do not match (bsc#1061840).\n- KVM: PPC: Book3S HV: radix: Refine IO region partition scope attributes (bsc#1061840).\n- KVM: PPC: Book3S PR: Add guest MSR parameter for kvmppc_save_tm()/kvmppc_restore_tm() (bsc#1061840).\n- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate file (bsc#1061840).\n- KVM: PPC: Book3S: Add MMIO emulation for VMX instructions (bsc#1061840).\n- KVM: PPC: Book3S: Allow backing bigger guest IOMMU pages with smaller physical pages (bsc#1061840).\n- KVM: PPC: Book3S: Check KVM_CREATE_SPAPR_TCE_64 parameters (bsc#1061840).\n- KVM: PPC: Book3S: Eliminate some unnecessary checks (bsc#1061840).\n- KVM: PPC: Book3S: Fix compile error that occurs with some gcc versions (bsc#1061840).\n- KVM: PPC: Book3S: Fix guest DMA when guest partially backed by THP pages (bsc#1077761, git-fixes, bsc#1103948, bsc#1103949).\n- KVM: PPC: Book3S: Fix matching of hardware and emulated TCE tables (bsc#1061840).\n- KVM: PPC: Book3S: Use correct page shift in H_STUFF_TCE (bsc#1061840).\n- KVM: PPC: Fix a mmio_host_swabbed uninitialized usage issue (bsc#1061840).\n- KVM: PPC: Make iommu_table::it_userspace big endian (bsc#1061840).\n- KVM: PPC: Move nip/ctr/lr/xer registers to pt_regs in kvm_vcpu_arch (bsc#1061840).\n- KVM: PPC: Use seq_puts() in kvmppc_exit_timing_show() (bsc#1061840).\n- KVM: SVM: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- KVM: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1106240).\n- KVM: VMX: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: VMX: raise internal error for exception during invalid protected mode state (bsc#1110006).\n- KVM: VMX: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- KVM: X86: Fix reserved bits check for MOV to CR3 (bsc#1110006).\n- KVM: X86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- KVM: X86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).\n- KVM: hyperv: idr_find needs RCU protection (bsc#1107207).\n- KVM: introduce kvm_make_vcpus_request_mask() API (bsc#1107207).\n- KVM: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).\n- KVM: nVMX: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).\n- KVM: nVMX: Do not flush TLB when vmcs12 uses VPID (bsc#1106240).\n- KVM: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).\n- KVM: nVMX: Fix injection to L2 when L1 do not intercept external-interrupts (bsc#1106240).\n- KVM: nVMX: Fix races when sending nested PI while dest enters/leaves L2 (bsc#1106240).\n- KVM: nVMX: Re-evaluate L1 pending events when running L2 and L1 got posted-interrupt (bsc#1106240).\n- KVM: s390: add etoken support for guests (bsc#1106948, LTC#171029).\n- KVM: s390: force bp isolation for VSIE (bsc#1103421).\n- KVM: s390: implement CPU model only facilities (bsc#1106948, LTC#171029).\n- KVM: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).\n- KVM: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).\n- KVM: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- KVM: x86: Change __kvm_apic_update_irr() to also return if max IRR updated (bsc#1106240).\n- KVM: x86: Default to not allowing emulation retry in kvm_mmu_page_fault (bsc#1106240).\n- KVM: x86: Do not re-{try,execute} after failed emulation in L2 (bsc#1106240).\n- KVM: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).\n- KVM: x86: Invert emulation re-execute behavior to make it opt-in (bsc#1106240).\n- KVM: x86: Merge EMULTYPE_RETRY and EMULTYPE_ALLOW_REEXECUTE (bsc#1106240).\n- KVM: x86: SVM: Call x86_spec_ctrl_set_guest/host() with interrupts disabled (git-fixes 1f50ddb4f418).\n- KVM: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).\n- KVM: x86: VMX: hyper-v: Enlightened MSR-Bitmap support (bsc#1107207).\n- KVM: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- KVM: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (bsc#1107207).\n- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1107207).\n- KVM: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).\n- KVM: x86: fix APIC page invalidation (bsc#1106240).\n- KVM: x86: fix escape of guest dr6 to the host (bsc#1110006).\n- KVM: x86: hyperv: do rep check for each hypercall separately (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} implementation (bsc#1107207).\n- KVM: x86: hyperv: simplistic HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE}_EX implementation (bsc#1107207).\n- KVM: x86: hyperv: use defines when parsing hypercall parameters (bsc#1107207).\n- KVM: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).\n- Kbuild: fix # escaping in .cmd files for future Make (git-fixes).\n- Limit kernel-source build to architectures for which we build binaries (bsc#1108281).\n- MAINTAINERS: fix location of ina2xx.txt device tree file (bsc#1051510).\n- NET: stmmac: align DMA stuff to largest cache line length (netfilter-stable-18_08_01).\n- NFC: Fix possible memory corruption when handling SHDLC I-Frame commands (bsc#1051510).\n- NFC: nfcmrvl_uart: fix OF child-node lookup (bsc#1051510).\n- NFC: trf7970a: fix check of clock frequencies (bsc#1051510).\n- NFS/filelayout: Fix racy setting of fl->dsaddr in filelayout_check_deviceid() (bsc#1105190).\n- NFS: Avoid quadratic search when freeing delegations (bsc#1084760).\n- NFS: Use an appropriate work queue for direct-write completion (bsc#1082519).\n- NFSv4 client live hangs after live data migration recovery (git-fixes).\n- NFSv4: Fix a sleep in atomic context in nfs4_callback_sequence() (git-fixes).\n- NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message (git-fixes).\n- Netperf performance issue due to AppArmor net mediation (bsc#1108520)\n- PCI/ASPM: Fix link_state teardown on device removal (bsc#1051510).\n- PCI/portdrv: Compute MSI/MSI-X IRQ vectors after final allocation (bsc#1109806).\n- PCI/portdrv: Factor out Interrupt Message Number lookup (bsc#1109806).\n- PCI: Add PCI resource type mask #define (bsc#1105355).\n- PCI: Add pci_resize_resource() for resizing BARs (bsc#1105355).\n- PCI: Add resizable BAR infrastructure (bsc#1105355).\n- PCI: Allow release of resources that were never assigned (bsc#1105355).\n- PCI: Cleanup PCI_REBAR_CTRL_BAR_SHIFT handling (bsc#1105355).\n- PCI: Match Root Port's MPS to endpoint's MPSS as necessary (bsc#1109269).\n- PCI: OF: Fix I/O space page leak (git-fixes).\n- PCI: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- PCI: Restore resized BAR state on resume (bsc#1105355).\n- PCI: Skip MPS logic for Virtual Functions (VFs) (bsc#1051510).\n- PCI: aardvark: Fix I/O space page leak (git-fixes).\n- PCI: aardvark: Size bridges before resources allocation (bsc#1109806).\n- PCI: designware: Fix I/O space page leak (bsc#1109806).\n- PCI: dwc: Fix scheduling while atomic issues (git-fixes).\n- PCI: faraday: Add missing of_node_put() (bsc#1109806).\n- PCI: faraday: Fix I/O space page leak (bsc#1109806).\n- PCI: hotplug: Do not leak pci_slot on registration failure (bsc#1051510).\n- PCI: hv: Convert remove_lock to refcount (bsc#1107207).\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1107207).\n- PCI: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- PCI: hv: Fix return value check in hv_pci_assign_slots() (bsc#1107207).\n- PCI: hv: Make sure the bus domain is really unique (git-fixes).\n- PCI: hv: Remove unused reason for refcount handler (bsc#1107207).\n- PCI: hv: Replace GFP_ATOMIC with GFP_KERNEL in new_pcichild_device() (bsc#1107207).\n- PCI: hv: Use effective affinity mask (bsc#1107207).\n- PCI: hv: Use list_for_each_entry() (bsc#1107207).\n- PCI: hv: support reporting serial number as slot information (bsc#1107207).\n- PCI: mvebu: Fix I/O space end address calculation (bsc#1051510).\n- PCI: pciehp: Fix unprotected list iteration in IRQ handler (bsc#1051510).\n- PCI: pciehp: Fix use-after-free on unplug (bsc#1051510).\n- PCI: versatile: Fix I/O space page leak (bsc#1109806).\n- PCI: xgene: Fix I/O space page leak (bsc#1109806).\n- PCI: xilinx-nwl: Add missing of_node_put() (bsc#1109806).\n- PCI: xilinx: Add missing of_node_put() (bsc#1109806).\n- PM / Domains: Fix error path during attach in genpd (bsc#1051510).\n- PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).\n- PM / clk: signedness bug in of_pm_clk_add_clks() (bsc#1051510).\n- PM / core: Clear the direct_complete flag on errors (bsc#1051510).\n- PM / runtime: Drop usage count for suppliers at device link removal (bsc#1100132).\n- PM / sleep: wakeup: Fix build error caused by missing SRCU support (bsc#1051510).\n- PM: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).\n- RAID10 BUG_ON in raise_barrier when force is true and conf->barrier is 0 (git-fixes).\n- RDMA/bnxt_re: Fix a bunch of off by one bugs in qplib_fp.c (bsc#1050244).\n- RDMA/bnxt_re: Fix a couple off by one bugs (bsc#1050244 ).\n- RDMA/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).\n- RDMA/i40w: Hold read semaphore while looking after VMA (bsc#1058659).\n- RDMA/uverbs: Expand primary and alt AV port checks (bsc#1046306 ).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- Tools: hv: Fix a bug in the key delete code (bsc#1107207).\n- USB: Add quirk to support DJI CineSSD (bsc#1051510).\n- USB: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).\n- USB: cdc-wdm: do not enable interrupts in USB-giveback (bsc#1051510).\n- USB: fix error handling in usb_driver_claim_interface() (bsc#1051510).\n- USB: handle NULL config in usb_find_alt_setting() (bsc#1051510).\n- USB: net2280: Fix erroneous synchronization change (bsc#1051510).\n- USB: option: add support for DW5821e (bsc#1051510).\n- USB: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- USB: serial: cypress_m8: fix interrupt-out transfer length (bsc#1051510).\n- USB: serial: io_ti: fix array underflow in completion handler (bsc#1051510).\n- USB: serial: kobil_sct: fix modem-status error handling (bsc#1051510).\n- USB: serial: pl2303: add a new device id for ATEN (bsc#1051510).\n- USB: serial: sierra: fix potential deadlock at close (bsc#1051510).\n- USB: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- USB: serial: ti_usb_3410_5052: fix array underflow in completion handler (bsc#1051510).\n- USB: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- USB: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).\n- Update config files, make CRYPTO_CRCT10DIF_PCLMUL built-in (bsc#1105603).\n- VFS: do not test owner for NFS in set_posix_acl() (bsc#1103405).\n- Workaround for mysterious NVMe breakage with i915 CFL (bsc#1111040).\n- Workaround kABI breakage by __must_check drop of strscpy() (bsc#1051510).\n- X86/Hyper-V: Add flush HvFlushGuestPhysicalAddressSpace hypercall support (bsc#1107207).\n- X86/Hyper-V: Add hyperv_nested_flush_guest_mapping ftrace support (bsc#1107207).\n- X86/Hyper-V: Consolidate code for converting cpumask to vpset (bsc#1107207).\n- X86/Hyper-V: Consolidate the allocation of the hypercall input page (bsc#1107207).\n- X86/Hyper-V: Enable IPI enlightenments (bsc#1107207).\n- X86/Hyper-V: Enhanced IPI enlightenment (bsc#1107207).\n- X86/Hyper-V: Enlighten APIC access (bsc#1107207).\n- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).\n- affs_lookup(): close a race with affs_remove_link() (bsc#1105355).\n- ahci: Add Intel Ice Lake LP PCI ID (bsc#1051510).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).\n- apparmor: Fix regression in profile conflict logic (bsc#1106427)\n- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).\n- apparmor: ensure that undecidable profile attachments fail (bsc#1106427).\n- apparmor: fix an error code in __aa_create_ns() (bsc#1106427).\n- apparmor: fix mediation of prlimit (bsc#1051510).\n- apparmor: fix memory leak when deduping profile load (bsc#1051510).\n- apparmor: fix ptrace read check (bsc#1051510).\n- apparmor: remove no-op permission check in policy_unpack (bsc#1106427).\n- arm/asm/tlb.h: Fix build error implicit func declaration (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- arm64/acpi: Create arch specific cpu to acpi id helper (bsc#1106903).\n- arm64/kasan: do not allocate extra shadow memory (bsc#1106897).\n- arm64/mm/kasan: do not use vmemmap_populate() to initialize shadow (bsc#1106898).\n- arm64: Enforce BBM for huge IO/VMAP mappings (bsc#1106890).\n- arm64: Ignore hardware dirty bit updates in ptep_set_wrprotect() (bsc#1108010).\n- arm64: Make sure permission updates happen for pmd/pud (bsc#1106891).\n- arm64: dma-mapping: clear buffers allocated with FORCE_CONTIGUOUS flag (bsc#1106902).\n- arm64: enable thunderx gpio driver\n- arm64: export memblock_reserve()d regions via /proc/iomem (bsc#1106892).\n- arm64: fix unwind_frame() for filtered out fn for function graph tracing (bsc#1106900).\n- arm64: fix vmemmap BUILD_BUG_ON() triggering on !vmemmap setups (bsc#1106896).\n- arm64: fpsimd: Avoid FPSIMD context leakage for the init task (bsc#1106894).\n- arm64: kasan: avoid pfn_to_nid() before page array is initialized (bsc#1106899).\n- arm64: mm: Ensure writes to swapper are ordered wrt subsequent cache maintenance (bsc#1106906).\n- arm64: mm: check for upper PAGE_SHIFT bits in pfn_valid() (bsc#1106893).\n- arm64: move patches to sorted section\n- arm64: numa: rework ACPI NUMA initialization (bsc#1106905).\n- arm64: vgic-v2: Fix proxying of cpuif access (bsc#1106901).\n- asix: Check for supported Wake-on-LAN modes (bsc#1051510).\n- ata: Fix ZBC_OUT all bit handling (bsc#1051510).\n- ata: Fix ZBC_OUT command block check (bsc#1051510).\n- ata: libahci: Allow reconfigure of DEVSLP register (bsc#1051510).\n- ata: libahci: Correct setting of DEVSLP register (bsc#1051510).\n- ath10k: disable bundle mgmt tx completion event support (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: prevent active scans on potential unusable channels (bsc#1051510).\n- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).\n- ath10k: update the phymode along with bandwidth change request (bsc#1051510).\n- ath9k: add MSI support ().\n- ath9k: report tx status on EOSP (bsc#1051510).\n- ath9k_hw: fix channel maximum power level test (bsc#1051510).\n- atm: Preserve value of skb->truesize when accounting to vcc (networking-stable-18_07_19).\n- atm: horizon: Fix irq release error (bsc#1105355).\n- atm: zatm: Fix potential Spectre v1 (networking-stable-18_07_19).\n- atm: zatm: fix memcmp casting (bsc#1105355).\n- audit: Fix extended comparison of GID/EGID (bsc#1051510).\n- audit: allow not equal op for audit by executable (bsc#1051510).\n- audit: fix use-after-free in audit_add_watch (bsc#1051510).\n- autofs: fix autofs_sbi() does not check super block type (git-fixes).\n- autofs: fix slab out of bounds read in getname_kernel() (git-fixes).\n- autofs: mount point create should honour passed in mode (git-fixes).\n- ax88179_178a: Check for supported Wake-on-LAN modes (bsc#1051510).\n- b43/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- b43legacy/leds: Ensure NUL-termination of LED name string (bsc#1051510).\n- badblocks: fix wrong return value in badblocks_set if badblocks are disabled (git-fixes).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).\n- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).\n- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).\n- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated global TT entry (bsc#1051510).\n- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).\n- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: fix error setting writeback_rate through sysfs interface.\n- bcache: free heap cache_set->flush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc->writeback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle.\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).\n- be2net: remove unused old AIC info (bsc#1086288).\n- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).\n- binfmt_elf: Respect error return from `regset->active' (bsc#1051510).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- blk-mq: avoid to synchronize rcu inside blk_cleanup_queue() (bsc#1077989).\n- blkdev: __blkdev_direct_IO_simple: fix leak in error case (bsc#1083663).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block, bfq: return nbytes and not zero from struct cftype .write() method (bsc#1106238).\n- block, dax: remove dead code in blkdev_writepages() (bsc#1104888).\n- block: Invalidate cache on discard v2 (bsc#1109992).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bio_iov_iter_get_pages: fix size of last iovec (bsc#1083663).\n- block: bio_iov_iter_get_pages: pin more pages for multi-segment IOs (bsc#1083663).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- block: do not print a message when the device went away (bsc#1098459).\n- block: do not warn for flush on read-only device (bsc#1107756).\n- block: fix warning when I/O elevator is changed as request_queue is being removed (bsc#1109979).\n- block: pass inclusive 'lend' parameter to truncate_inode_pages_range (bsc#1109992).\n- block: properly protect the 'queue' kobj in blk_unregister_queue (bsc#1109979).\n- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).\n- bnxt_en: Clean up unused functions (bsc#1086282).\n- bnxt_en: Do not adjust max_cp_rings by the ones used by RDMA (bsc#1086282).\n- bnxt_en: Fix VF mac address regression (bsc#1086282 ).\n- bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1050244).\n- bonding: avoid lockdep confusion in bond_get_stats() (netfilter-stable-18_08_04).\n- bpf, s390: fix potential memleak when later bpf_jit_prog fails (bsc#1083647).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: fix references to free_bpf_prog_info() in comments (bsc#1083647).\n- bpf: fix uninitialized variable in bpf tools (bsc#1083647).\n- bpf: hash map: decrement counter on error (bsc#1083647).\n- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).\n- bpf: powerpc64: pad function address loads with NOPs (bsc#1083647).\n- bpf: use GFP_ATOMIC instead of GFP_KERNEL in bpf_parse_prog() (bsc#1083647).\n- brcmfmac: stop watchdog before detach and free everything (bsc#1051510).\n- brcmsmac: fix wrap around in conversion from constant to s16 (bsc#1051510).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Enhance btrfs_trim_fs function to handle error better (Dependency for bsc#1113667).\n- btrfs: Ensure btrfs_trim_fs can trim the whole filesystem (bsc#1113667).\n- btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device (bsc#1097105).\n- btrfs: Fix wrong btrfs_delalloc_release_extents parameter (bsc#1031392).\n- btrfs: Handle error from btrfs_uuid_tree_rem call in _btrfs_ioctl_set_received_subvol (bsc#1097105).\n- btrfs: Introduce mount time chunk dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Manually implement device_total_bytes getter/setter (bsc#1043912).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Remove unused parameters from various functions (bsc#1110649).\n- btrfs: Round down values which are written for total_bytes_size (bsc#1043912).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: add a comp_refs() helper (dependency for bsc#1031392).\n- btrfs: add tracepoints for outstanding extents mods (dependency for bsc#1031392).\n- btrfs: check-integrity: Fix NULL pointer dereference for degraded mount (bsc#1107947).\n- btrfs: cleanup extent locking sequence (dependency for bsc#1031392).\n- btrfs: delayed-inode: Remove wrong qgroup meta reservation calls (bsc#1031392).\n- btrfs: delayed-inode: Use new qgroup meta rsv for delayed inode and item (bsc#1031392).\n- btrfs: fix error handling in btrfs_dev_replace_start (bsc#1107535).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- btrfs: log csums for all modified extents (bsc#1110639).\n- btrfs: make the delalloc block rsv per inode (dependency for bsc#1031392).\n- btrfs: qgroup: Add quick exit for non-fs extents (dependency for bsc#1031392).\n- btrfs: qgroup: Cleanup btrfs_qgroup_prepare_account_extents function (dependency for bsc#1031392).\n- btrfs: qgroup: Cleanup the remaining old reservation counters (bsc#1031392).\n- btrfs: qgroup: Commit transaction in advance to reduce early EDQUOT (bsc#1031392).\n- btrfs: qgroup: Do not use root->qgroup_meta_rsv for qgroup (bsc#1031392).\n- btrfs: qgroup: Fix qgroup reserved space underflow by only freeing reserved ranges (dependency for bsc#1031392).\n- btrfs: qgroup: Fix qgroup reserved space underflow caused by buffered write and quotas being enabled (dependency for bsc#1031392).\n- btrfs: qgroup: Fix wrong qgroup reservation update for relationship modification (bsc#1031392).\n- btrfs: qgroup: Introduce extent changeset for qgroup reserve functions (dependency for bsc#1031392).\n- btrfs: qgroup: Introduce function to convert META_PREALLOC into META_PERTRANS (bsc#1031392).\n- btrfs: qgroup: Introduce helpers to update and access new qgroup rsv (bsc#1031392).\n- btrfs: qgroup: Make qgroup_reserve and its callers to use separate reservation type (bsc#1031392).\n- btrfs: qgroup: Return actually freed bytes for qgroup release or free data (dependency for bsc#1031392).\n- btrfs: qgroup: Skeleton to support separate qgroup reservation type (bsc#1031392).\n- btrfs: qgroup: Split meta rsv type into meta_prealloc and meta_pertrans (bsc#1031392).\n- btrfs: qgroup: Update trace events for metadata reservation (bsc#1031392).\n- btrfs: qgroup: Update trace events to use new separate rsv types (bsc#1031392).\n- btrfs: qgroup: Use independent and accurate per inode qgroup rsv (bsc#1031392).\n- btrfs: qgroup: Use root::qgroup_meta_rsv_* to record qgroup meta reserved space (bsc#1031392).\n- btrfs: qgroup: Use separate meta reservation type for delalloc (bsc#1031392).\n- btrfs: remove type argument from comp_tree_refs (dependency for bsc#1031392).\n- btrfs: round down size diff when shrinking/growing device (bsc#1097105).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (follow up for bsc#1108096).\n- btrfs: scrub: Do not use inode pages for device replace (follow up for bsc#1108096).\n- btrfs: switch args for comp_*_refs (dependency for bsc#1031392).\n- btrfs: tests/qgroup: Fix wrong tree backref level (bsc#1107928).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- ceph: fix incorrect use of strncpy (bsc#1107319).\n- ceph: return errors from posix_acl_equiv_mode() correctly (bsc#1107320).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cfg80211: nl80211_update_ft_ies() to validate NL80211_ATTR_IE (bsc#1051510).\n- cfg80211: reg: Init wiphy_idx in regulatory_hint_core() (bsc#1051510).\n- cgroup: avoid copying strings longer than the buffers (bsc#1051510).\n- cifs: Fix stack out-of-bounds in smb{2,3}_create_lease_buf() (bsc#1051510).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: check kmalloc before use (bsc#1051510).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).\n- cifs: store the leaseKey in the fid on SMB2_open (bsc#1051510).\n- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).\n- clk: core: Potentially free connection id (bsc#1051510).\n- clk: imx6ul: fix missing of_node_put() (bsc#1051510).\n- clk: meson: gxbb: remove HHI_GEN_CLK_CTNL duplicate definition (bsc#1051510).\n- clk: mvebu: armada-38x: add support for 1866MHz variants (bsc#1105355).\n- clk: mvebu: armada-38x: add support for missing clocks (bsc#1105355).\n- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).\n- clk: rockchip: fix clk_i2sout parent selection bits on rk3399 (bsc#1051510).\n- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- cls_matchall: fix tcf_unbind_filter missing (networking-stable-18_08_21).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- coresight: Handle errors in finding input/output ports (bsc#1051510).\n- coresight: tpiu: Fix disabling timeouts (bsc#1051510).\n- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).\n- cpufreq / CPPC: Set platform specific transition_delay_us (bsc#1101480).\n- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bsc#1108841).\n- cpufreq: CPPC: Do not set transition_latency (bsc#1101480).\n- cpufreq: CPPC: Use transition_delay_us depending transition_latency (bsc#1101480).\n- cpufreq: remove setting of policy->cpu in policy->cpus during init (bsc#1101480).\n- crypto: ablkcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: blkcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: caam - fix implicit casts in endianness helpers (bsc#1051510).\n- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).\n- crypto: caam/jr - fix descriptor DMA unmapping (bsc#1051510).\n- crypto: caam/qi - fix error path in xts setkey (bsc#1051510).\n- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).\n- crypto: ccp - Check for NULL PSP pointer at module unload (bsc#1051510).\n- crypto: ccp - Fix command completion detection race (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: clarify licensing of OpenSSL asm code ().\n- crypto: lrw - Fix out-of bounds access on counter overflow (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- crypto: sharah - Unregister correct algorithms for SAHARA 3 (bsc#1051510).\n- crypto: skcipher - Fix -Wstringop-truncation warnings (bsc#1051510).\n- crypto: skcipher - fix aligning block size in skcipher_copy_iv() (bsc#1051510).\n- crypto: skcipher - fix crash flushing dcache in error path (bsc#1051510).\n- crypto: tcrypt - fix ghash-generic speed test (bsc#1051510).\n- crypto: vmac - require a block cipher with 128-bit block size (bsc#1051510).\n- crypto: vmac - separate tfm and request context (bsc#1051510).\n- crypto: vmx - Fix sleep-in-atomic bugs (bsc#1051510).\n- crypto: vmx - Use skcipher for ctr fallback to SLE12-SP4 (bsc#1106464).\n- crypto: x86/sha256-mb - fix digest copy in sha256_mb_mgr_get_comp_job_avx2() (bsc#1051510).\n- cxgb4: Fix the condition to check if the card is T5 (bsc#1097585 bsc#1097586 bsc#1097587 bsc#1097588 bsc#1097583 bsc#1097584).\n- cxgb4: fix abort_req_rss6 struct (bsc#1046540).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).\n- cxl: Configure PSL to not use APC virtual machines (bsc#1055014, git-fixes).\n- cxl: Fix wrong comparison in cxl_adapter_context_get() (bsc#1055014, git-fixes).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- dax: Introduce a ->copy_to_iter dax operation (bsc#1098782).\n- dax: Make extension of dax_operations transparent (bsc#1098782).\n- dax: Report bytes remaining in dax_iomap_actor() (bsc#1098782).\n- dax: remove VM_MIXEDMAP for fsdax and device dax (bsc#1106007).\n- dax: remove default copy_from_iter fallback (bsc#1098782). \n- dax: require 'struct page' by default for filesystem dax (bsc#1104888).\n- dax: store pfns in the radix (bsc#1104888).\n- dccp: fix undefined behavior with 'cwnd' shift in ccid2_cwnd_restart() (netfilter-stable-18_08_17).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- declance: Fix continuation with the adapter identification message (bsc#1051510).\n- device-dax: Add missing address_space_operations (bsc#1107783).\n- device-dax: Enable page_mapping() (bsc#1107783).\n- device-dax: Set page->index (bsc#1107783).\n- devicectree: bindings: fix location of leds common file (bsc#1051510).\n- dma-buf: remove redundant initialization of sg_table (bsc#1051510).\n- dmaengine: hsu: Support dmaengine_terminate_sync() (bsc#1051510).\n- dmaengine: idma64: Support dmaengine_terminate_sync() (bsc#1051510).\n- dmaengine: mv_xor_v2: kill the tasklets upon exit (bsc#1051510).\n- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).\n- do d_instantiate/unlock_new_inode combinations safely (git-fixes).\n- doc/README.SUSE: Remove mentions of cloneconfig (bsc#1103636).\n- driver core: add __printf verification to __ata_ehi_pushv_desc (bsc#1051510).\n- drivers/base: stop new probing during shutdown (bsc#1051510).\n- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).\n- drm/amd/pp/Polaris12: Fix a chunk of registers missed to program (bsc#1051510).\n- drm/amdgpu/powerplay: fix missing break in switch statements (bsc#1113722)\n- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).\n- drm/amdgpu: Fix RLC safe mode test in gfx_v9_0_enter_rlc_safe_mode (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: add new polaris pci id (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: fix swapped emit_ib_size in vce3 (bsc#1051510).\n- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).\n- drm/amdgpu: update tmr mc address (bsc#1100132).\n- drm/amdgpu:add new firmware id for VCN (bsc#1051510).\n- drm/amdgpu:add tmr mc address into amdgpu_firmware_info (bsc#1051510).\n- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).\n- drm/arm/malidp: Preserve LAYER_FORMAT contents when setting format (bsc#1051510).\n- drm/armada: fix colorkey mode property (bsc#1051510).\n- drm/armada: fix irq handling (bsc#1051510).\n- drm/bridge/sii8620: Fix display of packed pixel modes (bsc#1051510).\n- drm/bridge/sii8620: fix display of packed pixel modes in MHL2 (bsc#1051510).\n- drm/bridge/sii8620: fix loops in EDID fetch logic (bsc#1051510).\n- drm/bridge: adv7511: Reset registers on hotplug (bsc#1051510).\n- drm/edid: Add 6 bpc quirk for SDC panel in Lenovo B50-80 (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/exynos: decon5433: Fix WINCONx reset value (bsc#1051510).\n- drm/exynos: decon5433: Fix per-plane global alpha for XRGB modes (bsc#1051510).\n- drm/exynos: gsc: Fix support for NV16/61, YUV420/YVU420 and YUV422 modes (bsc#1051510).\n- drm/fb-helper: Fix typo on kerneldoc (bsc#1051510).\n- drm/hisilicon: hibmc: Do not carry error code in HiBMC framebuffer (bsc#1113722)\n- drm/hisilicon: hibmc: Do not overwrite fb helper surface depth (bsc#1113722)\n- drm/i915/aml: Introducing Amber Lake platform ().\n- drm/i915/audio: Fix audio enumeration issue on BXT ().\n- drm/i915/audio: Hook up component bindings even if displays are (bsc#1113722)\n- drm/i915/cfl: Add a new CFL PCI ID ().\n- drm/i915/dp: Link train Fallback on eDP only if fallback link BW can fit panel's native mode (bsc#1051510).\n- drm/i915/gen9+: Fix initial readout for Y tiled framebuffers (bsc#1113722)\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915/gvt: Fix the incorrect length of child_device_config issue (bsc#1051510).\n- drm/i915/gvt: Off by one in intel_vgpu_write_fence() (bsc#1051510).\n- drm/i915/gvt: clear ggtt entries when destroy vgpu (bsc#1051510).\n- drm/i915/gvt: request srcu_read_lock before checking if one gfn is valid (bsc#1051510).\n- drm/i915/kvmgt: Fix potential Spectre v1 (bsc#1051510).\n- drm/i915/lpe: Mark LPE audio runtime pm as 'no callbacks' (bsc#1051510).\n- drm/i915/overlay: Allocate physical registers from stolen (bsc#1051510).\n- drm/i915/whl: Introducing Whiskey Lake platform ().\n- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)\n- drm/i915: Increase LSPCON timeout (bsc#1051510).\n- drm/i915: Nuke the LVDS lid notifier (bsc#1051510).\n- drm/i915: Only show debug for state changes when banning (bsc#1051510).\n- drm/i915: Restore user forcewake domains across suspend (bsc#1100132).\n- drm/i915: Restore vblank interrupts earlier (bsc#1051510).\n- drm/i915: Unmask user interrupts writes into HWSP on snb/ivb/vlv/hsw (bsc#1051510).\n- drm/i915: set DP Main Stream Attribute for color range on DDI platforms (bsc#1051510).\n- drm/imx: imx-ldb: check if channel is enabled before printing warning (bsc#1051510).\n- drm/imx: imx-ldb: disable LDB on driver bind (bsc#1051510).\n- drm/mediatek: fix OF sibling-node lookup (bsc#1106110)\n- drm/modes: Introduce drm_mode_match() ().\n- drm/msm: fix OF child-node lookup (bsc#1106110)\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).\n- drm/nouveau/drm/nouveau: Fix bogus drm_kms_helper_poll_enable() placement (bsc#1051510).\n- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).\n- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).\n- drm/nouveau: Do not disable polling in fallback mode (bsc#1103356).\n- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).\n- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).\n- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).\n- drm/panel: type promotion bug in s6e8aa0_read_mtp_id() (bsc#1051510).\n- drm/rockchip: lvds: add missing of_node_put (bsc#1051510).\n- drm/sti: do not remove the drm_bridge that was never added (bsc#1100132)\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).\n- drm/tegra: Check for malformed offsets and sizes in the 'submit' IOCTL (bsc#1106170).\n- drm/tegra: Fix comparison operator for buffer size (bsc#1100132).\n- drm/vc4: Fix the 'no scaling' case on multi-planar YUV formats (bsc#1051510).\n- drm/virtio: fix bounds check in virtio_gpu_cmd_get_capset() (bsc#1113722)\n- drm: Add DRM client cap for aspect-ratio ().\n- drm: Add and handle new aspect ratios in DRM layer ().\n- drm: Add aspect ratio parsing in DRM layer ().\n- drm: Expose modes with aspect ratio, only if requested ().\n- drm: Handle aspect ratio info in legacy modeset path ().\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm: mali-dp: Enable Global SE interrupts mask for DP500 (bsc#1051510).\n- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).\n- dwc2: gadget: Fix ISOC IN DDMA PID bitfield value calculation (bsc#1051510).\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).\n- enable CONFIG_SCSI_MQ_DEFAULT (bsc#1107207)\n- enable MLX5 in azure (bsc#1108260)\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- errseq: Add to documentation tree (bsc#1107008).\n- errseq: Always report a writeback error once (bsc#1107008).\n- ethtool: Remove trailing semicolon for static inline (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).\n- ext2, dax: introduce ext2_dax_aops (bsc#1104888).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext2: auto disable dax instead of failing mount (bsc#1104888).\n- ext4, dax: add ext4_bmap to ext4_dax_aops (bsc#1104888).\n- ext4, dax: introduce ext4_dax_aops (bsc#1104888).\n- ext4, dax: set ext4_dax_aops for dax files (bsc#1104888).\n- ext4: auto disable dax instead of failing mount (bsc#1104888).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- ext4: sysfs: print ext4_super_block fields as little-endian (bsc#1106229).\n- extcon: Release locking when sending the notification of connector state (bsc#1051510).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106233).\n- f2fs: remove unneeded memory footprint accounting (bsc#1106297).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106231).\n- f2fs: validate before set/clear free nat bitmap (bsc#1106297).\n- fat: fix memory allocation failure handling of match_strdup() (bsc#1051510).\n- fb: fix lost console when the user unplugs a USB adapter (bsc#1051510).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- fbdev/via: fix defined but not used warning (bsc#1051510).\n- fbdev: Distinguish between interlaced and progressive modes (bsc#1051510).\n- fbdev: omapfb: off by one in omapfb_register_client() (bsc#1051510).\n- filesystem-dax: Introduce dax_lock_mapping_entry() (bsc#1107783).\n- filesystem-dax: Set page->index (bsc#1107783).\n- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- fix __legitimize_mnt()/mntput() race (bsc#1106297).\n- fix a page leak in vhost_scsi_iov_to_sgl() error recovery (bsc#1051510).\n- fix mntput/mntput race (bsc#1106297).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs, dax: prepare for dax-specific address_space_operations (bsc#1104888).\n- fs, dax: use page->mapping to warn if truncate collides with a busy page (bsc#1104888).\n- fs/9p/xattr.c: catch the error of p9_client_clunk when setting xattr failed (bsc#1051510).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (git-fixes).\n- fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table (bsc#1106297).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- fs: dcache: Avoid livelock between d_alloc_parallel and __d_add (git-fixes).\n- fs: dcache: Use READ_ONCE when accessing i_dir_seq (git-fixes).\n- fuse: Add missed unlock_page() to fuse_readpages_fill() (bsc#1106291).\n- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).\n- fuse: Fix oops at process_init_reply() (bsc#1106291).\n- fuse: fix double request_end() (bsc#1106291).\n- fuse: fix initial parallel dirops (bsc#1106291).\n- fuse: fix unlocked access to processing queue (bsc#1106291).\n- fuse: umount should wait for all requests (bsc#1106291).\n- gen_stats: Fix netlink stats dumping in the presence of padding (netfilter-stable-18_07_23).\n- genirq: Add handle_fasteoi_{level,edge}_irq flow handlers (bsc#1105378).\n- genirq: Export more irq_chip_*_parent() functions (bsc#1105378).\n- getname_kernel() needs to make sure that ->name != ->iname in long case (git-fixes).\n- getxattr: use correct xattr length (bsc#1106235).\n- getxattr: use correct xattr length (bsc#1106297).\n- gpio: Add gpio driver support for ThunderX and OCTEON-TX (bsc#1105378).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpio: Fix wrong rounding in gpio-menz127 (bsc#1051510).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).\n- gpio: ml-ioh: Fix buffer underwrite on probe error path (bsc#1051510).\n- gpio: pxa: Fix potential NULL dereference (bsc#1051510).\n- gpio: tegra: Move driver registration to subsys_init level (bsc#1051510).\n- gpio: thunderx: fix error return code in thunderx_gpio_probe() (bsc#1105378).\n- gpio: thunderx: remove unused .map() hook from irq_domain_ops (bsc#1105378).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpiolib-acpi: make sure we trigger edge events at least once on boot (bsc#1051510).\n- gpiolib: Free the last requested descriptor (bsc#1051510).\n- gpiolib: Mark gpio_suffixes array with __maybe_unused (bsc#1051510).\n- gpiolib: acpi: Switch to cansleep version of GPIO library call (bsc#1051510).\n- gpu: host1x: Check whether size of unpin isn't 0 (bsc#1051510).\n- gpu: ipu-v3: csi: pass back mbus_code_to_bus_cfg error codes (bsc#1051510).\n- gpu: ipu-v3: default to id 0 on missing OF alias (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hotplug/cpu: Add operation queuing function ().\n- hotplug/cpu: Conditionally acquire/release DRC index ().\n- hotplug/cpu: Provide CPU readd operation ().\n- hv: Synthetic typo correction (bsc#1107207).\n- hv: add SPDX license id to Kconfig (bsc#1107207).\n- hv: add SPDX license to trace (bsc#1107207).\n- hv: avoid crash in vmbus sysfs files (bsc#1108377).\n- hv_balloon: trace post_status (bsc#1107207).\n- hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (bsc#1107207).\n- hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1107207).\n- hv_netvsc: Add per-cpu ethtool stats for netvsc (bsc#1107207).\n- hv_netvsc: Add range checking for rx packet offset and length (bsc#1107207).\n- hv_netvsc: Clean up extra parameter from rndis_filter_receive_data() (bsc#1107207).\n- hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1107207).\n- hv_netvsc: Fix the return status in RX path (bsc#1107207).\n- hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1107207).\n- hv_netvsc: Pass net_device parameter to revoke and teardown functions (bsc#1107207).\n- hv_netvsc: add trace points (bsc#1107207).\n- hv_netvsc: fix bogus ifalias on network device (bsc#1107207).\n- hv_netvsc: fix network namespace issues with VF support (bsc#1107207).\n- hv_netvsc: fix schedule in RCU context ().\n- hv_netvsc: fix schedule in RCU context (bsc#1107207).\n- hv_netvsc: fix vf serial matching with pci slot info (bsc#1107207).\n- hv_netvsc: ignore devices that are not PCI (bsc#1107207).\n- hv_netvsc: move VF to same namespace as netvsc device (bsc#1107207).\n- hv_netvsc: pair VF based on serial number (bsc#1107207).\n- hv_netvsc: pass netvsc_device to rndis halt (bsc#1107207).\n- hv_netvsc: propogate Hyper-V friendly name into interface alias (bsc#1107207).\n- hv_netvsc: select needed ucs2_string routine (bsc#1107207).\n- hv_netvsc: simplify receive side calling arguments (bsc#1107207).\n- hv_netvsc: typo in NDIS RSS parameters structure (bsc#1107207).\n- hv_vmbus: Correct the stale comments regarding cpu affinity (bsc#1107207).\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hwrng: core - document the quality field (bsc#1051510).\n- hyper-v: use GFP_KERNEL for hv_context.hv_numa_map (bsc#1107207).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: core: ACPI: Properly set status byte to 0 for multi-byte writes (bsc#1051510).\n- i2c: davinci: Avoid zero value of CLKH (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: i801: Add missing documentation entries for Braswell and Kaby Lake (bsc#1051510).\n- i2c: i801: Add support for Intel Cedar Fork (bsc#1051510).\n- i2c: i801: Add support for Intel Ice Lake (bsc#1051510).\n- i2c: i801: Allow ACPI AML access I/O ports not reserved for SMBus (bsc#1051510).\n- i2c: i801: Consolidate chipset names in documentation and Kconfig (bsc#1051510).\n- i2c: i801: fix DNV's SMBCTRL register offset (bsc#1051510).\n- i2c: imx: Fix race condition in dma read (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- i2c: uniphier-f: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: uniphier: issue STOP only for last message or I2C_M_STOP (bsc#1051510).\n- i2c: xiic: Make the start and the byte count write atomic (bsc#1051510).\n- i2c: xlp9xx: Fix case where SSIF read transaction completes early (bsc#1105907).\n- i2c: xlp9xx: Fix issue seen when updating receive length (bsc#1105907).\n- i2c: xlp9xx: Make sure the transfer size is not more than I2C_SMBUS_BLOCK_SIZE (bsc#1105907).\n- i40e: fix condition of WARN_ONCE for stat strings (bsc#1107522).\n- ib_srpt: Fix a use-after-free in srpt_close_ch() (bsc#1046306 ).\n- ibmvnic: Include missing return code checks in reset function (bsc#1107966).\n- ieee802154: ca8210: fix uninitialised data read (bsc#1051510).\n- ieee802154: fix gcc-4.9 warnings (bsc#1051510).\n- ieee802154: mrf24j40: fix incorrect mask in mrf24j40_stop (bsc#1051510).\n- iio: 104-quad-8: Fix off-by-one error in register selection (bsc#1051510).\n- iio: ad9523: Fix displayed phase (bsc#1051510).\n- iio: ad9523: Fix return value for ad952x_store() (bsc#1051510).\n- iio: adc: at91: fix acking DRDY irq on simple conversions (bsc#1051510).\n- iio: adc: at91: fix wrong channel number in triggered buffer mode (bsc#1051510).\n- iio: adc: imx25-gcq: Fix leak of device_node in mx25_gcq_setup_cfgs() (bsc#1051510).\n- iio: adc: ina2xx: avoid kthread_stop() with stale task_struct (bsc#1051510).\n- iio: adc: sun4i-gpadc: select REGMAP_IRQ (bsc#1051510).\n- iio: sca3000: Fix an error handling path in 'sca3000_probe()' (bsc#1051510).\n- iio: sca3000: Fix missing return in switch (bsc#1051510).\n- ima: based on policy verify firmware signatures (pre-allocated buffer) (bsc#1051510).\n- include/rdma/opa_addr.h: Fix an endianness issue (bsc#1046306 ).\n- input: rohm_bu21023: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).\n- intel_th: Fix device removal logic (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/amd: Add support for IOMMU XT mode ().\n- iommu/amd: Add support for higher 64-bit IOMMU Control Register ().\n- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).\n- iommu/amd: Finish TLB flush in amd_iommu_unmap() (bsc#1106105).\n- iommu/amd: Return devid as alias for ACPI HID devices (bsc#1106105).\n- iommu/amd: make sure TLB to be flushed before IOVA freed (bsc#1106105).\n- iommu/arm-smmu-v3: Do not free page table ops twice (bsc#1106237).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix a potential memory leak (bsc#1106105).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- iommu/vt-d: Ratelimit each dmar fault printing (bsc#1106105).\n- ioremap: Update pgtable free interfaces with addr (bsc#1110006).\n- ip: hash fragments consistently (netfilter-stable-18_07_27).\n- ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull (netfilter-stable-18_07_27).\n- ipc/shm: fix shmat() nil address after round-down when remapping (bsc#1090078).\n- ipmi/powernv: Fix error return code in ipmi_powernv_probe() (git-fixes).\n- ipmi: Fix some counter issues (bsc#1105907).\n- ipmi: Move BT capabilities detection to the detect call (bsc#1106779).\n- ipmi: Remove ACPI SPMI probing from the SSIF (I2C) driver (bsc#1105907).\n- ipmi:bt: Set the timeout before doing a capabilities check (bsc#1051510).\n- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).\n- ipv4: Return EINVAL when ping_group_range sysctl does not map to user ns (netfilter-stable-18_07_23).\n- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).\n- ipv4: remove BUG_ON() from fib_compute_spec_dst (netfilter-stable-18_08_01).\n- ipv6: fix useless rol32 call on hash (netfilter-stable-18_07_23).\n- ipv6: ila: select CONFIG_DST_CACHE (netfilter-stable-18_07_23).\n- ipv6: make DAD fail with enhanced DAD when nonce length differs (netfilter-stable-18_07_23).\n- ipv6: sr: fix passing wrong flags to crypto_alloc_shash() (networking-stable-18_07_19).\n- ipvlan: fix IFLA_MTU ignored on NEWLINK (networking-stable-18_07_19).\n- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bsc#1051510).\n- irqdomain: Add irq_domain_{push,pop}_irq() functions (bsc#1105378).\n- irqdomain: Check for NULL function pointer in irq_domain_free_irqs_hierarchy() (bsc#1105378).\n- irqdomain: Factor out code to add and remove items to and from the revmap (bsc#1105378).\n- irqdomain: Prevent potential NULL pointer dereference in irq_domain_push_irq() (bsc#1105378).\n- irqdomain: Update the comments of fwnode field of irq_domain structure (bsc#1051510).\n- isdn: Disable IIOCDBGVAR (bsc#1051510).\n- iw_cxgb4: remove duplicate memcpy() in c4iw_create_listen() (bsc#1046543).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- iwlwifi: pcie: do not access periphery registers when not available (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- ixgbe: Refactor queue disable logic to take completion time into account (bsc#1101557).\n- ixgbe: Reorder Tx/Rx shutdown to reduce time needed to stop device (bsc#1101557).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- kABI: protect eswitch.h include (kabi).\n- kABI: protect struct nf_conn (kabi).\n- kABI: protect struct vsock_sock (kabi).\n- kABI: reexport tcp_send_ack (kabi).\n- kABI: reexport vsock_pending_work (kabi).\n- kabi fix for check_disk_size_change() (bsc#1098459).\n- kabi protect enum mem_type (bsc#1099125).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kabi protect struct kvm_sync_regs (bsc#1106948).\n- kabi/severities: Whitelist libceph, rbd, and ceph (bsc#1096748).\n- kabi/severities: add qeth inter-module symbols to ignore list.\n- kabi/severities: ignore __xive_vm_h_* KVM internal symbols.\n- kabi/severities: ignore ppc64 realmode helpers. KVM fixes remove exports of realmode_pfn_to_page iommu_tce_xchg_rm mm_iommu_lookup_rm mm_iommu_ua_to_hpa_rm. Some are no longer used and others are no longer exported because the code was consolideted in one place. These helpers are to be called in realmode and linking to them from non-KVM modules is a bug. Hence removing them does not break KABI.\n- kabi: move s390 mm_context_t lock to mm_struct and ignore the change (bsc#1103421).\n- kabi: x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).\n- kernfs: update comment about kernfs_path() return value (bsc#1051510).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).\n- kprobes/x86: Release insn_slot in failure path (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- kvm: arm64: Convert kvm_set_s2pte_readonly() from inline asm to cmpxchg() (bsc#1108010).\n- kvm: nVMX: Fix fault vector for VMX operation at CPL > 0 (bsc#1106105).\n- kvm: nVMX: Use nested_run_pending rather than from_vmentry (bsc#1106240).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- kvm: x86: factor out kvm.arch.hyperv (de)init (bsc#1107207).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).\n- kvm: x86: hyperv: delete dead code in kvm_hv_hypercall() (bsc#1107207).\n- kvm: x86: hyperv: guest->host event signaling via eventfd (bsc#1107207).\n- kvm: x86: vmx: fix vpid leak (bsc#1106240).\n- kvmclock: fix TSC calibration for nested guests (bsc#1110006).\n- l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache (netfilter-stable-18_08_17).\n- lan78xx: Check for supported Wake-on-LAN modes (bsc#1051510).\n- lan78xx: Lan7801 Support for Fixed PHY (bsc#1085262).\n- lan78xx: Set ASD in MAC_CR when EEE is enabled (bsc#1085262).\n- lan78xx: remove redundant initialization of pointer 'phydev' (bsc#1085262).\n- leds: max8997: use mode when calling max8997_led_set_mode (bsc#1051510).\n- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).\n- lib/iov_iter: Fix pipe handling in _copy_to_iter_mcsafe() (bsc#1098782).\n- lib/rhashtable: consider param->min_size when setting initial table size (bsc#1051510).\n- lib/test_hexdump.c: fix failure on big endian cpu (bsc#1051510).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- lib/vsprintf: Remove atomic-unsafe support for %pCr (bsc#1051510).\n- libahci: Fix possible Spectre-v1 pmp indexing in ahci_led_store() (bsc#1051510).\n- libata: Fix command retry decision (bsc#1051510).\n- libata: Fix compile warning with ATA_DEBUG enabled (bsc#1051510).\n- libbpf: Makefile set specified permission mode (bsc#1083647).\n- libceph: check authorizer reply/challenge length before reading (bsc#1096748).\n- libceph: factor out __ceph_x_decrypt() (bsc#1096748).\n- libceph: factor out __prepare_write_connect() (bsc#1096748).\n- libceph: factor out encrypt_authorizer() (bsc#1096748).\n- libceph: store ceph_auth_handshake pointer in ceph_connection (bsc#1096748).\n- libceph: weaken sizeof check in ceph_x_verify_authorizer_reply() (bsc#1096748).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- libertas: fix suspend and resume for SDIO connected cards (bsc#1051510).\n- libnvdimm, btt: fix uninitialized err_lock (bsc#1103961).\n- libnvdimm, dimm: Maximize label transfer size (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: Fix sparse warning (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, label: change nvdimm_num_label_slots per UEFI 2.7 (bsc#1111921, bsc#1113408, bsc#1113972).\n- libnvdimm, nfit: enable support for volatile ranges (bsc#1103961).\n- libnvdimm, nfit: move the check on nd_reserved2 to the endpoint (bsc#1103961).\n- libnvdimm, pmem: Fix memcpy_mcsafe() return code handling in nsio_rw_bytes() (bsc#1098782).\n- libnvdimm, pmem: Restore page attributes when clearing errors (bsc#1107783).\n- libnvdimm: Use max contiguous area for namespace size (git-fixes).\n- libnvdimm: fix ars_status output length calculation (bsc#1104890).\n- libnvdimm: rename nd_sector_size_{show,store} to nd_size_select_{show,store} (bsc#1103961).\n- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).\n- liquidio: fix kernel panic in VF driver (bsc#1067126).\n- livepatch: Remove reliable stacktrace check in klp_try_switch_task() (bsc#1071995).\n- livepatch: Validate module/old func name length (bsc#1071995).\n- livepatch: create and include UAPI headers ().\n- llc: use refcount_inc_not_zero() for llc_sap_find() (netfilter-stable-18_08_17).\n- lockd: fix 'list_add double add' caused by legacy signal interface (git-fixes).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: add stations tied to AP_VLANs during hw reconfig (bsc#1051510).\n- mac80211: always account for A-MSDU header changes (bsc#1051510).\n- mac80211: avoid kernel panic when building AMSDU from non-linear SKB (bsc#1051510).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: fix an off-by-one issue in A-MSDU max_subframe computation (bsc#1051510).\n- mac80211: fix pending queue hang due to TX_DROP (bsc#1051510).\n- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: restrict delayed tailroom needed decrement (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- macros.kernel-source: pass -b properly in kernel module package (bsc#1107870).\n- mailbox: xgene-slimpro: Fix potential NULL pointer dereference (bsc#1051510).\n- make sure that __dentry_kill() always invalidates d_seq, unhashed or not (git-fixes).\n- md-cluster: clear another node's suspend_area after the copy is finished (bsc#1106333).\n- md-cluster: do not send msg if array is closing (bsc#1106333).\n- md-cluster: release RESYNC lock after the last resync message (bsc#1106688).\n- md-cluster: show array's status more accurate (bsc#1106333).\n- md/raid10: fix that replacement cannot complete recovery after reassemble (git-fixes).\n- md/raid1: add error handling of read error from FailFast device (git-fixes).\n- md/raid5-cache: disable reshape completely (git-fixes).\n- md/raid5: fix data corruption of replacements after originals dropped (git-fixes).\n- md: fix NULL dereference of mddev->pers in remove_and_add_spares() (git-fixes).\n- media: Revert '[media] tvp5150: fix pad format frame height' (bsc#1051510).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: cx231xx: fix potential sign-extension overflow on large shift (bsc#1051510).\n- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).\n- media: dvb: fix compat ioctl translation (bsc#1051510).\n- media: em28xx: fix input name for Terratec AV 350 (bsc#1051510).\n- media: em28xx: use a default format if TRY_FMT fails (bsc#1051510).\n- media: exynos4-is: Prevent NULL pointer dereference in __isp_video_try_fmt() (bsc#1051510).\n- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).\n- media: helene: fix xtal frequency setting at power on (bsc#1051510).\n- media: mem2mem: Remove excessive try_run call (bsc#1051510).\n- media: omap3isp: zero-initialize the isp cam_xclk{a,b} initial data (bsc#1051510).\n- media: pci: cx23885: handle adding to list failure (bsc#1051510).\n- media: rtl28xxu: be sure that it won't go past the array size (bsc#1051510).\n- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).\n- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).\n- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).\n- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).\n- media: tvp5150: avoid going past array on v4l2_querymenu() (bsc#1051510).\n- media: tvp5150: fix switch exit in set control handler (bsc#1051510).\n- media: tvp5150: fix width alignment during set_selection() (bsc#1051510).\n- media: tw686x: Fix oops on buffer alloc failure (bsc#1051510).\n- media: uvcvideo: Fix uvc_alloc_entity() allocation alignment (bsc#1051510).\n- media: v4l2-mem2mem: Fix missing v4l2_m2m_try_run call (bsc#1051510).\n- media: v4l2-tpg: fix kernel oops when enabling HFLIP and OSD (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).\n- media: vsp1: Fix YCbCr planar formats pitch calculation (bsc#1051510).\n- mei: bus: type promotion bug in mei_nfc_if_version() (bsc#1051510).\n- mei: do not update offset in write (bsc#1051510).\n- mei: ignore not found client in the enumeration (bsc#1051510).\n- mei: me: enable asynchronous probing ().\n- memcg, thp: do not invoke oom killer on thp charges (bsc#1089663).\n- memory: tegra: Apply interrupts mask per SoC (bsc#1051510).\n- memory: tegra: Do not handle spurious interrupts (bsc#1051510).\n- merge hyperv part of f5caf621\n- mfd: 88pm860x-i2c: switch to i2c_lock_bus(..., I2C_LOCK_SEGMENT) (bsc#1051510).\n- mfd: arizona: Correct calling of runtime_put_sync (bsc#1051510).\n- mfd: arizona: Do not use regmap_read_poll_timeout (bsc#1051510).\n- mfd: intel-lpss: Add Ice Lake PCI IDs (bsc#1051510).\n- mfd: lpc_ich: Do not touch SPI-NOR write protection bit on Apollo Lake (bsc#1051510).\n- mfd: sm501: Set coherent_dma_mask when creating subdevices (bsc#1051510).\n- mfd: ti_am335x_tscadc: Fix struct clk memory leak (bsc#1051510).\n- mlxsw: core_acl_flex_actions: Return error for conflicting actions (netfilter-stable-18_08_17).\n- mm, dax: introduce pfn_t_special() (bsc#1104888).\n- mm, madvise_inject_error: Disable MADV_SOFT_OFFLINE for ZONE_DEVICE pages (bsc#1107783).\n- mm, madvise_inject_error: Let memory_failure() optionally take a page reference (bsc#1107783).\n- mm, memory_failure: Collect mapping size in collect_procs() (bsc#1107783).\n- mm, memory_failure: Teach memory_failure() about dev_pagemap pages (bsc#1107783).\n- mm, numa: Migrate pages to local nodes quicker early in the lifetime of a task (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, numa: Remove rate-limiting of automatic numa balancing migration (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, numa: Remove rate-limiting of automatic numa balancing migration kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- mm, page_alloc: double zone's batchsize (bsc#971975 VM performance -- page allocator).\n- mm/huge_memory.c: fix data loss when splitting a file pmd (bsc#1107074).\n- mm/hugetlb: filter out hugetlb pages if HUGEPAGE migration is not supported (bsc#1106697).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm/vmalloc: add interfaces to free unmapped page table (bsc#1110006).\n- mm/vmscan: wake up flushers for legacy cgroups too (bsc#1107061).\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mm: fix devmem_is_allowed() for sub-page System RAM intersections (bsc#1106800).\n- mm: memcg: fix use after free in mem_cgroup_iter() (bsc#1107065).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mmc: omap_hsmmc: fix wakeirq handling on removal (bsc#1051510).\n- mmc: sdhci-of-esdhc: set proper dma mask for ls104x chips (bsc#1051510).\n- mmc: sdhci: do not try to use 3.3V signaling if not supported (bsc#1051510).\n- mmc: tegra: prevent HS200 on Tegra 3 (bsc#1051510).\n- modpost: ignore livepatch unresolved relocations ().\n- module: exclude SHN_UNDEF symbols from kallsyms api (bsc#1071995).\n- move a hyperv related patch to correct place in series.conf\n- move changes without Git-commit out of sorted section\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net/9p/client.c: version pointer uninitialized (bsc#1051510).\n- net/9p/trans_fd.c: fix race by holding the lock (bsc#1051510).\n- net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree() (bsc#1051510).\n- net/9p: Switch to wait_event_killable() (bsc#1051510).\n- net/9p: fix error path of p9_virtio_probe (bsc#1051510).\n- net/ipv4: Set oif in fib_compute_spec_dst (netfilter-stable-18_07_23).\n- net/mlx5: E-Switch, Avoid setup attempt if not being e-switch manager (networking-stable-18_07_19).\n- net/mlx5e: Avoid dealing with vport representors if not being e-switch manager (networking-stable-18_07_19).\n- net/packet: fix use-after-free (networking-stable-18_07_19).\n- net: add support for Cavium PTP coprocessor (bsc#1110096).\n- net: bcmgenet: Fix sparse warnings in bcmgenet_put_tx_csum() (bsc#1051510).\n- net: bcmgenet: Fix unmapping of fragments in bcmgenet_xmit() (bsc#1051510).\n- net: bcmgenet: correct bad merge (bsc#1051510).\n- net: bcmgenet: enable loopback during UniMAC sw_reset (bsc#1051510).\n- net: bcmgenet: prevent duplicate calls of bcmgenet_dma_teardown (bsc#1051510).\n- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).\n- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).\n- net: dccp: avoid crash in ccid3_hc_rx_send_feedback() (networking-stable-18_07_19).\n- net: dccp: switch rx_tstamp_last_feedback to monotonic clock (networking-stable-18_07_19).\n- net: diag: Do not double-free TCP_NEW_SYN_RECV sockets in tcp_abort (netfilter-stable-18_07_23).\n- net: dsa: Do not suspend/resume closed slave_dev (netfilter-stable-18_08_04).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108093).\n- net: ena: Fix use of uninitialized DMA address bits field (netfilter-stable-18_08_01).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108093).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108093).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108093).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108093).\n- net: ena: fix missing lock during device destruction (bsc#1108093).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108093).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108093).\n- net: ethernet: mvneta: Fix napi structure mixup on armada 3700 (networking-stable-18_08_21).\n- net: fix amd-xgbe flow-control issue (netfilter-stable-18_08_01).\n- net: fix use-after-free in GRO with ESP (networking-stable-18_07_19).\n- net: hns3: Fix MSIX allocation issue for VF (bsc#1104353 ).\n- net: hns3: Fix comments for hclge_get_ring_chain_from_mbx (bsc#1104353).\n- net: hns3: Fix desc num set to default when setting channel (bsc#1104353).\n- net: hns3: Fix for command format parsing error in hclge_is_all_function_id_zero (bsc#1104353).\n- net: hns3: Fix for information of phydev lost problem when down/up (bsc#1104353).\n- net: hns3: Fix for l4 checksum offload bug (bsc#1104353 ).\n- net: hns3: Fix for mac pause not disable in pfc mode (bsc#1104353).\n- net: hns3: Fix for mailbox message truncated problem (bsc#1104353).\n- net: hns3: Fix for phy link issue when using marvell phy driver (bsc#1104353).\n- net: hns3: Fix for reset_level default assignment probelm (bsc#1104353).\n- net: hns3: Fix for using wrong mask and shift in hclge_get_ring_chain_from_mbx (bsc#1104353).\n- net: hns3: Fix for waterline not setting correctly (bsc#1104353).\n- net: hns3: Fix get_vector ops in hclgevf_main module (bsc#1104353).\n- net: hns3: Fix return value error in hns3_reset_notify_down_enet (bsc#1104353).\n- net: hns3: Fix warning bug when doing lp selftest (bsc#1104353 ).\n- net: hns3: Prevent sending command during global or core reset (bsc#1104353).\n- net: hns3: Standardize the handle of return value (bsc#1104353 ).\n- net: hns3: add unlikely for error check (bsc#1104353 ).\n- net: hns3: fix page_offset overflow when CONFIG_ARM64_64K_PAGES (bsc#1104353).\n- net: hns3: fix return value error while hclge_cmd_csq_clean failed (bsc#1104353).\n- net: hns3: modify hnae_ to hnae3_ (bsc#1104353).\n- net: hns3: remove some redundant assignments (bsc#1104353 ).\n- net: hns3: remove unnecessary ring configuration operation while resetting (bsc#1104353).\n- net: hns3: simplify hclge_cmd_csq_clean (bsc#1104353 ).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- net: mdio-mux: bcm-iproc: fix wrong getter and setter pair (netfilter-stable-18_08_01).\n- net: mvneta: fix mvneta_config_rss on armada 3700 (networking-stable-18_08_21).\n- net: mvneta: fix the Rx desc DMA address in the Rx path (networking-stable-18_07_19).\n- net: phy: consider PHY_IGNORE_INTERRUPT in phy_start_aneg_priv (netfilter-stable-18_07_27).\n- net: phy: fix flag masking in __set_phy_supported (netfilter-stable-18_07_23).\n- net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags (git-fixes).\n- net: skb_segment() should not return NULL (netfilter-stable-18_07_27).\n- net: stmmac: Fix WoL for PCI-based setups (netfilter-stable-18_08_04).\n- net: stmmac: mark PM functions as __maybe_unused (git-fixes).\n- net: sungem: fix rx checksum support (networking-stable-18_07_19).\n- net: systemport: Fix CRC forwarding check for SYSTEMPORT Lite (netfilter-stable-18_07_23).\n- net: thunder: change q_len's type to handle max ring size (bsc#1110096).\n- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).\n- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).\n- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).\n- net: thunderx: add multicast filter management support (bsc#1110096).\n- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).\n- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).\n- net: thunderx: add timestamping support (bsc#1110096).\n- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).\n- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).\n- net: thunderx: fix double free error (bsc#1110096).\n- net: thunderx: move filter register related macro into proper place (bsc#1110096).\n- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).\n- net: thunderx: remove a couple of redundant assignments (bsc#1110096).\n- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).\n- net_sched: Fix missing res info when create new tc_index filter (netfilter-stable-18_08_17).\n- net_sched: blackhole: tell upper qdisc about dropped packets (networking-stable-18_07_19).\n- netfilter: do not set F_IFACE on ipv6 fib lookups (netfilter-stable-18_06_25).\n- netfilter: ip6t_rpfilter: provide input interface for route lookup (netfilter-stable-18_06_25).\n- netfilter: ip6t_rpfilter: set F_IFACE for linklocal addresses (git-fixes).\n- netfilter: nat: Revert 'netfilter: nat: convert nat bysrc hash to rhashtable' (netfilter-stable-17_11_16).\n- netfilter: nf_tables: add missing netlink attrs to policies (netfilter-stable-18_06_27).\n- netfilter: nf_tables: do not assume chain stats are set when jumplabel is set (netfilter-stable-18_06_27).\n- netfilter: nf_tables: fix memory leak on error exit return (netfilter-stable-18_06_27).\n- netfilter: nf_tables: nft_compat: fix refcount leak on xt module (netfilter-stable-18_06_27).\n- netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain() (netfilter-stable-18_06_25).\n- netfilter: nft_compat: fix handling of large matchinfo size (netfilter-stable-18_06_27).\n- netfilter: nft_compat: prepare for indirect info storage (netfilter-stable-18_06_27).\n- netfilter: nft_meta: fix wrong value dereference in nft_meta_set_eval (netfilter-stable-18_06_27).\n- netlink: Do not shift on 64 for ngroups (git-fixes).\n- netlink: Do not shift with UB on nlk->ngroups (netfilter-stable-18_08_01).\n- netlink: Do not subscribe to non-existent groups (netfilter-stable-18_08_01).\n- netlink: Fix spectre v1 gadget in netlink_create() (netfilter-stable-18_08_04).\n- nfs/filelayout: fix oops when freeing filelayout segment (bsc#1105190).\n- nfs/pnfs: fix nfs_direct_req ref leak when i/o falls back to the mds (git-fixes).\n- nfs41: do not return ENOMEM on LAYOUTUNAVAILABLE (git-fixes).\n- nfsd: remove blocked locks on client teardown (git-fixes).\n- nl80211: Add a missing break in parse_station_flags (bsc#1051510).\n- nl80211: check nla_parse_nested() return values (bsc#1051510).\n- nvdimm: Clarify comment in sizeof_namespace_index (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Remove empty if statement (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Sanity check labeloff (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Split label init out from the logic for getting config data (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvdimm: Use namespace index data to reduce number of label reads needed (bsc#1111921, bsc#1113408, bsc#1113972).\n- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).\n- nvme: register ns_id attributes as default sysfs groups (bsc#1105247).\n- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).\n- objtool, kprobes/x86: Sync the latest asm/insn.h header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).\n- of: add helper to lookup compatible child node (bsc#1106110)\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- ovl: fix format of setxattr debug (git-fixes).\n- parport: sunbpp: fix error return code (bsc#1051510).\n- partitions/aix: append null character to print data from disk (bsc#1051510).\n- partitions/aix: fix usage of uninitialized lv_info and lvname structures (bsc#1051510).\n- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).\n- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).\n- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).\n- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).\n- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).\n- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).\n- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).\n- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).\n- pinctrl/amd: only handle irq if it is pending and unmasked (bsc#1051510).\n- pinctrl: cannonlake: Fix HOSTSW_OWN register offset of H variant (bsc#1051510).\n- pipe: actually allow root to exceed the pipe buffer limits (bsc#1106297).\n- pipe: match pipe_max_size data type with procfs (git-fixes).\n- platform/x86: alienware-wmi: Correct a memory leak (bsc#1051510).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bsc#1051510).\n- platform/x86: thinkpad_acpi: Proper model/release matching (bsc#1051510).\n- platform/x86: toshiba_acpi: Fix defined but not used build warnings (bsc#1051510).\n- pmem: Switch to copy_to_iter_mcsafe() (bsc#1098782).\n- pnfs/blocklayout: off by one in bl_map_stripe() (git-fixes).\n- power: gemini-poweroff: Avoid more spurious poweroffs (bsc#1051510).\n- power: generic-adc-battery: check for duplicate properties copied from iio channels (bsc#1051510).\n- power: generic-adc-battery: fix out-of-bounds write when copying channel properties (bsc#1051510).\n- power: remove possible deadlock when unregistering power_supply (bsc#1051510).\n- power: supply: axp288_charger: Fix initial constant_charge_current value (bsc#1051510).\n- power: supply: max77693_charger: fix unintentional fall-through (bsc#1051510).\n- power: vexpress: fix corruption in notifier registration (bsc#1051510).\n- powernv/pseries: consolidate code for mce early handling (bsc#1094244).\n- powerpc/64s: Default l1d_size to 64K in RFI fallback flush (bsc#1068032, git-fixes).\n- powerpc/64s: Fix DT CPU features Power9 DD2.1 logic (bsc#1055117).\n- powerpc/64s: Fix compiler store ordering to SLB shadow area (bsc#1094244).\n- powerpc/64s: move machine check SLB flushing to mm/slb.c (bsc#1094244).\n- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).\n- powerpc/kprobes: Fix call trace due to incorrect preempt count (bsc#1065729).\n- powerpc/kvm/booke: Fix altivec related build break (bsc#1061840).\n- powerpc/kvm: Switch kvm pmd allocator to custom allocator (bsc#1061840).\n- powerpc/lib: Fix the feature fixup tests to actually work (bsc#1065729).\n- powerpc/mce: Fix SLB rebolting during MCE recovery path (bsc#1094244).\n- powerpc/mm/hugetlb: initialize the pagetable cache correctly for hugetlb (bsc#1091800).\n- powerpc/mm: Rename find_linux_pte_or_hugepte() (bsc#1061840).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/numa: Use associativity if VPHN hcall is successful (bsc#1110363).\n- powerpc/perf: Fix IMC allocation routine (bsc#1054914).\n- powerpc/perf: Fix memory allocation for core-imc based on num_possible_cpus() (bsc#1054914).\n- powerpc/perf: Remove sched_task function defined for thread-imc (bsc#1054914).\n- powerpc/pkeys: Fix reading of ibm, processor-storage-keys property (bsc#1109244).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/powernv/ioda: Allocate indirect TCE levels on demand (bsc#1061840).\n- powerpc/powernv/ioda: Finish removing explicit max window size check (bsc#1061840).\n- powerpc/powernv/ioda: Remove explicit max window size check (bsc#1061840).\n- powerpc/powernv/npu: Do a PID GPU TLB flush when invalidating a large address range (bsc#1055120).\n- powerpc/powernv: Add indirect levels to it_userspace (bsc#1061840).\n- powerpc/powernv: Move TCE manupulation code to its own file (bsc#1061840).\n- powerpc/powernv: Rework TCE level allocation (bsc#1061840).\n- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bsc#1094244).\n- powerpc/pseries: Defer the logging of rtas error to irq work queue (bsc#1094244).\n- powerpc/pseries: Define MCE error event section (bsc#1094244).\n- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1065729).\n- powerpc/pseries: Display machine check error details (bsc#1094244).\n- powerpc/pseries: Dump the SLB contents on SLB MCE errors (bsc#1094244).\n- powerpc/pseries: Fix 'OF: ERROR: Bad of_node_put() on /cpus' during DLPAR (bsc#1113295).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).\n- powerpc/pseries: Fix endianness while restoring of r3 in MCE handler (bsc#1094244).\n- powerpc/pseries: Flush SLB contents on SLB MCE errors (bsc#1094244).\n- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: fix EEH recovery of some IOV devices (bsc#1078720, git-fixes).\n- powerpc/rtas: Fix a potential race between CPU-Offline Migration (bsc#1111870).\n- powerpc/tm: Avoid possible userspace r1 corruption on reclaim (bsc#1109333).\n- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).\n- powerpc/topology: Get topology for shared processors at boot (bsc#1104683).\n- powerpc/xive: Fix trying to 'push' an already active pool VP (bsc#1085030, git-fixes).\n- powerpc/xive: Move definition of ESB bits (bsc#1061840).\n- powerpc/xmon: Add ISA v3.0 SPRs to SPR dump (bsc#1061840).\n- powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (bsc#1068032, bsc#1080157, git-fixes).\n- powerpc: Avoid code patching freed init sections (bsc#1107735).\n- powerpc: Fix size calculation using resource_size() (bsc#1012382).\n- powerpc: KABI add aux_ptr to hole in paca_struct to extend it with additional members (bsc#1094244).\n- powerpc: KABI: move mce_data_buf into paca_aux (bsc#1094244).\n- powerpc: make feature-fixup tests fortify-safe (bsc#1065729).\n- powerpc: pseries: remove dlpar_attach_node dependency on full path (bsc#1113295).\n- ppp: Destroy the mutex when cleanup (bsc#1051510).\n- ppp: fix __percpu annotation (bsc#1051510).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- pstore: Fix incorrect persistent ram buffer mapping (bsc#1051510).\n- ptp: fix missing break in switch (bsc#1105355).\n- ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE (bsc#1105355).\n- ptr_ring: fix up after recent ptr_ring changes (bsc#1105355).\n- ptr_ring: prevent integer overflow when calculating size (bsc#1105355).\n- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).\n- pwm: tiehrpwm: Fix disabling of output of PWMs (bsc#1051510).\n- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).\n- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).\n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).\n- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).\n- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).\n- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).\n- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).\n- qed: Wait for ready indication before rereading the shmem (bsc#1050536).\n- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).\n- qlge: Fix netdev features configuration (bsc#1098822).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8152: Check for supported Wake-on-LAN Modes (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- r8169: add support for NCube 8168 network card (bsc#1051510).\n- race of lockd inetaddr notifiers vs nlmsvc_rqst change (git-fixes).\n- random: add new ioctl RNDRESEEDCRNG (bsc#1051510).\n- random: fix possible sleeping allocation from irq context (bsc#1051510).\n- random: mix rdrand with entropy sent in from userspace (bsc#1051510).\n- random: rate limit unseeded randomness warnings (git-fixes).\n- random: set up the NUMA crng instances after the CRNG is fully initialized (bsc#1051510).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- readahead: stricter check for bdi io_pages (VM Functionality, git fixes).\n- regulator: fix crash caused by null driver data (bsc#1051510).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- reiserfs: fix broken xattr handling (heap corruption, bad retval) (bsc#1106236).\n- rename a hv patch to reduce conflicts in -AZURE\n- rename/renumber hv patches to simplify upcoming upstream merges Good Bye automerge. Hello Conflicts.\n- rename/renumber hv patches to simplify upcoming upstream merges No code changes.\n- reorder a qedi patch to allow further work in this branch\n- resort series.conf\n- resource: Include resource end in walk_*() interfaces (bsc#1114279).\n- rhashtable: add schedule points (bsc#1051510).\n- rndis_wlan: potential buffer overflow in rndis_wlan_auth_indication() (bsc#1051510).\n- root dentries need RCU-delayed freeing (bsc#1106297).\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rpm/kernel-binary.spec.in: fix call of split-modules split-modules is called with some parameters depending on config options. But since we do not use backslash consistelny, the call to split-modules might be evaluated so that also the following cat command is appended. Avoid this behaviour by using backslashes everywhere and add %nil to the end. This perhaps never happens, but stay on the safe side.\n- rpm/mkspec: build dtbs for architectures marked -!needs_updating\n- rpm/mkspec: fix ppc64 kernel-source build.\n- rpmsg: Correct support for MODULE_DEVICE_TABLE() (git-fixes).\n- rsi: Fix 'invalid vdd' warning in mmc (bsc#1051510).\n- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).\n- rtnetlink: add rtnl_link_state check in rtnl_configure_link (netfilter-stable-18_07_27).\n- rxrpc: Fix user call ID check in rxrpc_service_prealloc_one (netfilter-stable-18_08_04).\n- s390/crypto: Fix return code checking in cbc_paes_crypt() (bsc#1108323, LTC#171709).\n- s390/entry.S: use assembler alternatives (bsc#1103421).\n- s390/lib: use expoline for all bcr instructions (git-fixes, bsc#1103421).\n- s390/mm: fix local TLB flushing vs. detach of an mm address space (bsc#1103421).\n- s390/mm: fix race on mm->context.flush_mm (bsc#1103421).\n- s390/pci: fix out of bounds access during irq setup (bsc#1108323, LTC#171068).\n- s390/qdio: reset old sbal_state flags (LTC#171525, bsc#1106948).\n- s390/qeth: consistently re-enable device features (bsc#1104482, LTC#170340).\n- s390/qeth: do not clobber buffer on async TX completion (bsc#1104482, LTC#170340).\n- s390/qeth: rely on kernel for feature recovery (bsc#1104482, LTC#170340).\n- s390/qeth: use vzalloc for QUERY OAT buffer (LTC#171527, bsc#1106948).\n- s390/runtime instrumentation: simplify task exit handling (bsc#1103421).\n- s390: Prevent hotplug rwsem recursion (bsc#1105731).\n- s390: always save and restore all registers on context switch (bsc#1103421).\n- s390: detect etoken facility (bsc#1103421).\n- s390: fix br_r1_trampoline for machines without exrl (git-fixes, bsc#1103421).\n- s390: fix compat system call table (bsc#1103421).\n- s390: fix handling of -1 in set{,fs}id16 syscalls (bsc#1103421).\n- s390: use expoline thunks for all branches generated by the BPF JIT (bsc#1103421).\n- samples/bpf: adjust rlimit RLIMIT_MEMLOCK for xdp1 (bsc#1083647).\n- sched/fair: Fix bandwidth timer clock drift condition (Git-fixes).\n- sched/fair: Fix vruntime_normalized() for remote non-migration wakeup (git-fixes).\n- sched/isolcpus: Fix 'isolcpus=' boot parameter handling when !CONFIG_CPUMASK_OFFSTACK (bsc#1107207).\n- sched/numa: Avoid task migration for small NUMA improvement (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Do not move imbalanced load purely on the basis of an idle CPU (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Evaluate move once per node (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Limit the conditions where scan period is reset ().\n- sched/numa: Pass destination CPU as a parameter to migrate_task_rq (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Pass destination CPU as a parameter to migrate_task_rq kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove numa_has_capacity() (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Remove unused task_capacity from 'struct numa_stats' (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Reset scan rate whenever task moves across nodes (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop comparing tasks for NUMA placement after selecting an idle core (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop multiple tasks from moving to the CPU at the same time (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: Stop multiple tasks from moving to the CPU at the same time kabi (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused code from update_numa_stats() (bsc#1101669 optimise numa balancing for fast migrate).\n- sched/numa: remove unused nr_running field (bsc#1101669 optimise numa balancing for fast migrate).\n- scripts/git_sort/git_sort.py: Add fixes branch from mkp/scsi.git.\n- scripts/git_sort/git_sort.py: add libnvdimm-for-next branch\n- scripts/git_sort/git_sort.py: add mkp 4.20/scsi-queue\n- scripts: modpost: check memory allocation results (bsc#1051510).\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: cxlflash: Abstract hardware dependent assignments ().\n- scsi: cxlflash: Acquire semaphore before invoking ioctl services ().\n- scsi: cxlflash: Adapter context init can return error ().\n- scsi: cxlflash: Adapter context support for OCXL ().\n- scsi: cxlflash: Add argument identifier names ().\n- scsi: cxlflash: Add include guards to backend.h ().\n- scsi: cxlflash: Avoid clobbering context control register value ().\n- scsi: cxlflash: Enable OCXL operations ().\n- scsi: cxlflash: Explicitly cache number of interrupts per context ().\n- scsi: cxlflash: Handle spurious interrupts ().\n- scsi: cxlflash: Hardware AFU for OCXL ().\n- scsi: cxlflash: Introduce OCXL backend ().\n- scsi: cxlflash: Introduce OCXL context state machine ().\n- scsi: cxlflash: Introduce object handle fop ().\n- scsi: cxlflash: Isolate external module dependencies ().\n- scsi: cxlflash: Limit the debug logs in the IO path ().\n- scsi: cxlflash: MMIO map the AFU ().\n- scsi: cxlflash: Preserve number of interrupts for master contexts ().\n- scsi: cxlflash: Read host AFU configuration ().\n- scsi: cxlflash: Read host function configuration ().\n- scsi: cxlflash: Register for translation errors ().\n- scsi: cxlflash: Remove commmands from pending list on timeout ().\n- scsi: cxlflash: Remove embedded CXL work structures ().\n- scsi: cxlflash: Setup AFU PASID ().\n- scsi: cxlflash: Setup AFU acTag range ().\n- scsi: cxlflash: Setup LISNs for master contexts ().\n- scsi: cxlflash: Setup LISNs for user contexts ().\n- scsi: cxlflash: Setup OCXL transaction layer ().\n- scsi: cxlflash: Setup function OCXL link ().\n- scsi: cxlflash: Setup function acTag range ().\n- scsi: cxlflash: Staging to support future accelerators ().\n- scsi: cxlflash: Support AFU interrupt management ().\n- scsi: cxlflash: Support AFU interrupt mapping and registration ().\n- scsi: cxlflash: Support AFU reset ().\n- scsi: cxlflash: Support AFU state toggling ().\n- scsi: cxlflash: Support adapter context discovery ().\n- scsi: cxlflash: Support adapter context mmap and release ().\n- scsi: cxlflash: Support adapter context polling ().\n- scsi: cxlflash: Support adapter context reading ().\n- scsi: cxlflash: Support adapter file descriptors for OCXL ().\n- scsi: cxlflash: Support file descriptor mapping ().\n- scsi: cxlflash: Support image reload policy modification ().\n- scsi: cxlflash: Support process element lifecycle ().\n- scsi: cxlflash: Support process specific mappings ().\n- scsi: cxlflash: Support reading adapter VPD data ().\n- scsi: cxlflash: Support starting an adapter context ().\n- scsi: cxlflash: Support starting user contexts ().\n- scsi: cxlflash: Synchronize reset and remove ops ().\n- scsi: cxlflash: Use IDR to manage adapter contexts ().\n- scsi: cxlflash: Use local mutex for AFU serialization ().\n- scsi: cxlflash: Yield to active send threads ().\n- scsi: fcoe: hold disc_mutex when traversing rport lists (bsc#1077989).\n- scsi: hisi_sas: Add SATA FIS check for v3 hw ().\n- scsi: hisi_sas: Add a flag to filter PHY events during reset ().\n- scsi: hisi_sas: Add missing PHY spinlock init ().\n- scsi: hisi_sas: Adjust task reject period during host reset ().\n- scsi: hisi_sas: Drop hisi_sas_slot_abort() ().\n- scsi: hisi_sas: Fix the conflict between dev gone and host reset ().\n- scsi: hisi_sas: Fix the failure of recovering PHY from STP link timeout ().\n- scsi: hisi_sas: Implement handlers of PCIe FLR for v3 hw ().\n- scsi: hisi_sas: Only process broadcast change in phy_bcast_v3_hw() ().\n- scsi: hisi_sas: Pre-allocate slot DMA buffers ().\n- scsi: hisi_sas: Release all remaining resources in clear nexus ha ().\n- scsi: hisi_sas: Tidy hisi_sas_task_prep() ().\n- scsi: hisi_sas: Use dmam_alloc_coherent() ().\n- scsi: hisi_sas: add memory barrier in task delivery function ().\n- scsi: hisi_sas: relocate some common code for v3 hw ().\n- scsi: hisi_sas: tidy channel interrupt handler for v3 hw ().\n- scsi: hisi_sas: tidy host controller reset function a bit ().\n- scsi: hpsa: limit transfer length to 1MB, not 512kB (bsc#1102346).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: libfc: Add lockdep annotations (bsc#1077989).\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: fixup 'sleeping function called from invalid context' (bsc#1077989).\n- scsi: libfc: fixup lockdep annotations (bsc#1077989).\n- scsi: libfc: hold disc_mutex in fc_disc_stop_rports() (bsc#1077989).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: lpfc: Correct MDS diag and nvmet configuration (bsc#1106636).\n- scsi: mpt3sas: Fix calltrace observed while running IO reset (bsc#1077989).\n- scsi: netvsc: Use the vmbus function to calculate ring buffer percentage (bsc#1107207).\n- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).\n- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).\n- scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (bsc#1108870).\n- scsi: qla2xxx: Add logic to detect ABTS hang and response completion (bsc#1108870).\n- scsi: qla2xxx: Add longer window for chip reset (bsc#1086327,).\n- scsi: qla2xxx: Add mode control for each physical port (bsc#1108870).\n- scsi: qla2xxx: Add support for ZIO6 interrupt threshold (bsc#1108870).\n- scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (bsc#1108870).\n- scsi: qla2xxx: Check for Register disconnect (bsc#1108870).\n- scsi: qla2xxx: Cleanup for N2N code (bsc#1086327,).\n- scsi: qla2xxx: Decrement login retry count for only plogi (bsc#1108870).\n- scsi: qla2xxx: Defer chip reset until target mode is enabled (bsc#1108870).\n- scsi: qla2xxx: Fix ISP recovery on unload (bsc#1086327,).\n- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1086327,).\n- scsi: qla2xxx: Fix N2N link re-connect (bsc#1086327,).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix Remote port registration (bsc#1108870).\n- scsi: qla2xxx: Fix deadlock between ATIO and HW lock (bsc#1108870).\n- scsi: qla2xxx: Fix double increment of switch scan retry count (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix dropped srb resource (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch's Nport ID entries (bsc#1108870).\n- scsi: qla2xxx: Fix early srb free on abort (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix iIDMA error (bsc#1108870).\n- scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (bsc#1108870).\n- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1086327,).\n- scsi: qla2xxx: Fix login retry count (bsc#1086327,).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix out of order Termination and ABTS response (bsc#1108870).\n- scsi: qla2xxx: Fix port speed display on chip reset (bsc#1108870).\n- scsi: qla2xxx: Fix premature command free (bsc#1108870).\n- scsi: qla2xxx: Fix process response queue for ISP26XX and above (bsc#1108870).\n- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1086327,).\n- scsi: qla2xxx: Fix race condition for resource cleanup (bsc#1108870).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1086327,).\n- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1086327,).\n- scsi: qla2xxx: Fix stalled relogin (bsc#1086327,).\n- scsi: qla2xxx: Fix stuck session in PLOGI state (bsc#1108870).\n- scsi: qla2xxx: Fix unintended Logout (bsc#1086327,).\n- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1086327,).\n- scsi: qla2xxx: Force fw cleanup on ADISC error (bsc#1108870).\n- scsi: qla2xxx: Increase abort timeout value (bsc#1108870).\n- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1086327,).\n- scsi: qla2xxx: Move ABTS code behind qpair (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Move rport registration out of internal work_list (bsc#1108870).\n- scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1108870).\n- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1086327,).\n- scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (bsc#1108870).\n- scsi: qla2xxx: Reject bsg request if chip is down (bsc#1108870).\n- scsi: qla2xxx: Remove ASYNC GIDPN switch command (bsc#1108870).\n- scsi: qla2xxx: Remove all rports if fabric scan retry fails (bsc#1108870).\n- scsi: qla2xxx: Remove redundant check for fcport deletion (bsc#1108870).\n- scsi: qla2xxx: Remove stale ADISC_DONE event (bsc#1108870).\n- scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: qla2xxx: Save frame payload size from ICB (bsc#1086327,).\n- scsi: qla2xxx: Serialize mailbox request (bsc#1108870).\n- scsi: qla2xxx: Silent erroneous message (bsc#1086327,).\n- scsi: qla2xxx: Spinlock recursion in qla_target (bsc#1086327,).\n- scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (bsc#1108870).\n- scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1108870).\n- scsi: qla2xxx: Update driver to version 10.00.00.09-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1086327,).\n- scsi: qla2xxx: Update driver version to 10.00.00.10-k (bsc#1108870).\n- scsi: qla2xxx: Update driver version to 10.00.00.11-k (bsc#1108870).\n- scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (bsc#1108870).\n- scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1108870).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: qla2xxx: shutdown chip if reset fail (bsc#1108870).\n- scsi: storsvc: do not set a bounce limit (bsc#1107207).\n- scsi: storvsc: Avoid allocating memory for temp cpumasks (bsc#1107207).\n- scsi: storvsc: Select channel based on available percentage of ring buffer to write (bsc#1107207).\n- scsi: storvsc: Set up correct queue depth values for IDE devices (bsc#1107207).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- scsi: vmbus: Add function to report available ring buffer to write in total ring size percentage (bsc#1107207).\n- scsi_debug: call resp_XXX function after setting host_scribble (bsc#1069138).\n- scsi_debug: reset injection flags for every_nth > 0 (bsc#1069138).\n- security: check for kstrdup() failure in lsm_append() (bsc#1051510).\n- selftests/bpf/test_maps: exit child process without error in ENOMEM case (bsc#1083647).\n- selftests/bpf: fix a typo in map in map test (bsc#1083647).\n- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).\n- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).\n- serial: 8250: Do not service RX FIFO if interrupts are disabled (bsc#1051510).\n- serial: 8250: Fix clearing FIFOs in RS485 mode again (bsc#1051510).\n- serial: 8250_dw: Add ACPI support for uart on Broadcom SoC (bsc#1051510).\n- serial: 8250_dw: always set baud rate in dw8250_set_termios (bsc#1051510).\n- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).\n- serial: core: mark port as initialized after successful IRQ change (bsc#1051510).\n- serial: cpm_uart: return immediately from console poll (bsc#1051510).\n- serial: enable spi in sc16is7xx driver References: bsc#1105672\n- serial: imx: restore handshaking irq for imx1 (bsc#1051510).\n- serial: make sc16is7xx driver supported References: bsc#1105672\n- serial: pxa: Fix an error handling path in 'serial_pxa_probe()' (bsc#1051510).\n- serial: sh-sci: Stop RX FIFO timer during port shutdown (bsc#1051510).\n- serial: xuartps: fix typo in cdns_uart_startup (bsc#1051510).\n- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bsc#1112514).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- slab: __GFP_ZERO is incompatible with a constructor (bsc#1107060).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- smsc75xx: Check for Wake-on-LAN modes (bsc#1051510).\n- smsc95xx: Check for Wake-on-LAN modes (bsc#1051510).\n- soc/tegra: pmc: Fix child-node lookup (bsc#1051510).\n- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).\n- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi-nor: intel-spi: Fix number of protected range registers for BYT/LPT ().\n- spi/bcm63xx-hsspi: keep pll clk enabled (bsc#1051510).\n- spi: bcm-qspi: switch back to reading flash using smaller chunks (bsc#1051510).\n- spi: cadence: Change usleep_range() to udelay(), for atomic context (bsc#1051510).\n- spi: davinci: fix a NULL pointer dereference (bsc#1051510).\n- spi: pxa2xx: Add support for Intel Ice Lake (bsc#1051510).\n- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).\n- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).\n- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: fix deferred probing (bsc#1051510).\n- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- sr9800: Check for supported Wake-on-LAN modes (bsc#1051510).\n- sr: get/drop reference to device in revalidate and check_events (bsc#1109979).\n- staging: bcm2835-audio: Check if workqueue allocation failed ().\n- staging: bcm2835-audio: Deliver indirect-PCM transfer error ().\n- staging: bcm2835-audio: Disconnect and free vchi_instance on module_exit() ().\n- staging: bcm2835-audio: Do not leak workqueue if open fails ().\n- staging: bcm2835-audio: constify snd_pcm_ops structures ().\n- staging: bcm2835-audio: make snd_pcm_hardware const ().\n- staging: bcm2835-camera: fix timeout handling in wait_for_completion_timeout (bsc#1051510).\n- staging: bcm2835-camera: handle wait_for_completion_timeout return properly (bsc#1051510).\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bsc#1051510).\n- staging: comedi: ni_mio_common: protect register write overflow (bsc#1051510).\n- staging: lustre: Use 'kvfree()' for memory allocated by 'kvzalloc()' (bsc#1051510).\n- staging: lustre: disable preempt while sampling processor id (bsc#1051510).\n- staging: lustre: fix bug in osc_enter_cache_try (bsc#1051510).\n- staging: lustre: ldlm: free resource when ldlm_lock_create() fails (bsc#1051510).\n- staging: lustre: libcfs: Prevent harmless read underflow (bsc#1051510).\n- staging: lustre: libcfs: fix test for libcfs_ioctl_hdr minimum size (bsc#1051510).\n- staging: lustre: llite: correct removexattr detection (bsc#1051510).\n- staging: lustre: llite: initialize xattr->xe_namelen (bsc#1051510).\n- staging: lustre: lmv: correctly iput lmo_root (bsc#1051510).\n- staging: lustre: lov: use correct env in lov_io_data_version_end() (bsc#1051510).\n- staging: lustre: o2iblnd: Fix FastReg map/unmap for MLX5 (bsc#1051510).\n- staging: lustre: o2iblnd: Fix crash in kiblnd_handle_early_rxs() (bsc#1051510).\n- staging: lustre: o2iblnd: fix race at kiblnd_connect_peer (bsc#1051510).\n- staging: lustre: obd_mount: use correct niduuid suffix (bsc#1051510).\n- staging: lustre: obdclass: return -EFAULT if copy_from_user() fails (bsc#1051510).\n- staging: lustre: ptlrpc: kfree used instead of kvfree (bsc#1051510).\n- staging: lustre: remove invariant in cl_io_read_ahead() (bsc#1051510).\n- staging: lustre: statahead: remove incorrect test on agl_list_empty() (bsc#1051510).\n- staging: rts5208: fix missing error check on call to rtsx_write_register (bsc#1051510).\n- staging: vc04_services: Fix platform_no_drv_owner.cocci warnings ().\n- staging: vc04_services: bcm2835-audio Format multiline comment ().\n- staging: vc04_services: bcm2835-audio: Add blank line after declaration ().\n- staging: vc04_services: bcm2835-audio: Change to unsigned int * ().\n- staging: vc04_services: bcm2835-audio: add SPDX identifiers ().\n- staging: vc04_services: bcm2835-audio: remove redundant license text ().\n- staging: vc04_services: please do not use multiple blank lines ().\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- stmmac: fix DMA channel hang in half-duplex mode (networking-stable-18_07_19).\n- string: drop __must_check from strscpy() and restore strscpy() usages in cgroup (bsc#1051510).\n- strparser: Remove early eaten to fix full tcp receive buffer stall (networking-stable-18_07_19).\n- sunxi-rsb: Include OF based modalias in device uevent (bsc#1051510).\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sys: do not hold uts_sem while accessing userspace memory (bsc#1106995).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- target_core_rbd: break up free_device callback (bsc#1105524).\n- target_core_rbd: use RCU in free_device (bsc#1105524).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).\n- thermal: thermal_hwmon: Convert to hwmon_device_register_with_info() (bsc#1103363).\n- thermal_hwmon: Pass the originating device down to hwmon_device_register_with_info (bsc#1103363).\n- thermal_hwmon: Sanitize attribute name passed to hwmon (bsc#1103363).\n- ti: ethernet: cpdma: Use correct format for genpool_* (bsc#1051510).\n- tools build: fix # escaping in .cmd files for future Make (git-fixes).\n- tools/hv: Fix IP reporting by KVP daemon with SRIOV (bsc#1107207).\n- tools/power turbostat: Read extended processor family from CPUID (bsc#1051510).\n- tools/power turbostat: fix -S on UP systems (bsc#1051510).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tools: hv: fcopy: set 'error' in case an unknown operation was requested (bsc#1107207).\n- tools: hv: fix compiler warnings about major/target_fname (bsc#1107207).\n- tools: hv: include string.h in hv_fcopy_daemon (bsc#1107207).\n- tools: hv: update lsvmbus to be compatible with python3 (bsc#1107207).\n- tools: usb: ffs-test: Fix build on big endian systems (bsc#1051510).\n- tpm: Introduce flag TPM_TRANSMIT_RAW (bsc#1082555).\n- tpm: cmd_ready command can be issued only after granting locality (bsc#1082555).\n- tpm: fix race condition in tpm_common_write() (bsc#1082555).\n- tpm: fix use after free in tpm2_load_context() (bsc#1082555).\n- tpm: separate cmd_ready/go_idle from runtime_pm (bsc#1082555).\n- tpm: tpm_crb: relinquish locality on error path (bsc#1082555).\n- tpm: vtpm_proxy: Implement request_locality function (bsc#1082555).\n- tracepoint: Do not warn on ENOMEM (bsc#1051510).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tsl2550: fix lux1_input error in low light (bsc#1051510).\n- tty/ldsem: Add lockdep asserts for ldisc_sem (bsc#1105428).\n- tty/ldsem: Convert to regular lockdep annotations (bsc#1105428).\n- tty/ldsem: Decrement wait_readers on timeouted down_read() (bsc#1105428).\n- tty/ldsem: Wake up readers after timed out down_write() (bsc#1105428).\n- tty: Do not block on IO when ldisc change is pending (bsc#1105428).\n- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).\n- tty: Hold tty_ldisc_lock() during tty_reopen() (bsc#1105428).\n- tty: Simplify tty->count math in tty_reopen() (bsc#1105428).\n- tty: fix data race between tty_init_dev and flush of buf (bsc#1105428).\n- tty: fix termios input-speed encoding (bsc#1051510).\n- tty: fix termios input-speed encoding when using BOTHER (bsc#1051510).\n- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).\n- tty: serial: 8250: Revert NXP SC16C2552 workaround (bsc#1051510).\n- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).\n- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).\n- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).\n- uart: fix race between uart_put_char() and uart_shutdown() (bsc#1051510).\n- ubifs: Check data node size before truncate (bsc#1051510).\n- ubifs: Check for name being NULL while mounting (bsc#1051510).\n- ubifs: Fix directory size calculation for symlinks (bsc#1106230).\n- ubifs: Fix memory leak in lprobs self-check (bsc#1051510).\n- ubifs: Fix synced_i_size calculation for xattr inodes (bsc#1051510).\n- ubifs: xattr: Do not operate on deleted inodes (bsc#1051510).\n- udl-kms: avoid division (bsc#1051510).\n- udl-kms: change down_interruptible to down (bsc#1051510).\n- udl-kms: fix crash due to uninitialized memory (bsc#1051510).\n- udl-kms: handle allocation failure (bsc#1051510).\n- udlfb: set optimal write delay (bsc#1051510).\n- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).\n- uio, lib: Fix CONFIG_ARCH_HAS_UACCESS_MCSAFE compilation (bsc#1098782).\n- uio: potential double frees if __uio_register_device() fails (bsc#1051510).\n- uio_hv_generic: fix subchannel ring mmap (bsc#1107207).\n- uio_hv_generic: make ring buffer attribute for primary channel (bsc#1107207).\n- uio_hv_generic: set size of ring buffer attribute (bsc#1107207).\n- uio_hv_generic: support sub-channels (bsc#1107207).\n- uio_hv_generic: use correct channel in isr (bsc#1107207).\n- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).\n- uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn() (bsc#1051510).\n- uprobes: Use synchronize_rcu() not synchronize_sched() (bsc#1051510).\n- usb/phy: fix PPC64 build errors in phy-fsl-usb.c (bsc#1051510).\n- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).\n- usb: Do not die twice if PCI xhci host is not responding in resume (bsc#1051510).\n- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).\n- usb: chipidea: Prevent unbalanced IRQ disable (bsc#1051510).\n- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).\n- usb: dwc2: fix isoc split in transfer with no data (bsc#1051510).\n- usb: dwc2: gadget: Fix issue in dwc2_gadget_start_isoc() (bsc#1051510).\n- usb: dwc3: change stream event enable bit back to 13 (bsc#1051510).\n- usb: dwc3: pci: add support for Intel IceLake (bsc#1051510).\n- usb: gadget: composite: fix delayed_status race condition when set_interface (bsc#1051510).\n- usb: gadget: dwc2: fix memory leak in gadget_init() (bsc#1051510).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n- usb: gadget: fsl_udc_core: check allocation return value and cleanup on failure (bsc#1051510).\n- usb: gadget: fsl_udc_core: fixup struct_udc_setup documentation (bsc#1051510).\n- usb: gadget: r8a66597: Fix a possible sleep-in-atomic-context bugs in r8a66597_queue() (bsc#1051510).\n- usb: gadget: r8a66597: Fix two possible sleep-in-atomic-context bugs in init_controller() (bsc#1051510).\n- usb: gadget: udc: renesas_usb3: fix maxpacket size of ep0 (bsc#1051510).\n- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).\n- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).\n- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).\n- usb: uas: add support for more quirk flags (bsc#1051510).\n- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- usb: xhci: increase CRS timeout value (bsc#1051510).\n- usbip: tools: fix atoi() on non-null terminated string (bsc#1051510).\n- use the new async probing feature for the hyperv drivers (bsc#1107207).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- userns: move user access out of the mutex (bsc#1051510).\n- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).\n- vfio/pci: Virtualize Maximum Payload Size (bsc#1051510).\n- vfio/pci: Virtualize Maximum Read Request Size (bsc#1051510).\n- vfio/type1: Fix task tracking for QEMU vCPU hotplug (bsc#1051510).\n- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).\n- vfs: fix freeze protection in mnt_want_write_file() for overlayfs (git-fixes).\n- vhost: correctly check the iova range when waking virtqueue (bsc#1051510).\n- vhost: do not try to access device IOTLB when not initialized (bsc#1051510).\n- vhost: reset metadata cache when initializing new IOTLB (netfilter-stable-18_08_17).\n- vhost: use mutex_lock_nested() in vhost_dev_lock_vqs() (bsc#1051510).\n- vhost_net: validate sock before trying to put its fd (networking-stable-18_07_19).\n- video: fbdev: pxafb: clear allocated memory for video modes (bsc#1051510).\n- video: goldfishfb: fix memory leak on driver remove (bsc#1051510).\n- virtio: pci-legacy: Validate queue pfn (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1107207).\n- vmci: type promotion bug in qp_host_get_user_memory() (bsc#1105355).\n- vmw_balloon: VMCI_DOORBELL_SET does not check status (bsc#1051510).\n- vmw_balloon: do not use 2MB without batching (bsc#1051510).\n- vmw_balloon: fix VMCI use when balloon built into kernel (bsc#1051510).\n- vmw_balloon: fix inflation of 64-bit GFNs (bsc#1051510).\n- vmw_balloon: remove inflation rate limiting (bsc#1051510).\n- vsock: split dwork to avoid reinitializations (netfilter-stable-18_08_17).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n- vxlan: add new fdb alloc and create helpers (netfilter-stable-18_07_27).\n- vxlan: fix default fdb entry netlink notify ordering during netdev create (netfilter-stable-18_07_27).\n- vxlan: make netlink notify in vxlan_fdb_destroy optional (netfilter-stable-18_07_27).\n- wan/fsl_ucc_hdlc: use IS_ERR_VALUE() to check return value of qe_muram_alloc (bsc#1051510).\n- watchdog: Mark watchdog touch functions as notrace (git-fixes).\n- wlcore: Add missing PM call for wlcore_cmd_wait_for_event_or_timeout() (bsc#1051510).\n- wlcore: Set rx_status boottime_ns field on rx (bsc#1051510).\n- x86-64/realmode: Add instruction suffix (bsc#1110006).\n- x86/CPU/AMD: Derive CPU topology from CPUID function 0xB when available ().\n- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).\n- x86/CPU: Add a microcode loader callback (bsc#1110006).\n- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).\n- x86/CPU: Modify detect_extended_topology() to return result ().\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/Hyper-V/hv_apic: Build the Hyper-V APIC conditionally (bsc#1107207).\n- x86/Hyper-V/hv_apic: Include asm/apic.h (bsc#1107207).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).\n- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).\n- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).\n- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Remove min interval polling limitation (bsc#1110006).\n- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).\n- x86/MCE: Serialize sysfs changes (bsc#1110006).\n- x86/PCI: Make broadcom_postcore_init() check acpi_disabled (bsc#1110006).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).\n- x86/apic/vector: Fix off by one in error path (bsc#1110006).\n- x86/apic: Fix restoring boot IRQ mode in reboot and kexec/kdump (bsc#1110006).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).\n- x86/apic: Split disable_IO_APIC() into two functions to fix CONFIG_KEXEC_JUMP=y (bsc#1110006).\n- x86/apic: Split out restore_boot_irq_mode() from disable_IO_APIC() (bsc#1110006).\n- x86/asm/memcpy_mcsafe: Add labels for __memcpy_mcsafe() write fault handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Add write-protection-fault handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Define copy_to_iter_mcsafe() (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Fix copy_to_user_mcsafe() exception handling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Provide original memcpy_mcsafe_unrolled (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Remove loop unrolling (bsc#1098782).\n- x86/asm/memcpy_mcsafe: Return bytes remaining (bsc#1098782).\n- x86/asm: Add _ASM_ARG* constants for argument registers to asm/asm.h (bsc#1110006).\n- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).\n- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).\n- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).\n- x86/boot/KASLR: Work around firmware bugs by excluding EFI_BOOT_SERVICES_* and EFI_LOADER_* from KASLR's choice (bsc#1112878).\n- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).\n- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).\n- x86/boot: Fix kexec booting failure in the SEV bit detection code (bsc#1110301).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).\n- x86/build/64: Force the linker to use 2MB page size (bsc#1109603).\n- x86/build: Beautify build log of syscall headers (bsc#1110006).\n- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).\n- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).\n- x86/decoder: Add new TEST instruction pattern (bsc#1110006).\n- x86/dumpstack: Save first regs set for the executive summary (bsc#1110006).\n- x86/dumpstack: Unify show_regs() (bsc#1110006).\n- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/entry/64: Add two more instruction suffixes (bsc#1110006).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bsc#1102715).\n- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).\n- x86/entry/64: Wipe KASAN stack shadow before rewind_stack_do_exit() (bsc#1110006).\n- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).\n- x86/espfix/64: Fix espfix double-fault handling on 5-level systems (bsc#1110006).\n- x86/events/intel/ds: Fix bts_interrupt_threshold alignment (git-fixes c1961a4631da).\n- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).\n- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).\n- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).\n- x86/headers/UAPI: Use __u64 instead of u64 in uapi/asm/hyperv.h (bsc#1107207).\n- x86/hyper-V: Allocate the IDT entry early in boot (bsc#1107207).\n- x86/hyper-v: Check cpumask_to_vpset() return value in hyperv_flush_tlb_others_ex() (bsc#1107207).\n- x86/hyper-v: Check for VP_INVAL in hyperv_flush_tlb_others() (bsc#1107207).\n- x86/hyper-v: Fix the circular dependency in IPI enlightenment (bsc#1107207).\n- x86/hyper-v: Fix wrong merge conflict resolution (bsc#1107207).\n- x86/hyper-v: Implement hv_do_fast_hypercall16 (bsc#1107207).\n- x86/hyper-v: Trace PV IPI send (bsc#1107207).\n- x86/hyper-v: Use 'fast' hypercall for HVCALL_SEND_IPI (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_FLUSH_VIRTUAL_ADDRESS_{LIST,SPACE} hypercalls when possible (bsc#1107207).\n- x86/hyper-v: Use cheaper HVCALL_SEND_IPI hypercall when possible (bsc#1107207).\n- x86/hyper-v: allocate and use Virtual Processor Assist Pages (bsc#1107207).\n- x86/hyper-v: define struct hv_enlightened_vmcs and clean field bits (bsc#1107207).\n- x86/hyper-v: detect nested features (bsc#1107207).\n- x86/hyper-v: move definitions from TLFS to hyperv-tlfs.h (bsc#1107207).\n- x86/hyper-v: move hyperv.h out of uapi (bsc#1107207).\n- x86/hyper-v: move struct hv_flush_pcpu{,ex} definitions to common header (bsc#1107207).\n- x86/hyper-v: rename ipi_arg_{ex,non_ex} structures (bsc#1107207).\n- x86/hyperv: Add a function to read both TSC and TSC page value simulateneously (bsc#1107207).\n- x86/hyperv: Add interrupt handler annotations (bsc#1107207).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1107207).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).\n- x86/hyperv: Redirect reenlightment notifications on CPU offlining (bsc#1107207).\n- x86/hyperv: Reenlightenment notifications support (bsc#1107207).\n- x86/idt: Load idt early in start_secondary (bsc#1110006).\n- x86/init: fix build with CONFIG_SWAP=n (bsc#1106121).\n- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).\n- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).\n- x86/irq: Count Hyper-V reenlightenment interrupts (bsc#1107207).\n- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).\n- x86/irq: implement irq_data_get_effective_affinity_mask() for v4.12 (bsc#1109772).\n- x86/kasan/64: Teach KASAN about the cpu_entry_area (kasan).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Avoid double free_page() upon do_kexec_load() failure (bsc#1110006).\n- x86/kexec: Correct KEXEC_BACKUP_SRC_END off-by-one error (bsc#1114279).\n- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).\n- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).\n- x86/kvm/hyper-v: add reenlightenment MSRs support (bsc#1107207).\n- x86/kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (bsc#1107207).\n- x86/kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (bsc#1107207).\n- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).\n- x86/kvm: fix LAPIC timer drift when guest uses periodic mode (bsc#1106240).\n- x86/kvm: rename HV_X64_MSR_APIC_ASSIST_PAGE to HV_X64_MSR_VP_ASSIST_PAGE (bsc#1107207).\n- x86/mce/AMD: Get address from already initialized block (bsc#1110006).\n- x86/mce: Add notifier_block forward declaration (bsc#1110006).\n- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).\n- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).\n- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).\n- x86/mce: Fix set_mce_nospec() to avoid #GP fault (bsc#1107783).\n- x86/mce: Improve error message when kernel cannot recover (bsc#1110006).\n- x86/mce: Improve error message when kernel cannot recover (bsc#1110301).\n- x86/mcelog: Get rid of RCU remnants (git-fixes 5de97c9f6d85).\n- x86/memory_failure: Introduce {set, clear}_mce_nospec() (bsc#1107783).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).\n- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).\n- x86/microcode/intel: Look into the patch cache first (bsc#1110006).\n- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).\n- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).\n- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).\n- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).\n- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).\n- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).\n- x86/microcode: Fix CPU synchronization routine (bsc#1110006).\n- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).\n- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).\n- x86/microcode: Propagate return value from updating functions (bsc#1110006).\n- x86/microcode: Request microcode on the BSP (bsc#1110006).\n- x86/microcode: Synchronize late microcode loading (bsc#1110006).\n- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).\n- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).\n- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).\n- x86/mm/kasan: Do not use vmemmap_populate() to initialize shadow (kasan).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).\n- x86/mm/memory_hotplug: determine block size based on the end of boot memory (bsc#1108243).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).\n- x86/mm/pat: Prepare {reserve, free}_memtype() for 'decoy' addresses (bsc#1107783).\n- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).\n- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).\n- x86/mm/tlb: Always use lazy TLB mode (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Leave lazy TLB mode at page table free time (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Make lazy TLB mode lazier (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Only send page table free TLB flush to lazy TLB CPUs (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Restructure switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm/tlb: Skip atomic operations for 'init_mm' in switch_mm_irqs_off() (bsc#1105467 Reduce IPIs and atomic ops with improved lazy TLB).\n- x86/mm: Add TLB purge to free pmd/pte page interfaces (bsc#1110006).\n- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).\n- x86/mm: Disable ioremap free page handling on x86-PAE (bsc#1110006).\n- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).\n- x86/mm: Drop TS_COMPAT on 64-bit exec() syscall (bsc#1110006).\n- x86/mm: Expand static page table for fixmap space (bsc#1110006).\n- x86/mm: Fix ELF_ET_DYN_BASE for 5-level paging (bsc#1110006).\n- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).\n- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).\n- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).\n- x86/mm: implement free pmd/pte page interfaces (bsc#1110006).\n- x86/mpx: Do not allow MPX if we have mappings above 47-bit (bsc#1110006).\n- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).\n- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).\n- x86/paravirt: Fix some warning messages (bsc#1065600).\n- x86/paravirt: Fix spectre-v2 mitigations for paravirt guests (bsc#1065600).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).\n- x86/pkeys: Do not special case protection key 0 (bsc#1110006).\n- x86/pkeys: Override pkey when moving away from PROT_EXEC (bsc#1110006).\n- x86/platform/UV: Add adjustable set memory block size function (bsc#1108243).\n- x86/platform/UV: Add kernel parameter to set memory block size (bsc#1108243).\n- x86/platform/UV: Mark memblock related init code and data correctly (bsc#1108243).\n- x86/platform/UV: Use new set memory block size function (bsc#1108243).\n- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).\n- x86/process: Do not mix user/kernel regs in 64bit __show_regs() (bsc#1110006).\n- x86/process: Re-export start_thread() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).\n- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).\n- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).\n- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).\n- x86/spectre: Add missing family 6 check to microcode check (git-fixes a5b296636453).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).\n- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).\n- x86/speculation/l1tf: Fix off-by-one error when warning that system has too much RAM (bsc#1105536).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).\n- x86/speculation/l1tf: Increase l1tf memory limit for Nehalem+ (bsc#1105536).\n- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).\n- x86/speculation/l1tf: Suggest what to do on systems with too much RAM (bsc#1105536).\n- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).\n- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).\n- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).\n- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).\n- x86/vdso: Fix lsl operand order (bsc#1110006).\n- x86/vdso: Fix lsl operand order (bsc#1110301).\n- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).\n- x86/xen/efi: Initialize only the EFI struct members used by Xen (bsc#1107945).\n- x86/xen: Add call of speculative_store_bypass_ht_init() to PV paths (bsc#1065600).\n- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).\n- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).\n- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).\n- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).\n- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).\n- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).\n- x86: Delay skip of emulated hypercall instruction (bsc#1107207).\n- x86: Delay skip of emulated hypercall instruction (bsc#1110006).\n- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).\n- x86: i8259: Add missing include file (bsc#1110006).\n- x86: irq_remapping: Move irq remapping mode enum ().\n- x86: kvm: avoid unused variable warning (bsc#1110006).\n- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110006).\n- x86: msr-index.h: Correct SNB_C1/C3_AUTO_UNDEMOTE defines (bsc#1110301).\n- xen-netfront: fix bug concerning replacement of MAX_SKB_FRAGS with XEN_NETIF_NR_SLOTS_MIN (bsc#1104824).\n- xen-netfront: fix queue name setting (bsc#1065600).\n- xen-netfront: fix warn message as irq device name has '/' (bsc#1065600).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bsc#1065600).\n- xen/PVH: Set up GS segment for stack canary (bsc#1110006).\n- xen/blkback: do not keep persistent grants too long (bsc#1085042).\n- xen/blkback: move persistent grants flags to bool (bsc#1085042).\n- xen/blkback: remove unused pers_gnts_lock from struct (bsc#1085042).\n- xen/blkfront: cleanup stale persistent grants (bsc#1085042).\n- xen/blkfront: reorder tests in xlblk_init() (bsc#1085042).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bsc#1065600).\n- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).\n- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bsc#1065600).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xen: issue warning message when out of grant maptrack entries (bsc#1105795).\n- xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling (bsc#1065600).\n- xen: xenbus_dev_frontend: Really return response string (bsc#1065600).\n- xenbus: track caller request id (bsc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs, dax: introduce xfs_dax_aops (bsc#1104888).\n- xfs: Fix per-inode DAX flag inheritance (Git-fixes bsc#1109511).\n- xfs: Remove dead code from inode recover function (bsc#1105396).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix type usage (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate backwards in xfs_reflink_cancel_cow_blocks (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: preserve i_rdev when recycling a reclaimable inode (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove post-bmap tracing in xfs_bmap_local_to_extents (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: repair malformed inode items during log recovery (bsc#1105396).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify xfs_reflink_convert_cow (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: trivial indentation fixup for xfs_iext_remove_node (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n- xhci: Fix use after free for URB cancellation on a reallocated endpoint (bsc#1051510).\n- zram: fix null dereference of handle (bsc#1105355).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Public-Cloud-15-2018-2819", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3961-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3961-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3961-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-November/004905.html", }, { category: "self", summary: "SUSE Bug 1012382", url: "https://bugzilla.suse.com/1012382", }, { category: "self", summary: "SUSE Bug 1031392", url: "https://bugzilla.suse.com/1031392", }, { category: "self", summary: "SUSE Bug 1043912", url: "https://bugzilla.suse.com/1043912", }, { category: "self", summary: "SUSE Bug 1044189", url: "https://bugzilla.suse.com/1044189", }, { category: "self", summary: "SUSE Bug 1046302", url: "https://bugzilla.suse.com/1046302", }, { category: "self", summary: "SUSE Bug 1046305", url: "https://bugzilla.suse.com/1046305", }, { category: "self", summary: "SUSE Bug 1046306", url: "https://bugzilla.suse.com/1046306", }, { category: "self", summary: "SUSE Bug 1046307", url: "https://bugzilla.suse.com/1046307", }, { category: "self", summary: "SUSE Bug 1046540", url: "https://bugzilla.suse.com/1046540", }, { category: "self", summary: "SUSE Bug 1046543", url: "https://bugzilla.suse.com/1046543", }, { category: "self", summary: "SUSE Bug 1050244", url: "https://bugzilla.suse.com/1050244", }, { category: "self", summary: "SUSE Bug 1050319", url: "https://bugzilla.suse.com/1050319", }, { category: "self", summary: "SUSE Bug 1050536", url: "https://bugzilla.suse.com/1050536", }, { category: "self", summary: "SUSE Bug 1050540", url: "https://bugzilla.suse.com/1050540", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1054914", url: "https://bugzilla.suse.com/1054914", }, { category: "self", summary: "SUSE Bug 1055014", url: "https://bugzilla.suse.com/1055014", }, { category: "self", summary: "SUSE Bug 1055117", url: "https://bugzilla.suse.com/1055117", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1058659", url: "https://bugzilla.suse.com/1058659", }, { category: "self", summary: "SUSE Bug 1060463", url: "https://bugzilla.suse.com/1060463", }, { category: "self", summary: "SUSE Bug 1061840", url: "https://bugzilla.suse.com/1061840", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067126", url: "https://bugzilla.suse.com/1067126", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1068032", url: "https://bugzilla.suse.com/1068032", }, { category: "self", summary: "SUSE Bug 1069138", url: "https://bugzilla.suse.com/1069138", }, { category: "self", summary: "SUSE Bug 1071995", url: "https://bugzilla.suse.com/1071995", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1077761", url: "https://bugzilla.suse.com/1077761", }, { category: "self", summary: "SUSE Bug 1077989", url: "https://bugzilla.suse.com/1077989", }, { category: "self", summary: "SUSE Bug 1078720", url: "https://bugzilla.suse.com/1078720", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1080157", url: "https://bugzilla.suse.com/1080157", }, { category: "self", summary: "SUSE Bug 1082519", url: "https://bugzilla.suse.com/1082519", }, { category: "self", summary: "SUSE Bug 1082555", url: "https://bugzilla.suse.com/1082555", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1083663", url: "https://bugzilla.suse.com/1083663", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1085030", url: "https://bugzilla.suse.com/1085030", }, { category: "self", summary: "SUSE Bug 1085042", url: "https://bugzilla.suse.com/1085042", }, { category: "self", summary: "SUSE Bug 1085262", url: "https://bugzilla.suse.com/1085262", }, { category: "self", summary: "SUSE Bug 1086282", url: "https://bugzilla.suse.com/1086282", }, { category: "self", summary: "SUSE Bug 1086283", url: "https://bugzilla.suse.com/1086283", }, { category: "self", summary: "SUSE Bug 1086288", url: "https://bugzilla.suse.com/1086288", }, { category: "self", summary: "SUSE Bug 1086327", url: "https://bugzilla.suse.com/1086327", }, { category: "self", summary: "SUSE Bug 1089663", url: "https://bugzilla.suse.com/1089663", }, { category: "self", summary: "SUSE Bug 1090078", url: "https://bugzilla.suse.com/1090078", }, { category: "self", summary: "SUSE Bug 1091800", url: "https://bugzilla.suse.com/1091800", }, { category: "self", summary: "SUSE Bug 1092903", url: "https://bugzilla.suse.com/1092903", }, { category: "self", summary: "SUSE Bug 1094244", url: "https://bugzilla.suse.com/1094244", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095344", url: "https://bugzilla.suse.com/1095344", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1096748", url: "https://bugzilla.suse.com/1096748", }, { category: "self", summary: "SUSE Bug 1097105", url: "https://bugzilla.suse.com/1097105", }, { category: "self", summary: "SUSE Bug 1097583", url: "https://bugzilla.suse.com/1097583", }, { category: "self", summary: "SUSE Bug 1097584", url: "https://bugzilla.suse.com/1097584", }, { category: "self", summary: "SUSE Bug 1097585", url: "https://bugzilla.suse.com/1097585", }, { category: "self", summary: "SUSE Bug 1097586", url: "https://bugzilla.suse.com/1097586", }, { category: "self", summary: "SUSE Bug 1097587", url: "https://bugzilla.suse.com/1097587", }, { category: "self", summary: "SUSE Bug 1097588", url: "https://bugzilla.suse.com/1097588", }, { category: "self", summary: "SUSE Bug 1098459", url: "https://bugzilla.suse.com/1098459", }, { category: "self", summary: "SUSE Bug 1098782", url: "https://bugzilla.suse.com/1098782", }, { category: "self", summary: "SUSE Bug 1098822", url: "https://bugzilla.suse.com/1098822", }, { category: "self", summary: "SUSE Bug 1099125", url: "https://bugzilla.suse.com/1099125", }, { category: "self", summary: "SUSE Bug 1099922", url: "https://bugzilla.suse.com/1099922", }, { category: "self", summary: "SUSE Bug 1099999", url: "https://bugzilla.suse.com/1099999", }, { category: "self", summary: "SUSE Bug 1100001", url: "https://bugzilla.suse.com/1100001", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1101480", url: "https://bugzilla.suse.com/1101480", }, { category: "self", summary: "SUSE Bug 1101557", url: "https://bugzilla.suse.com/1101557", }, { category: "self", summary: "SUSE Bug 1101669", url: "https://bugzilla.suse.com/1101669", }, { category: "self", summary: "SUSE Bug 1102346", url: "https://bugzilla.suse.com/1102346", }, { category: "self", summary: "SUSE Bug 1102495", url: "https://bugzilla.suse.com/1102495", }, { category: "self", summary: "SUSE Bug 1102517", url: "https://bugzilla.suse.com/1102517", }, { category: "self", summary: "SUSE Bug 1102715", url: "https://bugzilla.suse.com/1102715", }, { category: "self", summary: "SUSE Bug 1102870", url: "https://bugzilla.suse.com/1102870", }, { category: "self", summary: "SUSE Bug 1102875", url: "https://bugzilla.suse.com/1102875", }, { category: "self", summary: "SUSE Bug 1102877", url: "https://bugzilla.suse.com/1102877", }, { category: "self", summary: "SUSE Bug 1102879", url: "https://bugzilla.suse.com/1102879", }, { category: "self", summary: "SUSE Bug 1102881", url: "https://bugzilla.suse.com/1102881", }, { category: "self", summary: "SUSE Bug 1102882", url: "https://bugzilla.suse.com/1102882", }, { category: "self", summary: "SUSE Bug 1102896", url: "https://bugzilla.suse.com/1102896", }, { category: "self", summary: "SUSE Bug 1103269", url: "https://bugzilla.suse.com/1103269", }, { category: "self", summary: "SUSE Bug 1103308", url: "https://bugzilla.suse.com/1103308", }, { category: "self", summary: "SUSE Bug 1103356", url: "https://bugzilla.suse.com/1103356", }, { category: "self", summary: "SUSE Bug 1103363", url: "https://bugzilla.suse.com/1103363", }, { category: "self", summary: "SUSE Bug 1103387", url: "https://bugzilla.suse.com/1103387", }, { category: "self", summary: "SUSE Bug 1103405", url: "https://bugzilla.suse.com/1103405", }, { category: "self", summary: "SUSE Bug 1103421", url: "https://bugzilla.suse.com/1103421", }, { category: "self", summary: "SUSE Bug 1103543", url: "https://bugzilla.suse.com/1103543", }, { category: "self", summary: "SUSE Bug 1103587", url: "https://bugzilla.suse.com/1103587", }, { category: "self", summary: "SUSE Bug 1103636", url: "https://bugzilla.suse.com/1103636", }, { category: "self", summary: "SUSE Bug 1103948", url: "https://bugzilla.suse.com/1103948", }, { category: "self", summary: "SUSE Bug 1103949", url: "https://bugzilla.suse.com/1103949", }, { category: "self", summary: "SUSE Bug 1103961", url: "https://bugzilla.suse.com/1103961", }, { category: "self", summary: "SUSE Bug 1104172", url: "https://bugzilla.suse.com/1104172", }, { category: "self", summary: "SUSE Bug 1104353", url: "https://bugzilla.suse.com/1104353", }, { category: "self", summary: "SUSE Bug 1104482", url: "https://bugzilla.suse.com/1104482", }, { category: "self", summary: "SUSE Bug 1104683", url: "https://bugzilla.suse.com/1104683", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1104824", url: "https://bugzilla.suse.com/1104824", }, { category: "self", summary: "SUSE Bug 1104888", url: "https://bugzilla.suse.com/1104888", }, { category: "self", summary: "SUSE Bug 1104890", url: "https://bugzilla.suse.com/1104890", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105190", url: "https://bugzilla.suse.com/1105190", }, { category: "self", summary: "SUSE Bug 1105247", url: "https://bugzilla.suse.com/1105247", }, { category: "self", summary: "SUSE Bug 1105292", url: "https://bugzilla.suse.com/1105292", }, { category: "self", summary: "SUSE Bug 1105322", url: "https://bugzilla.suse.com/1105322", }, { category: "self", summary: "SUSE Bug 1105355", url: "https://bugzilla.suse.com/1105355", }, { category: "self", summary: "SUSE Bug 1105378", url: "https://bugzilla.suse.com/1105378", }, { category: "self", summary: "SUSE Bug 1105396", url: "https://bugzilla.suse.com/1105396", }, { category: "self", summary: "SUSE Bug 1105428", url: "https://bugzilla.suse.com/1105428", }, { category: "self", summary: "SUSE Bug 1105467", url: "https://bugzilla.suse.com/1105467", }, { category: "self", summary: "SUSE Bug 1105524", url: "https://bugzilla.suse.com/1105524", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1105597", url: "https://bugzilla.suse.com/1105597", }, { category: "self", summary: "SUSE Bug 1105603", url: "https://bugzilla.suse.com/1105603", }, { category: "self", summary: "SUSE Bug 1105672", url: "https://bugzilla.suse.com/1105672", }, { category: "self", summary: "SUSE Bug 1105731", url: "https://bugzilla.suse.com/1105731", }, { category: "self", summary: "SUSE Bug 1105795", url: "https://bugzilla.suse.com/1105795", }, { category: "self", summary: "SUSE Bug 1105907", url: "https://bugzilla.suse.com/1105907", }, { category: "self", summary: "SUSE Bug 1106007", url: "https://bugzilla.suse.com/1106007", }, { category: "self", summary: "SUSE Bug 1106016", url: "https://bugzilla.suse.com/1106016", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106121", url: "https://bugzilla.suse.com/1106121", }, { category: "self", summary: "SUSE Bug 1106170", url: "https://bugzilla.suse.com/1106170", }, { category: "self", summary: "SUSE Bug 1106178", url: "https://bugzilla.suse.com/1106178", }, { category: "self", summary: "SUSE Bug 1106229", url: "https://bugzilla.suse.com/1106229", }, { category: "self", summary: "SUSE Bug 1106230", url: "https://bugzilla.suse.com/1106230", }, { category: "self", summary: "SUSE Bug 1106231", url: "https://bugzilla.suse.com/1106231", }, { category: "self", summary: "SUSE Bug 1106233", url: "https://bugzilla.suse.com/1106233", }, { category: "self", summary: "SUSE Bug 1106235", url: "https://bugzilla.suse.com/1106235", }, { category: "self", summary: "SUSE Bug 1106236", url: "https://bugzilla.suse.com/1106236", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106238", url: "https://bugzilla.suse.com/1106238", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106291", url: "https://bugzilla.suse.com/1106291", }, { category: "self", summary: "SUSE Bug 1106297", url: "https://bugzilla.suse.com/1106297", }, { category: "self", summary: "SUSE Bug 1106333", url: "https://bugzilla.suse.com/1106333", }, { category: "self", summary: "SUSE Bug 1106369", url: "https://bugzilla.suse.com/1106369", }, { category: "self", summary: "SUSE Bug 1106427", url: "https://bugzilla.suse.com/1106427", }, { category: "self", summary: "SUSE Bug 1106464", url: "https://bugzilla.suse.com/1106464", }, { category: "self", summary: "SUSE Bug 1106509", url: "https://bugzilla.suse.com/1106509", }, { category: "self", summary: "SUSE Bug 1106511", url: "https://bugzilla.suse.com/1106511", }, { category: "self", summary: "SUSE Bug 1106594", url: "https://bugzilla.suse.com/1106594", }, { category: "self", summary: "SUSE Bug 1106636", url: "https://bugzilla.suse.com/1106636", }, { category: "self", summary: "SUSE Bug 1106688", url: "https://bugzilla.suse.com/1106688", }, { category: "self", summary: "SUSE Bug 1106697", url: "https://bugzilla.suse.com/1106697", }, { category: "self", summary: "SUSE Bug 1106779", url: "https://bugzilla.suse.com/1106779", }, { category: "self", summary: "SUSE Bug 1106800", url: "https://bugzilla.suse.com/1106800", }, { category: "self", summary: "SUSE Bug 1106838", url: "https://bugzilla.suse.com/1106838", }, { category: "self", summary: "SUSE Bug 1106890", url: "https://bugzilla.suse.com/1106890", }, { category: "self", summary: "SUSE Bug 1106891", url: "https://bugzilla.suse.com/1106891", }, { category: "self", summary: "SUSE Bug 1106892", url: "https://bugzilla.suse.com/1106892", }, { category: "self", summary: "SUSE Bug 1106893", url: "https://bugzilla.suse.com/1106893", }, { category: "self", summary: "SUSE Bug 1106894", url: "https://bugzilla.suse.com/1106894", }, { category: "self", summary: "SUSE Bug 1106896", url: "https://bugzilla.suse.com/1106896", }, { category: "self", summary: "SUSE Bug 1106897", url: "https://bugzilla.suse.com/1106897", }, { category: "self", summary: "SUSE Bug 1106898", url: "https://bugzilla.suse.com/1106898", }, { category: "self", summary: "SUSE Bug 1106899", url: "https://bugzilla.suse.com/1106899", }, { category: "self", summary: "SUSE Bug 1106900", url: "https://bugzilla.suse.com/1106900", }, { category: "self", summary: "SUSE Bug 1106901", url: "https://bugzilla.suse.com/1106901", }, { category: "self", summary: "SUSE Bug 1106902", url: "https://bugzilla.suse.com/1106902", }, { category: "self", summary: "SUSE Bug 1106903", url: "https://bugzilla.suse.com/1106903", }, { category: "self", summary: "SUSE Bug 1106905", url: "https://bugzilla.suse.com/1106905", }, { category: "self", summary: "SUSE Bug 1106906", url: "https://bugzilla.suse.com/1106906", }, { category: "self", summary: "SUSE Bug 1106948", url: "https://bugzilla.suse.com/1106948", }, { category: "self", summary: "SUSE Bug 1106995", url: "https://bugzilla.suse.com/1106995", }, { category: "self", summary: "SUSE Bug 1107008", url: "https://bugzilla.suse.com/1107008", }, { category: "self", summary: "SUSE Bug 1107060", url: "https://bugzilla.suse.com/1107060", }, { category: "self", summary: "SUSE Bug 1107061", url: "https://bugzilla.suse.com/1107061", }, { category: "self", summary: "SUSE Bug 1107065", url: "https://bugzilla.suse.com/1107065", }, { category: "self", summary: "SUSE Bug 1107074", url: "https://bugzilla.suse.com/1107074", }, { category: "self", summary: "SUSE Bug 1107207", url: "https://bugzilla.suse.com/1107207", }, { category: "self", summary: "SUSE Bug 1107319", url: "https://bugzilla.suse.com/1107319", }, { category: "self", summary: "SUSE Bug 1107320", url: "https://bugzilla.suse.com/1107320", }, { category: "self", summary: "SUSE Bug 1107522", url: "https://bugzilla.suse.com/1107522", }, { category: "self", summary: "SUSE Bug 1107535", url: "https://bugzilla.suse.com/1107535", }, { category: "self", summary: "SUSE Bug 1107685", url: "https://bugzilla.suse.com/1107685", }, { category: "self", summary: "SUSE Bug 1107689", url: "https://bugzilla.suse.com/1107689", }, { category: "self", summary: "SUSE Bug 1107735", url: "https://bugzilla.suse.com/1107735", }, { category: "self", summary: "SUSE Bug 1107756", url: "https://bugzilla.suse.com/1107756", }, { category: "self", summary: "SUSE Bug 1107783", url: "https://bugzilla.suse.com/1107783", }, { category: "self", summary: "SUSE Bug 1107829", url: "https://bugzilla.suse.com/1107829", }, { category: "self", summary: "SUSE Bug 1107870", url: "https://bugzilla.suse.com/1107870", }, { category: "self", summary: "SUSE Bug 1107924", url: "https://bugzilla.suse.com/1107924", }, { category: "self", summary: "SUSE Bug 1107928", url: "https://bugzilla.suse.com/1107928", }, { category: "self", summary: "SUSE Bug 1107945", url: "https://bugzilla.suse.com/1107945", }, { category: "self", summary: "SUSE Bug 1107947", url: "https://bugzilla.suse.com/1107947", }, { category: "self", summary: "SUSE Bug 1107966", url: "https://bugzilla.suse.com/1107966", }, { category: "self", summary: "SUSE Bug 1108010", url: "https://bugzilla.suse.com/1108010", }, { category: "self", summary: "SUSE Bug 1108093", url: "https://bugzilla.suse.com/1108093", }, { category: "self", summary: "SUSE Bug 1108096", url: "https://bugzilla.suse.com/1108096", }, { category: "self", summary: "SUSE Bug 1108170", url: "https://bugzilla.suse.com/1108170", }, { category: "self", summary: "SUSE Bug 1108241", url: "https://bugzilla.suse.com/1108241", }, { category: "self", summary: "SUSE Bug 1108243", url: "https://bugzilla.suse.com/1108243", }, { category: "self", summary: "SUSE Bug 1108260", url: "https://bugzilla.suse.com/1108260", }, { category: "self", summary: "SUSE Bug 1108281", url: "https://bugzilla.suse.com/1108281", }, { category: "self", summary: "SUSE Bug 1108323", url: "https://bugzilla.suse.com/1108323", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108399", url: "https://bugzilla.suse.com/1108399", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1108520", url: "https://bugzilla.suse.com/1108520", }, { category: "self", summary: "SUSE Bug 1108823", url: "https://bugzilla.suse.com/1108823", }, { category: "self", summary: "SUSE Bug 1108841", url: "https://bugzilla.suse.com/1108841", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109151", url: "https://bugzilla.suse.com/1109151", }, { category: "self", summary: "SUSE Bug 1109158", url: "https://bugzilla.suse.com/1109158", }, { category: "self", summary: "SUSE Bug 1109217", url: "https://bugzilla.suse.com/1109217", }, { category: "self", summary: "SUSE Bug 1109244", url: "https://bugzilla.suse.com/1109244", }, { category: "self", summary: "SUSE Bug 1109269", url: "https://bugzilla.suse.com/1109269", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109333", url: "https://bugzilla.suse.com/1109333", }, { category: "self", summary: "SUSE Bug 1109336", url: "https://bugzilla.suse.com/1109336", }, { category: "self", summary: "SUSE Bug 1109337", url: "https://bugzilla.suse.com/1109337", }, { category: "self", summary: "SUSE Bug 1109511", url: "https://bugzilla.suse.com/1109511", }, { category: "self", summary: "SUSE Bug 1109603", url: "https://bugzilla.suse.com/1109603", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109772", url: "https://bugzilla.suse.com/1109772", }, { category: "self", summary: "SUSE Bug 1109784", url: "https://bugzilla.suse.com/1109784", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1109979", url: "https://bugzilla.suse.com/1109979", }, { category: "self", summary: "SUSE Bug 1109992", url: "https://bugzilla.suse.com/1109992", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110096", url: "https://bugzilla.suse.com/1110096", }, { category: "self", summary: "SUSE Bug 1110301", url: "https://bugzilla.suse.com/1110301", }, { category: "self", summary: "SUSE Bug 1110363", url: "https://bugzilla.suse.com/1110363", }, { category: "self", summary: "SUSE Bug 1110538", url: "https://bugzilla.suse.com/1110538", }, { category: "self", summary: "SUSE Bug 1110561", url: "https://bugzilla.suse.com/1110561", }, { category: "self", summary: "SUSE Bug 1110639", url: "https://bugzilla.suse.com/1110639", }, { category: "self", summary: "SUSE Bug 1110642", url: "https://bugzilla.suse.com/1110642", }, { category: "self", summary: "SUSE Bug 1110643", url: "https://bugzilla.suse.com/1110643", }, { category: "self", summary: "SUSE Bug 1110644", url: "https://bugzilla.suse.com/1110644", }, { category: "self", summary: "SUSE Bug 1110645", url: "https://bugzilla.suse.com/1110645", }, { category: "self", summary: "SUSE Bug 1110646", url: "https://bugzilla.suse.com/1110646", }, { category: "self", summary: "SUSE Bug 1110647", url: "https://bugzilla.suse.com/1110647", }, { category: "self", summary: "SUSE Bug 1110649", url: "https://bugzilla.suse.com/1110649", }, { category: "self", summary: "SUSE Bug 1110650", url: "https://bugzilla.suse.com/1110650", }, { category: "self", summary: "SUSE Bug 1111028", url: "https://bugzilla.suse.com/1111028", }, { category: "self", summary: "SUSE Bug 1111040", url: "https://bugzilla.suse.com/1111040", }, { category: "self", summary: "SUSE Bug 1111076", url: "https://bugzilla.suse.com/1111076", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111806", url: "https://bugzilla.suse.com/1111806", }, { category: "self", summary: "SUSE Bug 1111819", url: "https://bugzilla.suse.com/1111819", }, { category: "self", summary: "SUSE Bug 1111830", url: "https://bugzilla.suse.com/1111830", }, { category: "self", summary: "SUSE Bug 1111834", url: "https://bugzilla.suse.com/1111834", }, { category: "self", summary: "SUSE Bug 1111841", url: "https://bugzilla.suse.com/1111841", }, { category: "self", summary: "SUSE Bug 1111870", url: "https://bugzilla.suse.com/1111870", }, { category: "self", summary: "SUSE Bug 1111901", url: "https://bugzilla.suse.com/1111901", }, { category: "self", summary: "SUSE Bug 1111904", url: "https://bugzilla.suse.com/1111904", }, { category: "self", summary: "SUSE Bug 1111921", url: "https://bugzilla.suse.com/1111921", }, { category: "self", summary: "SUSE Bug 1111928", url: "https://bugzilla.suse.com/1111928", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112878", url: "https://bugzilla.suse.com/1112878", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE Bug 1113295", url: "https://bugzilla.suse.com/1113295", }, { category: "self", summary: "SUSE Bug 1113408", url: "https://bugzilla.suse.com/1113408", }, { category: "self", summary: "SUSE Bug 1113667", url: "https://bugzilla.suse.com/1113667", }, { category: "self", summary: "SUSE Bug 1113722", url: "https://bugzilla.suse.com/1113722", }, { category: "self", summary: "SUSE Bug 1113751", url: "https://bugzilla.suse.com/1113751", }, { category: "self", summary: "SUSE Bug 1113780", url: "https://bugzilla.suse.com/1113780", }, { category: "self", summary: "SUSE Bug 1113972", url: "https://bugzilla.suse.com/1113972", }, { category: "self", summary: "SUSE Bug 1114279", url: "https://bugzilla.suse.com/1114279", }, { category: "self", summary: "SUSE Bug 971975", url: "https://bugzilla.suse.com/971975", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-10902 page", url: "https://www.suse.com/security/cve/CVE-2018-10902/", }, { category: "self", summary: "SUSE CVE CVE-2018-10938 page", url: "https://www.suse.com/security/cve/CVE-2018-10938/", }, { category: "self", summary: "SUSE CVE CVE-2018-10940 page", url: "https://www.suse.com/security/cve/CVE-2018-10940/", }, { category: "self", summary: "SUSE CVE CVE-2018-1128 page", url: "https://www.suse.com/security/cve/CVE-2018-1128/", }, { category: "self", summary: "SUSE CVE CVE-2018-1129 page", url: "https://www.suse.com/security/cve/CVE-2018-1129/", }, { category: "self", summary: "SUSE CVE CVE-2018-12896 page", url: "https://www.suse.com/security/cve/CVE-2018-12896/", }, { category: "self", summary: "SUSE CVE CVE-2018-13093 page", url: "https://www.suse.com/security/cve/CVE-2018-13093/", }, { category: "self", summary: "SUSE CVE CVE-2018-13095 page", url: "https://www.suse.com/security/cve/CVE-2018-13095/", }, { category: "self", summary: "SUSE CVE CVE-2018-14613 page", url: "https://www.suse.com/security/cve/CVE-2018-14613/", }, { category: "self", summary: "SUSE CVE CVE-2018-14617 page", url: "https://www.suse.com/security/cve/CVE-2018-14617/", }, { category: "self", summary: "SUSE CVE CVE-2018-14633 page", url: "https://www.suse.com/security/cve/CVE-2018-14633/", }, { category: "self", summary: "SUSE CVE CVE-2018-15572 page", url: "https://www.suse.com/security/cve/CVE-2018-15572/", }, { category: "self", summary: "SUSE CVE CVE-2018-16658 page", url: "https://www.suse.com/security/cve/CVE-2018-16658/", }, { category: "self", summary: "SUSE CVE CVE-2018-17182 page", url: "https://www.suse.com/security/cve/CVE-2018-17182/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, { category: "self", summary: "SUSE CVE CVE-2018-18710 page", url: "https://www.suse.com/security/cve/CVE-2018-18710/", }, { category: "self", summary: "SUSE CVE CVE-2018-6554 page", url: "https://www.suse.com/security/cve/CVE-2018-6554/", }, { category: "self", summary: "SUSE CVE CVE-2018-6555 page", url: "https://www.suse.com/security/cve/CVE-2018-6555/", }, { category: "self", summary: "SUSE CVE CVE-2018-9363 page", url: "https://www.suse.com/security/cve/CVE-2018-9363/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-11-30T16:43:13Z", generator: { date: "2018-11-30T16:43:13Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3961-1", initial_release_date: "2018-11-30T16:43:13Z", revision_history: [ { date: "2018-11-30T16:43:13Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-4.12.14-5.16.1.noarch", product: { name: "kernel-devel-azure-4.12.14-5.16.1.noarch", product_id: "kernel-devel-azure-4.12.14-5.16.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-4.12.14-5.16.1.noarch", product: { name: "kernel-source-azure-4.12.14-5.16.1.noarch", product_id: "kernel-source-azure-4.12.14-5.16.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "kernel-azure-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-base-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-base-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-base-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-4.12.14-5.16.1.x86_64", product: { name: "kernel-azure-devel-4.12.14-5.16.1.x86_64", product_id: "kernel-azure-devel-4.12.14-5.16.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-4.12.14-5.16.1.x86_64", product: { name: "kernel-syms-azure-4.12.14-5.16.1.x86_64", product_id: "kernel-syms-azure-4.12.14-5.16.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-base-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-base-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-azure-devel-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-4.12.14-5.16.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", }, product_reference: "kernel-devel-azure-4.12.14-5.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-4.12.14-5.16.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", }, product_reference: "kernel-source-azure-4.12.14-5.16.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-4.12.14-5.16.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15", product_id: "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", }, product_reference: "kernel-syms-azure-4.12.14-5.16.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-10902", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10902", }, ], notes: [ { category: "general", text: "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10902", url: "https://www.suse.com/security/cve/CVE-2018-10902", }, { category: "external", summary: "SUSE Bug 1105322 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105322", }, { category: "external", summary: "SUSE Bug 1105323 for CVE-2018-10902", url: "https://bugzilla.suse.com/1105323", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-10902", }, { cve: "CVE-2018-10938", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10938", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10938", url: "https://www.suse.com/security/cve/CVE-2018-10938", }, { category: "external", summary: "SUSE Bug 1106016 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106016", }, { category: "external", summary: "SUSE Bug 1106191 for CVE-2018-10938", url: "https://bugzilla.suse.com/1106191", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-10938", }, { cve: "CVE-2018-10940", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-10940", }, ], notes: [ { category: "general", text: "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-10940", url: "https://www.suse.com/security/cve/CVE-2018-10940", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-10940", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-10940", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-10940", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-10940", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-10940", }, { cve: "CVE-2018-1128", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1128", }, ], notes: [ { category: "general", text: "It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1128", url: "https://www.suse.com/security/cve/CVE-2018-1128", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1128", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1128", url: "https://bugzilla.suse.com/1114710", }, { category: "external", summary: "SUSE Bug 1177843 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177843", }, { category: "external", summary: "SUSE Bug 1177859 for CVE-2018-1128", url: "https://bugzilla.suse.com/1177859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.3, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-1128", }, { cve: "CVE-2018-1129", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1129", }, ], notes: [ { category: "general", text: "A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-1129", url: "https://www.suse.com/security/cve/CVE-2018-1129", }, { category: "external", summary: "SUSE Bug 1096748 for CVE-2018-1129", url: "https://bugzilla.suse.com/1096748", }, { category: "external", summary: "SUSE Bug 1114710 for CVE-2018-1129", url: "https://bugzilla.suse.com/1114710", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-1129", }, { cve: "CVE-2018-12896", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-12896", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-12896", url: "https://www.suse.com/security/cve/CVE-2018-12896", }, { category: "external", summary: "SUSE Bug 1099922 for CVE-2018-12896", url: "https://bugzilla.suse.com/1099922", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-12896", }, { cve: "CVE-2018-13093", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13093", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13093", url: "https://www.suse.com/security/cve/CVE-2018-13093", }, { category: "external", summary: "SUSE Bug 1100001 for CVE-2018-13093", url: "https://bugzilla.suse.com/1100001", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-13093", }, { cve: "CVE-2018-13095", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-13095", }, ], notes: [ { category: "general", text: "An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-13095", url: "https://www.suse.com/security/cve/CVE-2018-13095", }, { category: "external", summary: "SUSE Bug 1099999 for CVE-2018-13095", url: "https://bugzilla.suse.com/1099999", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-13095", }, { cve: "CVE-2018-14613", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14613", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14613", url: "https://www.suse.com/security/cve/CVE-2018-14613", }, { category: "external", summary: "SUSE Bug 1102896 for CVE-2018-14613", url: "https://bugzilla.suse.com/1102896", }, { category: "external", summary: "SUSE Bug 1103800 for CVE-2018-14613", url: "https://bugzilla.suse.com/1103800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-14613", }, { cve: "CVE-2018-14617", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14617", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14617", url: "https://www.suse.com/security/cve/CVE-2018-14617", }, { category: "external", summary: "SUSE Bug 1102870 for CVE-2018-14617", url: "https://bugzilla.suse.com/1102870", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-14617", }, { cve: "CVE-2018-14633", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-14633", }, ], notes: [ { category: "general", text: "A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. Kernel versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-14633", url: "https://www.suse.com/security/cve/CVE-2018-14633", }, { category: "external", summary: "SUSE Bug 1107829 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107829", }, { category: "external", summary: "SUSE Bug 1107832 for CVE-2018-14633", url: "https://bugzilla.suse.com/1107832", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-14633", }, { cve: "CVE-2018-15572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-15572", }, ], notes: [ { category: "general", text: "The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-15572", url: "https://www.suse.com/security/cve/CVE-2018-15572", }, { category: "external", summary: "SUSE Bug 1102517 for CVE-2018-15572", url: "https://bugzilla.suse.com/1102517", }, { category: "external", summary: "SUSE Bug 1105296 for CVE-2018-15572", url: "https://bugzilla.suse.com/1105296", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-15572", }, { cve: "CVE-2018-16658", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-16658", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-16658", url: "https://www.suse.com/security/cve/CVE-2018-16658", }, { category: "external", summary: "SUSE Bug 1092903 for CVE-2018-16658", url: "https://bugzilla.suse.com/1092903", }, { category: "external", summary: "SUSE Bug 1107689 for CVE-2018-16658", url: "https://bugzilla.suse.com/1107689", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-16658", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-16658", }, { cve: "CVE-2018-17182", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-17182", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-17182", url: "https://www.suse.com/security/cve/CVE-2018-17182", }, { category: "external", summary: "SUSE Bug 1108399 for CVE-2018-17182", url: "https://bugzilla.suse.com/1108399", }, { category: "external", summary: "SUSE Bug 1110233 for CVE-2018-17182", url: "https://bugzilla.suse.com/1110233", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-17182", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-18445", }, { cve: "CVE-2018-18710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18710", }, ], notes: [ { category: "general", text: "An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18710", url: "https://www.suse.com/security/cve/CVE-2018-18710", }, { category: "external", summary: "SUSE Bug 1113751 for CVE-2018-18710", url: "https://bugzilla.suse.com/1113751", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-18710", }, { cve: "CVE-2018-6554", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6554", }, ], notes: [ { category: "general", text: "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6554", url: "https://www.suse.com/security/cve/CVE-2018-6554", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6554", url: "https://bugzilla.suse.com/1106511", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "low", }, ], title: "CVE-2018-6554", }, { cve: "CVE-2018-6555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-6555", }, ], notes: [ { category: "general", text: "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-6555", url: "https://www.suse.com/security/cve/CVE-2018-6555", }, { category: "external", summary: "SUSE Bug 1106509 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106509", }, { category: "external", summary: "SUSE Bug 1106511 for CVE-2018-6555", url: "https://bugzilla.suse.com/1106511", }, { category: "external", summary: "SUSE Bug 1115893 for CVE-2018-6555", url: "https://bugzilla.suse.com/1115893", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "moderate", }, ], title: "CVE-2018-6555", }, { cve: "CVE-2018-9363", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-9363", }, ], notes: [ { category: "general", text: "In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-9363", url: "https://www.suse.com/security/cve/CVE-2018-9363", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2018-9363", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1105292 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105292", }, { category: "external", summary: "SUSE Bug 1105293 for CVE-2018-9363", url: "https://bugzilla.suse.com/1105293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-base-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-azure-devel-4.12.14-5.16.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-devel-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-source-azure-4.12.14-5.16.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15:kernel-syms-azure-4.12.14-5.16.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-11-30T16:43:13Z", details: "important", }, ], title: "CVE-2018-9363", }, ], }
suse-su-2018:3593-1
Vulnerability from csaf_suse
Published
2018-10-31 13:44
Modified
2018-10-31 13:44
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).
- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).
- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).
- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).
The following non-security bugs were fixed:
- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).
- acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).
- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).
- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).
- arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).
- arm: exynos: Clear global variable on init error path (bsc#1051510).
- arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).
- arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).
- arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).
- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).
- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).
- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).
- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).
- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).
- ASoC: wm8804: Add ACPI support (bsc#1051510).
- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).
- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).
- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).
- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).
- Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)
- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)
- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).
- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).
- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).
- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).
- HID: add support for Apple Magic Keyboards (bsc#1051510).
- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).
- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).
- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).
- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).
- input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).
- input: atakbd - fix Atari keymap (bsc#1051510).
- kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).
- kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).
- kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).
- kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).
- kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).
- kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).
- kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).
- kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).
- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).
- kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).
- kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).
- kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).
- kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).
- kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).
- kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).
- kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).
- kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).
- kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).
- kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).
- kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).
- nfc: trf7970a: fix check of clock frequencies, use && instead of || (bsc#1051510).
- nfs: Avoid quadratic search when freeing delegations (bsc#1084760).
- pci: Reprogram bridge prefetch registers on resume (bsc#1051510).
- pci: dwc: Fix scheduling while atomic issues (git-fixes).
- pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).
- pm / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).
- pm / core: Clear the direct_complete flag on errors (bsc#1051510).
- pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).
- rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).
- Revert 'Limit kernel-source build to architectures for which we build binaries' This reverts commit d6435125446d740016904abe30a60611549ae812.
- Revert 'cdc-acm: implement put_char() and flush_chars()' (bsc#1051510).
- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).
- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).
- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).
- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).
- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).
- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).
- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).
- Revert 'slab: __GFP_ZERO is incompatible with a constructor' (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.
- Revert 'ubifs: xattr: Do not operate on deleted inodes' (bsc#1051510).
- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).
- usb: Add quirk to support DJI CineSSD (bsc#1051510).
- usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).
- usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).
- usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).
- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).
- usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).
- usb: yurex: Check for truncation in yurex_read() (bsc#1051510).
- usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).
- Use upstream version of pci-hyperv patch (35a88a1)
- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).
- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).
- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).
- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).
- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).
- apparmor: fix mediation of prlimit (bsc#1051510).
- apparmor: fix memory leak when deduping profile load (bsc#1051510).
- apparmor: fix ptrace read check (bsc#1051510).
- asix: Check for supported Wake-on-LAN modes (bsc#1051510).
- ath10k: fix kernel panic issue during pci probe (bsc#1051510).
- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).
- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).
- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).
- audit: fix use-after-free in audit_add_watch (bsc#1051510).
- batman-adv: Avoid probe ELP information leak (bsc#1051510).
- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).
- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).
- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).
- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).
- batman-adv: Prevent duplicated global TT entry (bsc#1051510).
- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).
- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).
- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).
- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).
- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).
- bdi: Fix another oops in wb_workfn() (bsc#1112746).
- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).
- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).
- be2net: remove unused old AIC info (bsc#1086288).
- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).
- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).
- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).
- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).
- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).
- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).
- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).
- bpf/verifier: disallow pointer subtraction (bsc#1083647).
- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).
- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).
- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).
- cdc-acm: fix race between reset and control messaging (bsc#1051510).
- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).
- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).
- cifs: Fix use after free of a mid_q_entry (bsc#1112903).
- cifs: fix memory leak in SMB2_open() (bsc#1112894).
- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).
- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).
- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).
- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).
- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).
- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).
- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).
- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).
- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).
- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).
- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).
- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).
- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).
- crypto: ccp - add timeout support in the SEV command (bsc#1106838).
- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).
- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).
- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).
- cxgb4: fix abort_req_rss6 struct (bsc#1046540).
- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).
- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).
- debugobjects: Make stack check warning more informative (bsc#1051510).
- declance: Fix continuation with the adapter identification message (bsc#1051510).
- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).
- drivers/base: stop new probing during shutdown (bsc#1051510).
- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).
- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).
- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).
- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)
- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).
- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).
- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).
- drm/amdgpu: add new polaris pci id (bsc#1051510).
- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)
- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).
- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).
- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).
- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).
- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)
- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).
- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).
- drm/nouveau/disp: fix DP disable race (bsc#1051510).
- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).
- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).
- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).
- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).
- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).
- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).
- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)
- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).
- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).
- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).
- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).
- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).
- eeprom: at24: change nvmem stride to 1 (bsc#1051510).
- eeprom: at24: check at24_read/write arguments (bsc#1051510).
- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).
- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).
- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).
- enic: handle mtu change for vf properly (bsc#1051510).
- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).
- ethtool: Remove trailing semicolon for static inline (bsc#1051510).
- ethtool: fix a privilege escalation bug (bsc#1076830).
- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).
- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).
- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).
- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).
- ext4: check for NUL characters in extended attribute's name (bsc#1112732).
- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).
- ext4: do not mark mmp buffer head dirty (bsc#1112743).
- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).
- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).
- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).
- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).
- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).
- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).
- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).
- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).
- firmware: raspberrypi: Register hwmon driver (bsc#1108468).
- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).
- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).
- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).
- gpio: Fix crash due to registration race (bsc#1051510).
- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).
- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).
- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).
- gpiolib: Free the last requested descriptor (bsc#1051510).
- hfs: prevent crash on exit from failed search (bsc#1051510).
- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).
- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).
- hv: avoid crash in vmbus sysfs files (bnc#1108377).
- hv_netvsc: fix schedule in RCU context ().
- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).
- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).
- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).
- hwmon: Add support for RPi voltage sensor (bsc#1108468).
- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).
- hypfs_kill_super(): deal with failed allocations (bsc#1051510).
- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).
- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).
- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).
- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).
- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).
- iommu/vt-d: Add definitions for PFSID (bsc#1106237).
- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).
- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).
- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).
- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).
- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).
- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).
- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).
- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).
- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).
- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).
- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).
- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).
- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).
- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).
- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).
- kabi protect enum mem_type (bsc#1099125).
- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).
- kprobes/x86: Fix %p uses in error messages (bsc#1110006).
- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).
- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).
- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).
- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).
- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).
- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).
- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).
- kvmclock: fix TSC calibration for nested guests (bsc#1110006).
- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).
- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).
- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).
- libertas: call into generic suspend code before turning off power (bsc#1051510).
- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).
- liquidio: fix kernel panic in VF driver (bsc#1067126).
- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).
- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).
- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).
- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).
- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).
- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).
- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).
- mac80211: fix a race between restart and CSA flows (bsc#1051510).
- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).
- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).
- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).
- mac80211: shorten the IBSS debug messages (bsc#1051510).
- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).
- mac80211_hwsim: require at least one channel (bsc#1051510).
- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).
- media: af9035: prevent buffer overflow on write (bsc#1051510).
- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).
- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).
- media: helene: fix xtal frequency setting at power on (bsc#1051510).
- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).
- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).
- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).
- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).
- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).
- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).
- mm/migrate: Use spin_trylock() while resetting rate limit ().
- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).
- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).
- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).
- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).
- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).
- net: add support for Cavium PTP coprocessor (bsc#1110096).
- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).
- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).
- net: thunder: change q_len's type to handle max ring size (bsc#1110096).
- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).
- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).
- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).
- net: thunderx: add multicast filter management support (bsc#1110096).
- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).
- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).
- net: thunderx: add timestamping support (bsc#1110096).
- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).
- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).
- net: thunderx: fix double free error (bsc#1110096).
- net: thunderx: move filter register related macro into proper place (bsc#1110096).
- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).
- net: thunderx: remove a couple of redundant assignments (bsc#1110096).
- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).
- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).
- objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).
- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).
- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).
- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).
- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).
- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).
- ovl: fix format of setxattr debug (git-fixes).
- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).
- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).
- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).
- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).
- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).
- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).
- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).
- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).
- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).
- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).
- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).
- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).
- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).
- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).
- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).
- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).
- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).
- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).
- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).
- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).
- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).
- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).
- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:
- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).
- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).
- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).
- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).
- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).
- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).
- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).
- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).
- qed: Wait for ready indication before rereading the shmem (bsc#1050536).
- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).
- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).
- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).
- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).
- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).
- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).
- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).
- reiserfs: add check to detect corrupted directory entry (bsc#1109818).
- reiserfs: do not panic on bad directory entries (bsc#1109818).
- rename a hv patch to reduce conflicts in -AZURE
- reorder a qedi patch to allow further work in this branch
- rpc_pipefs: fix double-dput() (bsc#1051510).
- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).
- sched/numa: Limit the conditions where scan period is reset ().
- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).
- scsi: ipr: Eliminate duplicate barriers ().
- scsi: ipr: Use dma_pool_zalloc() ().
- scsi: ipr: fix incorrect indentation of assignment statement ().
- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).
- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).
- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).
- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).
- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).
- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).
- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).
- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).
- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).
- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).
- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).
- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).
- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).
- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).
- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).
- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).
- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).
- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).
- serial: cpm_uart: return immediately from console poll (bsc#1051510).
- serial: imx: restore handshaking irq for imx1 (bsc#1051510).
- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).
- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).
- smb2: fix missing files in root share directory listing (bsc#1112907).
- smb3: fill in statfs fsid and correct namelen (bsc#1112905).
- smb3: fix reset of bytes read and written stats (bsc#1112906).
- smb3: on reconnect set PreviousSessionId field (bsc#1112899).
- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).
- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).
- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).
- soreuseport: initialise timewait reuseport field (bsc#1051510).
- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).
- sound: enable interrupt after dma buffer initialization (bsc#1051510).
- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).
- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).
- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).
- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).
- squashfs metadata 2: electric boogaloo (bsc#1051510).
- squashfs: be more careful about metadata corruption (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- squashfs: more metadata hardening (bsc#1051510).
- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).
- supported.conf: added cavium_ptp
- supported.conf: mark raspberrypi-hwmon as supported
- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).
- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).
- target: log Data-Out timeouts as errors (bsc#1095805).
- target: log NOP ping timeouts as errors (bsc#1095805).
- target: split out helper for cxn timeout error stashing (bsc#1095805).
- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).
- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).
- team: Forbid enslaving team device to itself (bsc#1051510).
- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).
- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).
- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).
- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).
- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).
- tsl2550: fix lux1_input error in low light (bsc#1051510).
- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).
- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).
- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).
- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).
- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).
- ubifs: Check for name being NULL while mounting (bsc#1051510).
- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).
- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).
- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).
- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).
- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).
- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).
- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).
- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).
- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).
- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).
- usb: uas: add support for more quirk flags (bsc#1051510).
- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).
- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).
- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).
- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).
- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).
- virtio: pci-legacy: Validate queue pfn (bsc#1051510).
- vmbus: do not return values for uninitalized channels (bsc#1051510).
- vti4: Do not count header length twice on tunnel setup (bsc#1051510).
- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).
- x86-64/realmode: Add instruction suffix (bsc#1110006).
- x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect.
- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).
- x86/CPU: Add a microcode loader callback (bsc#1110006).
- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).
- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).
- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).
- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).
- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).
- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).
- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).
- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).
- x86/MCE: Remove min interval polling limitation (bsc#1110006).
- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).
- x86/MCE: Serialize sysfs changes (bsc#1110006).
- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).
- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).
- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).
- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bsc#1110006).
- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).
- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).
- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).
- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).
- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).
- x86/boot: Move EISA setup to a separate file (bsc#1110006).
- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).
- x86/build: Beautify build log of syscall headers (bsc#1110006).
- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).
- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).
- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).
- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).
- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).
- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).
- x86/decoder: Add new TEST instruction pattern (bsc#1110006).
- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).
- x86/eisa: Add missing include (bsc#1110006).
- x86/entry/64: Add two more instruction suffixes (bsc#1110006).
- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).
- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).
- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).
- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).
- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).
- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).
- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).
- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).
- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).
- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).
- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).
- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).
- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).
- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).
- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).
- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).
- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).
- x86/mce/AMD: Get address from already initialized block (bsc#1110006).
- x86/mce: Add notifier_block forward declaration (bsc#1110006).
- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).
- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).
- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).
- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).
- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).
- x86/microcode/intel: Look into the patch cache first (bsc#1110006).
- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).
- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).
- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).
- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).
- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).
- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).
- x86/microcode: Fix CPU synchronization routine (bsc#1110006).
- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).
- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).
- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).
- x86/microcode: Propagate return value from updating functions (bsc#1110006).
- x86/microcode: Request microcode on the BSP (bsc#1110006).
- x86/microcode: Synchronize late microcode loading (bsc#1110006).
- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).
- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).
- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).
- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).
- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).
- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).
- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).
- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).
- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).
- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).
- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).
- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).
- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).
- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).
- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).
- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).
- x86/paravirt: Fix some warning messages (bnc#1065600).
- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).
- x86/percpu: Fix this_cpu_read() (bsc#1110006).
- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).
- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).
- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).
- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).
- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).
- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).
- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).
- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).
- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).
- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).
- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).
- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).
- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).
- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).
- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).
- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).
- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).
- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).
- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).
- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).
- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).
- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).
- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).
- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).
- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).
- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).
- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).
- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).
- x86: Delay skip of emulated hypercall instruction (bsc#1110006).
- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).
- x86: i8259: Add missing include file (bsc#1110006).
- x86: kvm: avoid unused variable warning (bsc#1110006).
- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).
- xen/PVH: Set up GS segment for stack canary (bsc#1110006).
- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).
- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).
- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).
- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).
- xfrm: use complete IPv6 addresses for hash (bsc#1109330).
- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).
- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).
- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).
Patchnames
SUSE-SLE-Module-Live-Patching-15-2018-2547
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\n\nThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-18445: A faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandled 32-bit right shifts (bnc#1112372).\n- CVE-2018-18386: drivers/tty/n_tty.c allowed local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ (bnc#1094825).\n- CVE-2017-18224: fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allowed local users to cause a denial of service (BUG) by modifying a certain e_cpos field (bnc#1084831).\n- CVE-2017-16533: The usbhid_parse function in drivers/hid/usbhid/hid-core.c allowed local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device (bnc#1066674).\n\nThe following non-security bugs were fixed:\n\n- acpi / processor: Fix the return value of acpi_processor_ids_walk() (bsc#1051510).\n- acpica: Reference Counts: increase max to 0x4000 for large servers (bsc#1108241).\n- alsa: hda/realtek - Cannot adjust speaker's volume on Dell XPS 27 7760 (bsc#1051510).\n- arm: 8799/1: mm: fix pci_ioremap_io() offset check (bsc#1051510).\n- arm: bcm2835: Add GET_THROTTLED firmware property (bsc#1108468).\n- arm: exynos: Clear global variable on init error path (bsc#1051510).\n- arm: hisi: check of_iomap and fix missing of_node_put (bsc#1051510).\n- arm: hwmod: RTC: Do not assume lock/unlock will be called with irq enabled (bsc#1051510).\n- arm: mvebu: declare asm symbols as character arrays in pmsu.c (bsc#1051510).\n- ASoC: Intel: Skylake: Reset the controller in probe (bsc#1051510).\n- ASoC: rsnd: adg: care clock-frequency size (bsc#1051510).\n- ASoC: rsnd: do not fallback to PIO mode when -EPROBE_DEFER (bsc#1051510).\n- ASoC: rt5514: Fix the issue of the delay volume applied again (bsc#1051510).\n- ASoC: sigmadsp: safeload should not have lower byte limit (bsc#1051510).\n- ASoC: wm8804: Add ACPI support (bsc#1051510).\n- Btrfs: fix file data corruption after cloning a range and fsync (bsc#1111901).\n- Btrfs: fix mount failure after fsync due to hard link recreation (bsc#1103543).\n- Btrfs: send, fix invalid access to commit roots due to concurrent snapshotting (bsc#1111904).\n- cifs: check for STATUS_USER_SESSION_DELETED (bsc#1112902).\n- Delete patches.drivers/IB-qedr-Remove-GID-add-del-dummy-routines.patch. (bsc#1110921)\n- Disable DRM patches that broke vbox video driver KMP (bsc#1111076)\n- EDAC, ghes: Add DDR4 and NVDIMM memory types (bsc#1099125).\n- EDAC, skx: Fix skx_edac build error when ACPI_NFIT=m (bsc#1099125).\n- EDAC, skx_edac: Detect non-volatile DIMMs (bsc#1099125).\n- EDAC: Add new memory type for non-volatile DIMMs (bsc#1099125).\n- HID: add support for Apple Magic Keyboards (bsc#1051510).\n- HID: hid-saitek: Add device ID for RAT 7 Contagion (bsc#1051510).\n- HID: hid-sensor-hub: Force logical minimum to 1 for power and report state (bsc#1051510).\n- HID: quirks: fix support for Apple Magic Keyboards (bsc#1051510).\n- HID: sensor-hub: Restore fixup for Lenovo ThinkPad Helix 2 sensor hub report (bsc#1051510).\n- input: atakbd - fix Atari CapsLock behaviour (bsc#1051510).\n- input: atakbd - fix Atari keymap (bsc#1051510).\n- kvm/vmx: Optimize vmx_vcpu_run() and svm_vcpu_run() by marking the RDMSR path as unlikely() (bsc#1110006).\n- kvm: svm: Add MSR-based feature support for serializing LFENCE (bsc#1106240).\n- kvm: vmx: Tell the nested hypervisor to skip L1D flush on vmentry (bsc#1106240).\n- kvm: vmx: raise internal error for exception during invalid protected mode state (bsc#1110006).\n- kvm: vmx: support MSR_IA32_ARCH_CAPABILITIES as a feature MSR (bsc#1106240).\n- kvm: x86: Fix reserved bits check for MOV to CR3 (bsc#1110006).\n- kvm: x86: Introduce kvm_get_msr_feature() (bsc#1106240).\n- kvm: x86: fix incorrect reference of trace_kvm_pi_irte_update (bsc#1110006).\n- kvm: lapic: stop advertising DIRECTED_EOI when in-kernel IOAPIC is in use (bsc#1110006).\n- kvm: nvmx: Do not expose MPX VMX controls when guest MPX disabled (bsc#1106240).\n- kvm: nvmx: Do not halt vcpu when L1 is injecting events to L2 (bsc#1110006).\n- kvm: vmx: track host_state.loaded using a loaded_vmcs pointer (bsc#1110006).\n- kvm: vmx: use local variable for current_vmptr when emulating VMPTRST (bsc#1110006).\n- kvm: x86: Add a framework for supporting MSR-based features (bsc#1106240).\n- kvm: x86: Do not use kvm_x86_ops->mpx_supported() directly (bsc#1106240).\n- kvm: x86: Update cpuid properly when CR4.OSXAVE or CR4.PKE is changed (bsc#1110006).\n- kvm: x86: define SVM/VMX specific kvm_arch_[alloc|free]_vm (bsc#1111506).\n- kvm: x86: fix #UD address of failed Hyper-V hypercalls (bsc#1110006).\n- kvm: x86: fix escape of guest dr6 to the host (bsc#1110006).\n- kvm: x86: remove APIC Timer periodic/oneshot spikes (bsc#1110006).\n- nfc: trf7970a: fix check of clock frequencies, use && instead of || (bsc#1051510).\n- nfs: Avoid quadratic search when freeing delegations (bsc#1084760).\n- pci: Reprogram bridge prefetch registers on resume (bsc#1051510).\n- pci: dwc: Fix scheduling while atomic issues (git-fixes).\n- pci: hv: Do not wait forever on a device that has disappeared (bsc#1109806).\n- pm / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() (bsc#1051510).\n- pm / core: Clear the direct_complete flag on errors (bsc#1051510).\n- pm: cpuidle: Fix cpuidle_poll_state_init() prototype (bsc#1110006).\n- rdma/bnxt_re: Fix system crash during RDMA resource initialization (bsc#1086283).\n- Revert 'Limit kernel-source build to architectures for which we build binaries' This reverts commit d6435125446d740016904abe30a60611549ae812.\n- Revert 'cdc-acm: implement put_char() and flush_chars()' (bsc#1051510).\n- Revert 'drm/amdgpu: Add an ATPX quirk for hybrid laptop' (bsc#1051510).\n- Revert 'drm/i915/gvt: set max priority for gvt context' (bsc#1051510).\n- Revert 'gpio: set up initial state from .get_direction()' (bsc#1051510).\n- Revert 'iommu/io-pgtable: Avoid redundant TLB syncs' (bsc#1106237).\n- Revert 'mwifiex: fix incorrect ht capability problem' (bsc#1051510).\n- Revert 'mwifiex: handle race during mwifiex_usb_disconnect' (bsc#1051510).\n- Revert 'pinctrl: sunxi: Do not enforce bias disable (for now)' (bsc#1051510).\n- Revert 'slab: __GFP_ZERO is incompatible with a constructor' (bnc#1108828) This reverts commit de0a67303736262e306a3eb23aa38824b28c2764 because we still seem to have false possitives in the tree.\n- Revert 'ubifs: xattr: Do not operate on deleted inodes' (bsc#1051510).\n- Squashfs: Compute expected length from inode size rather than block length (bsc#1051510).\n- usb: Add quirk to support DJI CineSSD (bsc#1051510).\n- usb: add quirk for WORLDE Controller KS49 or Prodipe MIDI 49C USB controller (bsc#1051510).\n- usb: fix error handling in usb_driver_claim_interface() (bsc#1051510).\n- usb: handle NULL config in usb_find_alt_setting() (bsc#1051510).\n- usb: remove LPM management from usb_driver_claim_interface() (bsc#1051510).\n- usb: serial: simple: add Motorola Tetra MTP6550 id (bsc#1051510).\n- usb: yurex: Check for truncation in yurex_read() (bsc#1051510).\n- usb: yurex: Fix buffer over-read in yurex_write() (bsc#1051510).\n- Use upstream version of pci-hyperv patch (35a88a1)\n- acpi, nfit: Add function to look up nvdimm device and provide SMBIOS handle (bsc#1099125).\n- aio: fix io_destroy(2) vs. lookup_ioctx() race (git-fixes).\n- apparmor: Check buffer bounds when mapping permissions mask (git-fixes).\n- apparmor: Fix failure to audit context info in build_change_hat (bsc#1051510).\n- apparmor: Fully initialize aa_perms struct when answering userspace query (bsc#1051510).\n- apparmor: fix mediation of prlimit (bsc#1051510).\n- apparmor: fix memory leak when deduping profile load (bsc#1051510).\n- apparmor: fix ptrace read check (bsc#1051510).\n- asix: Check for supported Wake-on-LAN modes (bsc#1051510).\n- ath10k: fix kernel panic issue during pci probe (bsc#1051510).\n- ath10k: fix scan crash due to incorrect length calculation (bsc#1051510).\n- ath10k: fix use-after-free in ath10k_wmi_cmd_send_nowait (bsc#1051510).\n- ath10k: protect ath10k_htt_rx_ring_free with rx_ring.lock (bsc#1051510).\n- audit: fix use-after-free in audit_add_watch (bsc#1051510).\n- batman-adv: Avoid probe ELP information leak (bsc#1051510).\n- batman-adv: Fix multicast TT issues with bogus ROAM flags (bsc#1051510).\n- batman-adv: Fix segfault when writing to sysfs elp_interval (bsc#1051510).\n- batman-adv: Fix segfault when writing to throughput_override (bsc#1051510).\n- batman-adv: Prevent duplicated gateway_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated global TT entry (bsc#1051510).\n- batman-adv: Prevent duplicated nc_node entry (bsc#1051510).\n- batman-adv: Prevent duplicated softif_vlan entry (bsc#1051510).\n- batman-adv: Prevent duplicated tvlv handler (bsc#1051510).\n- batman-adv: fix backbone_gw refcount on queue_work() failure (bsc#1051510).\n- batman-adv: fix hardif_neigh refcount on queue_work() failure (bsc#1051510).\n- bdi: Fix another oops in wb_workfn() (bsc#1112746).\n- bdi: Preserve kabi when adding cgwb_release_mutex (bsc#1112746).\n- be2net: Fix memory leak in be_cmd_get_profile_config() (bsc#1086288).\n- be2net: remove unused old AIC info (bsc#1086288).\n- be2net: remove unused old custom busy-poll fields (bsc#1086288 ).\n- blk-mq: I/O and timer unplugs are inverted in blktrace (bsc#1112713).\n- blkdev_report_zones_ioctl(): Use vmalloc() to allocate large buffers (bsc#1111819).\n- block, bfq: fix wrong init of saved start time for weight raising (bsc#1112708).\n- block: bfq: swap puts in bfqg_and_blkg_put (bsc#1112712).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1111834).\n- bnx2x: Fix invalid memory access in rss hash config path (bsc#1050319).\n- bnx2x: Fix receiving tx-timeout in error or recovery state (bsc#1050319).\n- bpf/verifier: disallow pointer subtraction (bsc#1083647).\n- bpf: make cavium thunder compatible w/ bpf_xdp_adjust_tail (bsc#1110096).\n- btrfs: fix missing error return in btrfs_drop_snapshot (Git-fixes bsc#1109919).\n- btrfs: handle errors while updating refcounts in update_ref_for_cow (Git-fixes bsc#1109915).\n- cdc-acm: fix race between reset and control messaging (bsc#1051510).\n- ceph: avoid a use-after-free in ceph_destroy_options() (bsc#1111983).\n- cfg80211: fix a type issue in ieee80211_chandef_to_operating_class() (bsc#1051510).\n- cifs: Fix use after free of a mid_q_entry (bsc#1112903).\n- cifs: fix memory leak in SMB2_open() (bsc#1112894).\n- cifs: integer overflow in in SMB2_ioctl() (bsc#1051510).\n- clk: clk-fixed-factor: Clear OF_POPULATED flag in case of failure (bsc#1051510).\n- clk: rockchip: Add pclk_rkpwm_pmu to PMU critical clocks in rk3399 (bsc#1051510).\n- clk: tegra: bpmp: Do not crash when a clock fails to register (bsc#1051510).\n- clk: x86: Stop marking clocks as CLK_IS_CRITICAL (bsc#1051510).\n- clk: x86: add 'ether_clk' alias for Bay Trail / Cherry Trail (bsc#1051510).\n- clocksource/drivers/ti-32k: Add CLOCK_SOURCE_SUSPEND_NONSTOP flag for non-am43 SoCs (bsc#1051510).\n- clocksource/drivers/timer-atmel-pit: Properly handle error cases (bsc#1051510).\n- coda: fix 'kernel memory exposure attempt' in fsync (bsc#1051510).\n- cpu/hotplug: Fix SMT supported evaluation (bsc#1110006).\n- cpufreq, intel_pstate: Allow unspecified FADT profile to probe PPC (bnc#1108841).\n- crypto: caam/jr - fix ablkcipher_edesc pointer arithmetic (bsc#1051510).\n- crypto: cavium/nitrox - fix for command corruption in queue full case with backlog submissions (bsc#1051510).\n- crypto: ccp - add timeout support in the SEV command (bsc#1106838).\n- crypto: chelsio - Fix memory corruption in DMA Mapped buffers (bsc#1051510).\n- crypto: mxs-dcp - Fix wait logic on chan threads (bsc#1051510).\n- crypto: qat - Fix KASAN stack-out-of-bounds bug in adf_probe() (bsc#1051510).\n- cxgb4: fix abort_req_rss6 struct (bsc#1046540).\n- cxgb4: when disabling dcb set txq dcb priority to 0 (bsc#1046540 ).\n- dax: Fix deadlock in dax_lock_mapping_entry() (bsc#1109951).\n- debugobjects: Make stack check warning more informative (bsc#1051510).\n- declance: Fix continuation with the adapter identification message (bsc#1051510).\n- dmaengine: pl330: fix irq race with terminate_all (bsc#1051510).\n- drivers/base: stop new probing during shutdown (bsc#1051510).\n- drivers/tty: add error handling for pcmcia_loop_config (bsc#1051510).\n- drm/amdgpu: Enable/disable gfx PG feature in rlc safe mode (bsc#1051510).\n- drm/amdgpu: Fix SDMA HQD destroy error on gfx_v7 (bsc#1051510).\n- drm/amdgpu: Fix vce work queue was not cancelled when suspend (bsc#1106110)\n- drm/amdgpu: Pulling old prepare and submit for flip back (bsc#1051510).\n- drm/amdgpu: Update power state at the end of smu hw_init (bsc#1051510).\n- drm/amdgpu: add another ATPX quirk for TOPAZ (bsc#1051510).\n- drm/amdgpu: add new polaris pci id (bsc#1051510).\n- drm/amdgpu: fix error handling in amdgpu_cs_user_fence_chunk (bsc#1106110)\n- drm/amdgpu: revert 'fix deadlock of reservation between cs and gpu reset v2' (bsc#1051510).\n- drm/amdkfd: Fix error codes in kfd_get_process (bsc#1051510).\n- drm/edid: VSDB yCBCr420 Deep Color mode bit definitions (bsc#1051510).\n- drm/i915/glk: Add Quirk for GLK NUC HDMI port issues (bsc#1051510).\n- drm/i915: Handle incomplete Z_FINISH for compressed error states (bsc#1100132)\n- drm/nouveau/TBDdevinit: do not fail when PMU/PRE_OS is missing from VBIOS (bsc#1051510).\n- drm/nouveau/debugfs: Wake up GPU before doing any reclocking (bsc#1051510).\n- drm/nouveau/disp: fix DP disable race (bsc#1051510).\n- drm/nouveau/drm/nouveau: Do not forget to cancel hpd_work on suspend/unload (bsc#1051510).\n- drm/nouveau/drm/nouveau: Prevent handling ACPI HPD events too early (bsc#1051510).\n- drm/nouveau/drm/nouveau: Use pm_runtime_get_noresume() in connector_detect() (bsc#1051510).\n- drm/nouveau: Fix deadlocks in nouveau_connector_detect() (bsc#1051510).\n- drm/nouveau: Fix runtime PM leak in drm_open() (bsc#1051510).\n- drm/nouveau: tegra: Detach from ARM DMA/IOMMU mapping (bsc#1051510).\n- drm/sun4i: Fix an ulong overflow in the dotclock driver (bsc#1106110)\n- drm/sun4i: Fix releasing node when enumerating enpoints (bsc#1051510).\n- drm: mali-dp: Call drm_crtc_vblank_reset on device init (bsc#1051510).\n- drm: udl: Destroy framebuffer only if it was initialized (bsc#1051510).\n- e1000: check on netif_running() before calling e1000_up() (bsc#1051510).\n- e1000: ensure to free old tx/rx rings in set_ringparam() (bsc#1051510).\n- eeprom: at24: change nvmem stride to 1 (bsc#1051510).\n- eeprom: at24: check at24_read/write arguments (bsc#1051510).\n- eeprom: at24: correctly set the size for at24mac402 (bsc#1051510).\n- efi: Avoid potential crashes, fix the 'struct efi_pci_io_protocol_32' definition for mixed mode (bsc#1110006).\n- enic: do not call enic_change_mtu in enic_probe (bsc#1051510).\n- enic: handle mtu change for vf properly (bsc#1051510).\n- enic: initialize enic->rfs_h.lock in enic_probe (bsc#1051510).\n- ethtool: Remove trailing semicolon for static inline (bsc#1051510).\n- ethtool: fix a privilege escalation bug (bsc#1076830).\n- evm: Do not deadlock if a crypto algorithm is unavailable (bsc#1051510).\n- ext2, dax: set ext2_dax_aops for dax files (bsc#1112554).\n- ext4: avoid arithemetic overflow that can trigger a BUG (bsc#1112736).\n- ext4: avoid divide by zero fault when deleting corrupted inline directories (bsc#1112735).\n- ext4: check for NUL characters in extended attribute's name (bsc#1112732).\n- ext4: check to make sure the rename(2)'s destination is not freed (bsc#1112734).\n- ext4: do not mark mmp buffer head dirty (bsc#1112743).\n- ext4: fix online resize's handling of a too-small final block group (bsc#1112739).\n- ext4: fix online resizing for bigalloc file systems with a 1k block size (bsc#1112740).\n- ext4: fix spectre gadget in ext4_mb_regular_allocator() (bsc#1112733).\n- ext4: recalucate superblock checksum after updating free blocks/inodes (bsc#1112738).\n- ext4: reset error code in ext4_find_entry in fallback (bsc#1112731).\n- ext4: show test_dummy_encryption mount option in /proc/mounts (bsc#1112741).\n- fbdev/omapfb: fix omapfb_memory_read infoleak (bsc#1051510).\n- firmware, DMI: Add function to look up a handle and return DIMM size (bsc#1099125).\n- firmware: raspberrypi: Register hwmon driver (bsc#1108468).\n- floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl (bsc#1051510).\n- fs/quota: Fix spectre gadget in do_quotactl (bsc#1112745).\n- fuse: Do not access pipe->buffers without pipe_lock() (bsc#1051510).\n- gpio: Fix crash due to registration race (bsc#1051510).\n- gpio: adp5588: Fix sleep-in-atomic-context bug (bsc#1051510).\n- gpio: mb86s70: Revert 'Return error if requesting an already assigned gpio' (bsc#1051510).\n- gpiolib-acpi: Register GpioInt ACPI event handlers from a late_initcall (bsc#1051510).\n- gpiolib: Free the last requested descriptor (bsc#1051510).\n- hfs: prevent crash on exit from failed search (bsc#1051510).\n- hfsplus: do not return 0 when fill_super() failed (bsc#1051510).\n- hfsplus: stop workqueue when fill_super() failed (bsc#1051510).\n- hv: avoid crash in vmbus sysfs files (bnc#1108377).\n- hv_netvsc: fix schedule in RCU context ().\n- hwmon: (adt7475) Make adt7475_read_word() return errors (bsc#1051510).\n- hwmon: (ina2xx) fix sysfs shunt resistor read access (bsc#1051510).\n- hwmon: (nct6775) Set weight source to zero correctly (bsc#1051510).\n- hwmon: Add support for RPi voltage sensor (bsc#1108468).\n- hwmon: rpi: add module alias to raspberrypi-hwmon (bsc#1108468).\n- hypfs_kill_super(): deal with failed allocations (bsc#1051510).\n- i2c: i2c-scmi: fix for i2c_smbus_write_block_data (bsc#1051510).\n- i2c: rcar: cleanup DMA for all kinds of failure (bsc#1051510).\n- intel_th: pci: Add Ice Lake PCH support (bsc#1051510).\n- iommu/amd: Clear memory encryption mask from physical address (bsc#1106105).\n- iommu/arm-smmu: Error out only if not enough context interrupts (bsc#1106237).\n- iommu/vt-d: Add definitions for PFSID (bsc#1106237).\n- iommu/vt-d: Fix dev iotlb pfsid use (bsc#1106237).\n- iommu/vt-d: Fix scatterlist offset handling (bsc#1106237).\n- ipmi:ssif: Add support for multi-part transmit messages > 2 parts (bsc#1103308).\n- ipv4: fix use-after-free in ip_cmsg_recv_dstaddr() (git-fixes).\n- irq/core: Fix boot crash when the irqaffinity= boot parameter is passed on CPUMASK_OFFSTACK=y kernels(v1) (bsc#1051510).\n- iwlwifi: dbg: do not crash if the firmware crashes in the middle of a debug dump (bsc#1051510).\n- iwlwifi: mvm: Allow TKIP for AP mode (bsc#1051510).\n- iwlwifi: mvm: check for n_profiles validity in EWRD ACPI (bsc#1051510).\n- iwlwifi: mvm: clear HW_RESTART_REQUESTED when stopping the interface (bsc#1051510).\n- iwlwifi: mvm: open BA session only when sta is authorized (bsc#1051510).\n- iwlwifi: mvm: send BCAST management frames to the right station (bsc#1051510).\n- iwlwifi: pcie gen2: check iwl_pcie_gen2_set_tb() return value (bsc#1051510).\n- iwlwifi: pcie: gen2: build A-MSDU only for GSO (bsc#1051510).\n- jbd2: fix use after free in jbd2_log_do_checkpoint() (bsc#1113257).\n- kABI: Hide get_msr_feature() in kvm_x86_ops (bsc#1106240).\n- kabi protect enum mem_type (bsc#1099125).\n- kprobes/x86: Disable preemption in ftrace-based jprobes (bsc#1110006).\n- kprobes/x86: Fix %p uses in error messages (bsc#1110006).\n- kprobes/x86: Prohibit probing on exception masking instructions (bsc#1110006).\n- ksm: fix unlocked iteration over vmas in cmp_and_merge_page() (VM Functionality bsc#1111806).\n- kvm, mm: account shadow page tables to kmemcg (bsc#1110006).\n- kvm/x86: kABI fix for vm_alloc/vm_free changes (bsc#1111506).\n- kvm: Make VM ioctl do valloc for some archs (bsc#1111506).\n- kvm: x86: Set highest physical address bits in non-present/reserved SPTEs (bsc#1106240).\n- kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl (bsc#1110006).\n- kvmclock: fix TSC calibration for nested guests (bsc#1110006).\n- lib/bug.c: exclude non-BUG/WARN exceptions from report_bug() (bsc#1110006).\n- lib/ubsan.c: s/missaligned/misaligned/ (bsc#1051510).\n- lib/ubsan: add type mismatch handler for new GCC/Clang (bsc#1051510).\n- libertas: call into generic suspend code before turning off power (bsc#1051510).\n- liquidio: fix hang when re-binding VF host drv after running DPDK VF driver (bsc#1067126).\n- liquidio: fix kernel panic in VF driver (bsc#1067126).\n- loop: add recursion validation to LOOP_CHANGE_FD (bsc#1112711).\n- loop: do not call into filesystem while holding lo_ctl_mutex (bsc#1112710).\n- loop: fix LOOP_GET_STATUS lock imbalance (bsc#1113284).\n- mac80211: Fix station bandwidth setting after channel switch (bsc#1051510).\n- mac80211: Run TXQ teardown code before de-registering interfaces (bsc#1051510).\n- mac80211: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211: do not Tx a deauth frame if the AP forbade Tx (bsc#1051510).\n- mac80211: do not convert to A-MSDU if frag/subframe limited (bsc#1051510).\n- mac80211: fix a race between restart and CSA flows (bsc#1051510).\n- mac80211: fix setting IEEE80211_KEY_FLAG_RX_MGMT for AP mode keys (bsc#1051510).\n- mac80211: mesh: fix HWMP sequence numbering to follow standard (bsc#1051510).\n- mac80211: minstrel: fix using short preamble CCK rates on HT clients (bsc#1051510).\n- mac80211: shorten the IBSS debug messages (bsc#1051510).\n- mac80211_hwsim: correct use of IEEE80211_VHT_CAP_RXSTBC_X (bsc#1051510).\n- mac80211_hwsim: require at least one channel (bsc#1051510).\n- mach64: detect the dot clock divider correctly on sparc (bsc#1051510).\n- media: af9035: prevent buffer overflow on write (bsc#1051510).\n- media: davinci: vpif_display: Mix memory leak on probe error path (bsc#1051510).\n- media: fsl-viu: fix error handling in viu_of_probe() (bsc#1051510).\n- media: helene: fix xtal frequency setting at power on (bsc#1051510).\n- media: s3c-camif: ignore -ENOIOCTLCMD from v4l2_subdev_call for s_power (bsc#1051510).\n- media: s5p-mfc: Fix buffer look up in s5p_mfc_handle_frame_{new, copy_time} functions (bsc#1051510).\n- media: soc_camera: ov772x: correct setting of banding filter (bsc#1051510).\n- media: tm6000: add error handling for dvb_register_adapter (bsc#1051510).\n- media: videobuf-dma-sg: Fix dma_{sync,unmap}_sg() calls (bsc#1051510).\n- media: videobuf2-core: check for q->error in vb2_core_qbuf() (bsc#1051510).\n- mm/migrate: Use spin_trylock() while resetting rate limit ().\n- mm: /proc/pid/pagemap: hide swap entries from unprivileged users (Git-fixes bsc#1109907).\n- mm: Preserve _PAGE_DEVMAP across mprotect() calls (bsc#1111028).\n- mm: fix BUG_ON() in vmf_insert_pfn_pud() from VM_MIXEDMAP removal (bsc#1111841).\n- mmc: block: avoid multiblock reads for the last sector in SPI mode (bsc#1051510).\n- mwifiex: handle race during mwifiex_usb_disconnect (bsc#1051510).\n- net: add support for Cavium PTP coprocessor (bsc#1110096).\n- net: cavium: fix NULL pointer dereference in cavium_ptp_put (bsc#1110096).\n- net: cavium: use module_pci_driver to simplify the code (bsc#1110096).\n- net: thunder: change q_len's type to handle max ring size (bsc#1110096).\n- net: thunderx: Set max queue count taking XDP_TX into account (bsc#1110096).\n- net: thunderx: add MAC address filter tracking for LMAC (bsc#1110096).\n- net: thunderx: add XCAST messages handlers for PF (bsc#1110096).\n- net: thunderx: add multicast filter management support (bsc#1110096).\n- net: thunderx: add ndo_set_rx_mode callback implementation for VF (bsc#1110096).\n- net: thunderx: add new messages for handle ndo_set_rx_mode callback (bsc#1110096).\n- net: thunderx: add timestamping support (bsc#1110096).\n- net: thunderx: add workqueue control structures for handle ndo_set_rx_mode request (bsc#1110096).\n- net: thunderx: check for failed allocation lmac->dmacs (bsc#1110096).\n- net: thunderx: fix double free error (bsc#1110096).\n- net: thunderx: move filter register related macro into proper place (bsc#1110096).\n- net: thunderx: prevent concurrent data re-writing by nicvf_set_rx_mode (bsc#1110096).\n- net: thunderx: remove a couple of redundant assignments (bsc#1110096).\n- net: thunderx: rework mac addresses list to u64 array (bsc#1110096).\n- nvme: call nvme_complete_rq when nvmf_check_ready fails for mpath I/O (bsc#1107685).\n- objtool, kprobes/x86: Sync the latest <asm/insn.h> header with tools/objtool/arch/x86/include/asm/insn.h (bsc#1110006).\n- orangefs: fix deadlock; do not write i_size in read_iter (bsc#1051510).\n- orangefs: initialize op on loop restart in orangefs_devreq_read (bsc#1051510).\n- orangefs: use list_for_each_entry_safe in purge_waiting_ops (bsc#1051510).\n- orangefs_kill_sb(): deal with allocation failures (bsc#1051510).\n- ovl: Sync upper dirty data when syncing overlayfs (git-fixes).\n- ovl: fix format of setxattr debug (git-fixes).\n- perf/x86/amd/ibs: Do not access non-started event (bsc#1110006).\n- perf/x86/cstate: Fix possible Spectre-v1 indexing for pkg_msr (bsc#1110006).\n- perf/x86/intel/lbr: Fix incomplete LBR call stack (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check for NHM (bsc#1110006).\n- perf/x86/intel/uncore: Correct fixed counter index check in generic code (bsc#1110006).\n- perf/x86/intel/uncore: Fix Skylake UPI event format (bsc#1110006).\n- perf/x86/intel: Do not accidentally clear high bits in bdw_limit_period() (bsc#1110006).\n- perf/x86/intel: Fix event update for auto-reload (bsc#1110006).\n- perf/x86/intel: Fix large period handling on Broadwell CPUs (bsc#1110006).\n- perf/x86/intel: Fix linear IP of PEBS real_ip on Haswell and later CPUs (bsc#1110006).\n- perf/x86/intel: Properly save/restore the PMU state in the NMI handler (bsc#1110006).\n- perf/x86/msr: Fix possible Spectre-v1 indexing in the MSR driver (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for x86_pmu::event_map() (bsc#1110006).\n- perf/x86: Fix possible Spectre-v1 indexing for hw_perf_event cache_* (bsc#1110006).\n- powerpc/firmware: Add definitions for new drc-info firmware feature (bsc#1109158).\n- powerpc/numa: Skip onlining a offline node in kdump path (bsc#1109784).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1055120).\n- powerpc/pseries/mm: Introducing FW_FEATURE_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: call H_BLOCK_REMOVE (bsc#1109158).\n- powerpc/pseries/mm: factorize PTE slot computation (bsc#1109158).\n- powerpc/pseries: Fix CONFIG_NUMA=n build (bsc#1067906, git-fixes).\n- powerpc/pseries: Fix build break for SPLPAR=n and CPU hotplug (bsc#1079524, git-fixes).\n- powerpc/pseries: Fix duplicate firmware feature for DRC_INFO (bsc#1109158).\n- powerpc/rtas: Fix a potential race between CPU-Offline & Migration (bsc#1111870).\n- printk/tracing: Do not trace printk_nmi_enter() (bsc#1112208).\n- printk: drop in_nmi check from printk_safe_flush_on_panic() (bsc#1112170).\n- proc: restrict kernel stack dumps to root (git-fixes). blacklist.conf:\n- ptrace,x86: Make user_64bit_mode() available to 32-bit builds (bsc#1110006).\n- qed: Add missing device config for RoCE EDPM in UFP mode (bsc#1109217).\n- qed: Avoid sending mailbox commands when MFW is not responsive (bsc#1050536).\n- qed: Do not add VLAN 0 tag to untagged frames in multi-function mode (bsc#1050536).\n- qed: Fix populating the invalid stag value in multi function mode (bsc#1050536).\n- qed: Fix shmem structure inconsistency between driver and the mfw (bsc#1110561).\n- qed: Prevent a possible deadlock during driver load and unload (bsc#1050536).\n- qed: Wait for MCP halt and resume commands to take place (bsc#1050536).\n- qed: Wait for ready indication before rereading the shmem (bsc#1050536).\n- qlcnic: fix Tx descriptor corruption on 82xx devices (bsc#1050540).\n- qmi_wwan: Added support for Gemalto's Cinterion ALASxx WWAN interface (bsc#1051510).\n- qmi_wwan: set DTR for modems in forced USB2 mode (bsc#1051510).\n- qrtr: add MODULE_ALIAS macro to smd (bsc#1051510).\n- r8169: Clear RTL_FLAG_TASK_*_PENDING when clearing RTL_FLAG_TASK_ENABLED (bsc#1051510).\n- rculist: Improve documentation for list_for_each_entry_from_rcu() (bsc#1084760).\n- rculist: add list_for_each_entry_from_rcu() (bsc#1084760).\n- reiserfs: add check to detect corrupted directory entry (bsc#1109818).\n- reiserfs: do not panic on bad directory entries (bsc#1109818).\n- rename a hv patch to reduce conflicts in -AZURE\n- reorder a qedi patch to allow further work in this branch\n- rpc_pipefs: fix double-dput() (bsc#1051510).\n- rtc: bq4802: add error handling for devm_ioremap (bsc#1051510).\n- sched/numa: Limit the conditions where scan period is reset ().\n- scsi: core: Allow state transitions from OFFLINE to BLOCKED (bsc#1112246).\n- scsi: ipr: Eliminate duplicate barriers ().\n- scsi: ipr: Use dma_pool_zalloc() ().\n- scsi: ipr: fix incorrect indentation of assignment statement ().\n- scsi: libfc: check fc_frame_payload_get() return value for null (bsc#1104731).\n- scsi: libfc: retry PRLI if we cannot analyse the payload (bsc#1104731).\n- scsi: qedi: Add the CRC size within iSCSI NVM image (bsc#1110538).\n- scsi: qedi: Initialize the stats mutex lock (bsc#1110538).\n- scsi: qla2xxx: Fix NVMe Target discovery (bsc#1108870).\n- scsi: qla2xxx: Fix NVMe session hang on unload (bsc#1108870).\n- scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (bsc#1108870).\n- scsi: qla2xxx: Fix duplicate switch database entries (bsc#1108870).\n- scsi: qla2xxx: Fix for double free of SRB structure (bsc#1108870).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1111830).\n- scsi: qla2xxx: Fix re-using LoopID when handle is in use (bsc#1108870).\n- scsi: qla2xxx: Fix recursive mailbox timeout (bsc#1108870).\n- scsi: qla2xxx: Move log messages before issuing command to firmware (bsc#1108870).\n- scsi: qla2xxx: Return switch command on a timeout (bsc#1108870).\n- scsi: qla2xxx: do not allow negative thresholds (bsc#1108870).\n- scsi: target: prefer dbroot of /etc/target over /var/target (bsc#1111928).\n- selftests/x86: Add tests for User-Mode Instruction Prevention (bsc#1110006).\n- selftests/x86: Add tests for the STR and SLDT instructions (bsc#1110006).\n- serial: 8250_exar: Read INT0 from slave device, too (bsc#1051510).\n- serial: cpm_uart: return immediately from console poll (bsc#1051510).\n- serial: imx: restore handshaking irq for imx1 (bsc#1051510).\n- series.conf: moved some Xen patches to the sorted region xen/blkfront: correct purging of persistent grants (bnc#1112514).\n- signal: Properly deliver SIGSEGV from x86 uprobes (bsc#1110006).\n- smb2: fix missing files in root share directory listing (bsc#1112907).\n- smb3: fill in statfs fsid and correct namelen (bsc#1112905).\n- smb3: fix reset of bytes read and written stats (bsc#1112906).\n- smb3: on reconnect set PreviousSessionId field (bsc#1112899).\n- soc: fsl: qe: Fix copy/paste bug in ucc_get_tdm_sync_shift() (bsc#1051510).\n- soc: mediatek: pwrap: fix cipher init setting error (bsc#1051510).\n- sock_diag: fix use-after-free read in __sk_free (bsc#1051510).\n- soreuseport: initialise timewait reuseport field (bsc#1051510).\n- sound: do not call skl_init_chip() to reset intel skl soc (bsc#1051510).\n- sound: enable interrupt after dma buffer initialization (bsc#1051510).\n- spi: rspi: Fix interrupted DMA transfers (bsc#1051510).\n- spi: rspi: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: sh-msiof: Fix handling of write value for SISTR register (bsc#1051510).\n- spi: sh-msiof: Fix invalid SPI use during system suspend (bsc#1051510).\n- spi: tegra20-slink: explicitly enable/disable clock (bsc#1051510).\n- squashfs metadata 2: electric boogaloo (bsc#1051510).\n- squashfs: be more careful about metadata corruption (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- squashfs: more metadata hardening (bsc#1051510).\n- stm: Potential read overflow in stm_char_policy_set_ioctl() (bsc#1051510).\n- supported.conf: added cavium_ptp\n- supported.conf: mark raspberrypi-hwmon as supported\n- switchtec: Fix Spectre v1 vulnerability (bsc#1051510).\n- sysfs: Do not return POSIX ACL xattrs via listxattr (git-fixes).\n- target: log Data-Out timeouts as errors (bsc#1095805).\n- target: log NOP ping timeouts as errors (bsc#1095805).\n- target: split out helper for cxn timeout error stashing (bsc#1095805).\n- target: stash sess_err_stats on Data-Out timeout (bsc#1095805).\n- target: use ISCSI_IQN_LEN in iscsi_target_stat (bsc#1095805).\n- team: Forbid enslaving team device to itself (bsc#1051510).\n- thermal: of-thermal: disable passive polling when thermal zone is disabled (bsc#1051510).\n- tools/vm/page-types.c: fix 'defined but not used' warning (bsc#1051510).\n- tools/vm/slabinfo.c: fix sign-compare warning (bsc#1051510).\n- tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} (bsc#1110006).\n- tracing: Add barrier to trace_printk() buffer nesting modification (bsc#1112219).\n- tsl2550: fix lux1_input error in low light (bsc#1051510).\n- tty: Drop tty->count on tty_reopen() failure (bsc#1051510).\n- tty: rocket: Fix possible buffer overwrite on register_PCI (bsc#1051510).\n- tty: serial: exar: Relocate sleep wake-up handling (bsc#1051510).\n- tty: serial: lpuart: avoid leaking struct tty_struct (bsc#1051510).\n- tty: vt_ioctl: fix potential Spectre v1 (bsc#1051510).\n- ubifs: Check for name being NULL while mounting (bsc#1051510).\n- udp: Unbreak modules that rely on external __skb_recv_udp() availability (bsc#1109151).\n- uprobes/x86: Prohibit probing on MOV SS instruction (bsc#1110006).\n- usb: Avoid use-after-free by flushing endpoints early in usb_set_interface() (bsc#1051510).\n- usb: cdc_acm: Do not leak URB buffers (bsc#1051510).\n- usb: dwc2: Turn on uframe_sched on 'amlogic' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'bcm' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'his' platforms (bsc#1102881).\n- usb: dwc2: Turn on uframe_sched on 'stm32f4x9_fsotg' platforms (bsc#1102881).\n- usb: gadget: fotg210-udc: Fix memory leak of fotg210->ep[i] (bsc#1051510).\n- usb: host: u132-hcd: Fix a sleep-in-atomic-context bug in u132_get_frame() (bsc#1051510).\n- usb: misc: uss720: Fix two sleep-in-atomic-context bugs (bsc#1051510).\n- usb: musb: dsps: do not disable CPPI41 irq in driver teardown (bsc#1051510).\n- usb: uas: add support for more quirk flags (bsc#1051510).\n- usb: wusbcore: security: cast sizeof to int for comparison (bsc#1051510).\n- usb: xhci-mtk: resume USB3 roothub first (bsc#1051510).\n- userfaultfd: hugetlbfs: fix userfaultfd_huge_must_wait() pte access (bsc#1109739).\n- uwb: hwa-rc: fix memory leak at probe (bsc#1051510).\n- vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page (bsc#1110006).\n- virtio: pci-legacy: Validate queue pfn (bsc#1051510).\n- vmbus: do not return values for uninitalized channels (bsc#1051510).\n- vti4: Do not count header length twice on tunnel setup (bsc#1051510).\n- vti6: fix PMTU caching and reporting on xmit (bsc#1051510).\n- vti6: remove !skb->ignore_df check from vti6_xmit() (bsc#1051510).\n- x86-64/realmode: Add instruction suffix (bsc#1110006).\n- x86-memory_failure-Introduce-set-clear-_mce_nospec.patch: One more fixup to avoid even warning about statement without effect.\n- x86/CPU/AMD: Have smp_num_siblings and cpu_llc_id always be present (bsc#1110006).\n- x86/CPU: Add a microcode loader callback (bsc#1110006).\n- x86/CPU: Check CPU feature bits after microcode upgrade (bsc#1110006).\n- x86/EISA: Do not probe EISA bus for Xen PV guests (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d from vmx_handle_external_intr() (bsc#1110006).\n- x86/KVM/VMX: Do not set l1tf_flush_l1d to true from vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Move the l1tf_flush_l1d test to vmx_l1d_flush() (bsc#1110006).\n- x86/KVM/VMX: Replace 'vmx_l1d_flush_always' with 'vmx_l1d_flush_cond' (bsc#1110006).\n- x86/Kconfig: Limit NR_CPUS on 32-bit to a sane amount (bsc#1110006).\n- x86/LDT: Avoid warning in 32-bit builds with older gcc (bsc#1110006).\n- x86/MCE/AMD: Define a function to get SMCA bank type (bsc#1110006).\n- x86/MCE: Fix stack out-of-bounds write in mce-inject.c: Flags_read() (bsc#1110006).\n- x86/MCE: Remove min interval polling limitation (bsc#1110006).\n- x86/MCE: Report only DRAM ECC as memory errors on AMD systems (bsc#1110006).\n- x86/MCE: Serialize sysfs changes (bsc#1110006).\n- x86/acpi: Prevent X2APIC id 0xffffffff from being accounted (bsc#1110006).\n- x86/alternatives: Fixup alternative_call_2 (bsc#1110006).\n- x86/apic: Set up through-local-APIC mode on the boot CPU if 'noapic' specified (bsc#1110006).\n- x86/asm: Add _ASM_ARG* constants for argument registers to <asm/asm.h> (bsc#1110006).\n- x86/asm: Allow again using asm.h when building for the 'bpf' clang target (bsc#1110006).\n- x86/asm: Do not use the confusing '.ifeq' directive (bsc#1110006).\n- x86/boot/64: Verify alignment of the LOAD segment (bsc#1110006).\n- x86/boot/compressed/64: Print error if 5-level paging is not supported (bsc#1110006).\n- x86/boot: Fix if_changed build flip/flop bug (bsc#1110006).\n- x86/boot: Move EISA setup to a separate file (bsc#1110006).\n- x86/boot: Relocate definition of the initial state of CR0 (bsc#1110006).\n- x86/build: Beautify build log of syscall headers (bsc#1110006).\n- x86/cpu/AMD: Apply the Erratum 688 fix when the BIOS does not (bsc#1110006).\n- x86/cpu/intel: Add missing TLB cpuid values (bsc#1110006).\n- x86/cpufeature: Add User-Mode Instruction Prevention definitions (bsc#1110006).\n- x86/cpufeatures: Add Intel PCONFIG cpufeature (bsc#1110006).\n- x86/cpufeatures: Add Intel Total Memory Encryption cpufeature (bsc#1110006).\n- x86/debug: Handle warnings before the notifier chain, to fix KGDB crash (bsc#1110006).\n- x86/decoder: Add new TEST instruction pattern (bsc#1110006).\n- x86/efi: Fix efi_call_phys_epilog() with CONFIG_X86_5LEVEL=y (bsc#1110006).\n- x86/eisa: Add missing include (bsc#1110006).\n- x86/entry/64: Add two more instruction suffixes (bsc#1110006).\n- x86/entry/64: Use 'xorl' for faster register clearing (bsc#1110006).\n- x86/entry: Reduce the code footprint of the 'idtentry' macro (bsc#1110006).\n- x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() (bsc#1110006).\n- x86/fpu/debug: Remove unused 'x86_fpu_state' and 'x86_fpu_deactivate_state' tracepoints (bsc#1110006).\n- x86/fpu: Make XSAVE check the base CPUID features before enabling (bsc#1110006).\n- x86/fpu: Parse clearcpuid= as early XSAVE argument (bsc#1110006).\n- x86/fpu: Remove second definition of fpu in __fpu__restore_sig() (bsc#1110006).\n- x86/fpu: Remove the explicit clearing of XSAVE dependent features (bsc#1110006).\n- x86/hyperv: Check for required priviliges in hyperv_init() (bsc#1110006).\n- x86/intel_rdt: Enable CMT and MBM on new Skylake stepping (bsc#1110006).\n- x86/intel_rdt: Fix incorrect returned value when creating rdgroup sub-directory in resctrl file system (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl mount (bsc#1110006).\n- x86/intel_rdt: Fix potential deadlock during resctrl unmount (bsc#1110006).\n- x86/irq: Remove an old outdated comment about context tracking races (bsc#1110006).\n- x86/kasan: Panic if there is not enough memory to boot (bsc#1110006).\n- x86/kexec: Make kexec (mostly) work in 5-level paging mode (bsc#1110006).\n- x86/kprobes: Fix kernel crash when probing .entry_trampoline code (bsc#1110006).\n- x86/kvm/vmx: Remove duplicate l1d flush definitions (bsc#1110006).\n- x86/mce/AMD: Get address from already initialized block (bsc#1110006).\n- x86/mce: Add notifier_block forward declaration (bsc#1110006).\n- x86/mce: Check for alternate indication of machine check recovery on Skylake (bsc#1110006).\n- x86/mce: Do not overwrite MCi_STATUS in mce_no_way_out() (bsc#1110006).\n- x86/mce: Fix incorrect 'Machine check from unknown source' message (bsc#1110006).\n- x86/microcode/intel: Check microcode revision before updating sibling threads (bsc#1110006).\n- x86/microcode/intel: Fix memleak in save_microcode_patch() (bsc#1110006).\n- x86/microcode/intel: Look into the patch cache first (bsc#1110006).\n- x86/microcode/intel: Save microcode patch unconditionally (bsc#1110006).\n- x86/microcode/intel: Writeback and invalidate caches before updating microcode (bsc#1110006).\n- x86/microcode: Allow late microcode loading with SMT disabled (bsc#1110006).\n- x86/microcode: Attempt late loading only when new microcode is present (bsc#1110006).\n- x86/microcode: Do not exit early from __reload_late() (bsc#1110006).\n- x86/microcode: Do not upload microcode if CPUs are offline (bsc#1110006).\n- x86/microcode: Fix CPU synchronization routine (bsc#1110006).\n- x86/microcode: Get rid of struct apply_microcode_ctx (bsc#1110006).\n- x86/microcode: Make sure boot_cpu_data.microcode is up-to-date (bsc#1110006).\n- x86/microcode: Make the late update update_lock a raw lock for RT (bsc#1110006).\n- x86/microcode: Propagate return value from updating functions (bsc#1110006).\n- x86/microcode: Request microcode on the BSP (bsc#1110006).\n- x86/microcode: Synchronize late microcode loading (bsc#1110006).\n- x86/microcode: Update the new microcode revision unconditionally (bsc#1110006).\n- x86/mm/32: Initialize the CR4 shadow before __flush_tlb_all() (bsc#1110006).\n- x86/mm/64: Rename the register_page_bootmem_memmap() 'size' parameter to 'nr_pages' (bsc#1110006).\n- x86/mm/kmmio: Fix mmiotrace for page unaligned addresses (bsc#1110006).\n- x86/mm/kmmio: Make the tracer robust against L1TF (bsc#1110006).\n- x86/mm/pat: Make set_memory_np() L1TF safe (bsc#1110006).\n- x86/mm/pti: Add an overflow check to pti_clone_pmds() (bsc#1110006).\n- x86/mm/pti: Fix PTI comment in entry_SYSCALL_64() (bsc#1110006).\n- x86/mm: Define _PAGE_TABLE using _KERNPG_TABLE (bsc#1110006).\n- x86/mm: Do not forbid _PAGE_RW before init for __ro_after_init (bsc#1110006).\n- x86/mm: Fix bogus warning during EFI bootup, use boot_cpu_has() instead of this_cpu_has() in build_cr3_noflush() (bsc#1110006).\n- x86/mm: Relocate page fault error codes to traps.h (bsc#1110006).\n- x86/mm: Remove in_nmi() warning from vmalloc_fault() (bsc#1110006).\n- x86/nmi: Fix NMI uaccess race against CR3 switching (bsc#1110006).\n- x86/numa_emulation: Fix emulated-to-physical node mapping (bsc#1110006).\n- x86/oprofile: Fix bogus GCC-8 warning in nmi_setup() (bsc#1110006).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bsc#1110006).\n- x86/paravirt: Fix some warning messages (bnc#1065600).\n- x86/paravirt: Remove 'noreplace-paravirt' cmdline option (bsc#1110006).\n- x86/percpu: Fix this_cpu_read() (bsc#1110006).\n- x86/pgtable: Do not set huge PUD/PMD on non-leaf entries (bsc#1110006).\n- x86/power: Fix swsusp_arch_resume prototype (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_p4d() (bsc#1110006).\n- x86/pti: Check the return value of pti_user_pagetable_walk_pmd() (bsc#1110006).\n- x86/retpoline/checksum32: Convert assembler indirect jumps (bsc#1110006).\n- x86/retpoline/irq32: Convert assembler indirect jumps (bsc#1110006).\n- x86/smp: fix non-SMP broken build due to redefinition of apic_id_is_primary_thread (bsc#1110006).\n- x86/smpboot: Do not use mwait_play_dead() on AMD systems (bsc#1110006).\n- x86/spectre: Fix spelling mistake: 'vunerable'-> 'vulnerable' (bsc#1110006).\n- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels (bsc#1110006).\n- x86/speculation/l1tf: Exempt zeroed PTEs from inversion (bsc#1110006).\n- x86/speculation/l1tf: Extend 64bit swap file size limit (bsc#1110006).\n- x86/speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (bsc#1105536).\n- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bsc#1110006).\n- x86/speculation/l1tf: Invert all not present mappings (bsc#1110006).\n- x86/speculation/l1tf: Make pmd/pud_mknotpresent() invert (bsc#1110006).\n- x86/speculation/l1tf: Protect PAE swap entries against L1TF (bsc#1110006).\n- x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (bsc#1110006).\n- x86/time: Correct the attribute on jiffies' definition (bsc#1110006).\n- x86/topology: Update the 'cpu cores' field in /proc/cpuinfo correctly across CPU hotplug operations (bsc#1110006).\n- x86/tsc: Add missing header to tsc_msr.c (bsc#1110006).\n- x86/tsc: Allow TSC calibration without PIT (bsc#1110006).\n- x86/tsc: Prevent 32bit truncation in calc_hpet_ref() (bsc#1110006).\n- x86/vdso: Fix asm constraints on vDSO syscall fallbacks (bsc#1110006).\n- x86/vdso: Fix vDSO syscall fallback asm constraint regression (bsc#1110006).\n- x86/xen: Delay get_cpu_cap until stack canary is established (bsc#1110006).\n- x86/xen: Drop 5-level paging support code from the XEN_PV code (bsc#1110006).\n- x86/xen: Reset VCPU0 info pointer after shared_info remap (bsc#1110006).\n- x86/xen: do not write ptes directly in 32-bit PV guests (bsc#1110006).\n- x86: Add check for APIC access address for vmentry of L2 guests (bsc#1110006).\n- x86: Call fixup_exception() before notify_die() in math_error() (bsc#1110006).\n- x86: Delay skip of emulated hypercall instruction (bsc#1110006).\n- x86: PM: Make APM idle driver initialize polling state (bsc#1110006).\n- x86: i8259: Add missing include file (bsc#1110006).\n- x86: kvm: avoid unused variable warning (bsc#1110006).\n- xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent (bnc#1065600).\n- xen/PVH: Set up GS segment for stack canary (bsc#1110006).\n- xen/gntdev: avoid out of bounds access in case of partial gntdev_mmap() (bnc#1065600).\n- xen/x86/vpmu: Zero struct pt_regs before calling into sample handling code (bsc#1110006).\n- xen: Fix {set,clear}_foreign_p2m_mapping on autotranslating guests (bsc#1110006).\n- xen: Remove unnecessary BUG_ON from __unbind_from_irq() (bnc#1065600).\n- xfrm: use complete IPv6 addresses for hash (bsc#1109330).\n- xfs: do not fail when converting shortform attr to long form during ATTR_REPLACE (bsc#1105025).\n- xhci: Add missing CAS workaround for Intel Sunrise Point xHCI (bsc#1051510).\n- xhci: Do not print a warning when setting link state for disabled ports (bsc#1051510).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-Module-Live-Patching-15-2018-2547", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3593-1.json", }, { category: "self", summary: "URL for SUSE-SU-2018:3593-1", url: "https://www.suse.com/support/update/announcement/2018/suse-su-20183593-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2018:3593-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004821.html", }, { category: "self", summary: "SUSE Bug 1046540", url: "https://bugzilla.suse.com/1046540", }, { category: "self", summary: "SUSE Bug 1050319", url: "https://bugzilla.suse.com/1050319", }, { category: "self", summary: "SUSE Bug 1050536", url: "https://bugzilla.suse.com/1050536", }, { category: "self", summary: "SUSE Bug 1050540", url: "https://bugzilla.suse.com/1050540", }, { category: "self", summary: "SUSE Bug 1051510", url: "https://bugzilla.suse.com/1051510", }, { category: "self", summary: "SUSE Bug 1055120", url: "https://bugzilla.suse.com/1055120", }, { category: "self", summary: "SUSE Bug 1065600", url: "https://bugzilla.suse.com/1065600", }, { category: "self", summary: "SUSE Bug 1066674", url: "https://bugzilla.suse.com/1066674", }, { category: "self", summary: "SUSE Bug 1067126", url: "https://bugzilla.suse.com/1067126", }, { category: "self", summary: "SUSE Bug 1067906", url: "https://bugzilla.suse.com/1067906", }, { category: "self", summary: "SUSE Bug 1076830", url: "https://bugzilla.suse.com/1076830", }, { category: "self", summary: "SUSE Bug 1079524", url: "https://bugzilla.suse.com/1079524", }, { category: "self", summary: "SUSE Bug 1083647", url: "https://bugzilla.suse.com/1083647", }, { category: "self", summary: "SUSE Bug 1084760", url: "https://bugzilla.suse.com/1084760", }, { category: "self", summary: "SUSE Bug 1084831", url: "https://bugzilla.suse.com/1084831", }, { category: "self", summary: "SUSE Bug 1086283", url: "https://bugzilla.suse.com/1086283", }, { category: "self", summary: "SUSE Bug 1086288", url: "https://bugzilla.suse.com/1086288", }, { category: "self", summary: "SUSE Bug 1094825", url: "https://bugzilla.suse.com/1094825", }, { category: "self", summary: "SUSE Bug 1095805", url: "https://bugzilla.suse.com/1095805", }, { category: "self", summary: "SUSE Bug 1099125", url: "https://bugzilla.suse.com/1099125", }, { category: "self", summary: "SUSE Bug 1100132", url: "https://bugzilla.suse.com/1100132", }, { category: "self", summary: "SUSE Bug 1102881", url: "https://bugzilla.suse.com/1102881", }, { category: "self", summary: "SUSE Bug 1103308", url: "https://bugzilla.suse.com/1103308", }, { category: "self", summary: "SUSE Bug 1103543", url: "https://bugzilla.suse.com/1103543", }, { category: "self", summary: "SUSE Bug 1104731", url: "https://bugzilla.suse.com/1104731", }, { category: "self", summary: "SUSE Bug 1105025", url: "https://bugzilla.suse.com/1105025", }, { category: "self", summary: "SUSE Bug 1105536", url: "https://bugzilla.suse.com/1105536", }, { category: "self", summary: "SUSE Bug 1106105", url: "https://bugzilla.suse.com/1106105", }, { category: "self", summary: "SUSE Bug 1106110", url: "https://bugzilla.suse.com/1106110", }, { category: "self", summary: "SUSE Bug 1106237", url: "https://bugzilla.suse.com/1106237", }, { category: "self", summary: "SUSE Bug 1106240", url: "https://bugzilla.suse.com/1106240", }, { category: "self", summary: "SUSE Bug 1106838", url: "https://bugzilla.suse.com/1106838", }, { category: "self", summary: "SUSE Bug 1107685", url: "https://bugzilla.suse.com/1107685", }, { category: "self", summary: "SUSE Bug 1108241", url: "https://bugzilla.suse.com/1108241", }, { category: "self", summary: "SUSE Bug 1108377", url: "https://bugzilla.suse.com/1108377", }, { category: "self", summary: "SUSE Bug 1108468", url: "https://bugzilla.suse.com/1108468", }, { category: "self", summary: "SUSE Bug 1108828", url: "https://bugzilla.suse.com/1108828", }, { category: "self", summary: "SUSE Bug 1108841", url: "https://bugzilla.suse.com/1108841", }, { category: "self", summary: "SUSE Bug 1108870", url: "https://bugzilla.suse.com/1108870", }, { category: "self", summary: "SUSE Bug 1109151", url: "https://bugzilla.suse.com/1109151", }, { category: "self", summary: "SUSE Bug 1109158", url: "https://bugzilla.suse.com/1109158", }, { category: "self", summary: "SUSE Bug 1109217", url: "https://bugzilla.suse.com/1109217", }, { category: "self", summary: "SUSE Bug 1109330", url: "https://bugzilla.suse.com/1109330", }, { category: "self", summary: "SUSE Bug 1109739", url: "https://bugzilla.suse.com/1109739", }, { category: "self", summary: "SUSE Bug 1109784", url: "https://bugzilla.suse.com/1109784", }, { category: "self", summary: "SUSE Bug 1109806", url: "https://bugzilla.suse.com/1109806", }, { category: "self", summary: "SUSE Bug 1109818", url: "https://bugzilla.suse.com/1109818", }, { category: "self", summary: "SUSE Bug 1109907", url: "https://bugzilla.suse.com/1109907", }, { category: "self", summary: "SUSE Bug 1109911", url: "https://bugzilla.suse.com/1109911", }, { category: "self", summary: "SUSE Bug 1109915", url: "https://bugzilla.suse.com/1109915", }, { category: "self", summary: "SUSE Bug 1109919", url: "https://bugzilla.suse.com/1109919", }, { category: "self", summary: "SUSE Bug 1109951", url: "https://bugzilla.suse.com/1109951", }, { category: "self", summary: "SUSE Bug 1110006", url: "https://bugzilla.suse.com/1110006", }, { category: "self", summary: "SUSE Bug 1110096", url: "https://bugzilla.suse.com/1110096", }, { category: "self", summary: "SUSE Bug 1110538", url: "https://bugzilla.suse.com/1110538", }, { category: "self", summary: "SUSE Bug 1110561", url: "https://bugzilla.suse.com/1110561", }, { category: "self", summary: "SUSE Bug 1110921", url: "https://bugzilla.suse.com/1110921", }, { category: "self", summary: "SUSE Bug 1111028", url: "https://bugzilla.suse.com/1111028", }, { category: "self", summary: "SUSE Bug 1111076", url: "https://bugzilla.suse.com/1111076", }, { category: "self", summary: "SUSE Bug 1111506", url: "https://bugzilla.suse.com/1111506", }, { category: "self", summary: "SUSE Bug 1111806", url: "https://bugzilla.suse.com/1111806", }, { category: "self", summary: "SUSE Bug 1111819", url: "https://bugzilla.suse.com/1111819", }, { category: "self", summary: "SUSE Bug 1111830", url: "https://bugzilla.suse.com/1111830", }, { category: "self", summary: "SUSE Bug 1111834", url: "https://bugzilla.suse.com/1111834", }, { category: "self", summary: "SUSE Bug 1111841", url: "https://bugzilla.suse.com/1111841", }, { category: "self", summary: "SUSE Bug 1111870", url: "https://bugzilla.suse.com/1111870", }, { category: "self", summary: "SUSE Bug 1111901", url: "https://bugzilla.suse.com/1111901", }, { category: "self", summary: "SUSE Bug 1111904", url: "https://bugzilla.suse.com/1111904", }, { category: "self", summary: "SUSE Bug 1111928", url: "https://bugzilla.suse.com/1111928", }, { category: "self", summary: "SUSE Bug 1111983", url: "https://bugzilla.suse.com/1111983", }, { category: "self", summary: "SUSE Bug 1112170", url: "https://bugzilla.suse.com/1112170", }, { category: "self", summary: "SUSE Bug 1112173", url: "https://bugzilla.suse.com/1112173", }, { category: "self", summary: "SUSE Bug 1112208", url: "https://bugzilla.suse.com/1112208", }, { category: "self", summary: "SUSE Bug 1112219", url: "https://bugzilla.suse.com/1112219", }, { category: "self", summary: "SUSE Bug 1112221", url: "https://bugzilla.suse.com/1112221", }, { category: "self", summary: "SUSE Bug 1112246", url: "https://bugzilla.suse.com/1112246", }, { category: "self", summary: "SUSE Bug 1112372", url: "https://bugzilla.suse.com/1112372", }, { category: "self", summary: "SUSE Bug 1112514", url: "https://bugzilla.suse.com/1112514", }, { category: "self", summary: "SUSE Bug 1112554", url: "https://bugzilla.suse.com/1112554", }, { category: "self", summary: "SUSE Bug 1112708", url: "https://bugzilla.suse.com/1112708", }, { category: "self", summary: "SUSE Bug 1112710", url: "https://bugzilla.suse.com/1112710", }, { category: "self", summary: "SUSE Bug 1112711", url: "https://bugzilla.suse.com/1112711", }, { category: "self", summary: "SUSE Bug 1112712", url: "https://bugzilla.suse.com/1112712", }, { category: "self", summary: "SUSE Bug 1112713", url: "https://bugzilla.suse.com/1112713", }, { category: "self", summary: "SUSE Bug 1112731", url: "https://bugzilla.suse.com/1112731", }, { category: "self", summary: "SUSE Bug 1112732", url: "https://bugzilla.suse.com/1112732", }, { category: "self", summary: "SUSE Bug 1112733", url: "https://bugzilla.suse.com/1112733", }, { category: "self", summary: "SUSE Bug 1112734", url: "https://bugzilla.suse.com/1112734", }, { category: "self", summary: "SUSE Bug 1112735", url: "https://bugzilla.suse.com/1112735", }, { category: "self", summary: "SUSE Bug 1112736", url: "https://bugzilla.suse.com/1112736", }, { category: "self", summary: "SUSE Bug 1112738", url: "https://bugzilla.suse.com/1112738", }, { category: "self", summary: "SUSE Bug 1112739", url: "https://bugzilla.suse.com/1112739", }, { category: "self", summary: "SUSE Bug 1112740", url: "https://bugzilla.suse.com/1112740", }, { category: "self", summary: "SUSE Bug 1112741", url: "https://bugzilla.suse.com/1112741", }, { category: "self", summary: "SUSE Bug 1112743", url: "https://bugzilla.suse.com/1112743", }, { category: "self", summary: "SUSE Bug 1112745", url: "https://bugzilla.suse.com/1112745", }, { category: "self", summary: "SUSE Bug 1112746", url: "https://bugzilla.suse.com/1112746", }, { category: "self", summary: "SUSE Bug 1112894", url: "https://bugzilla.suse.com/1112894", }, { category: "self", summary: "SUSE Bug 1112899", url: "https://bugzilla.suse.com/1112899", }, { category: "self", summary: "SUSE Bug 1112902", url: "https://bugzilla.suse.com/1112902", }, { category: "self", summary: "SUSE Bug 1112903", url: "https://bugzilla.suse.com/1112903", }, { category: "self", summary: "SUSE Bug 1112905", url: "https://bugzilla.suse.com/1112905", }, { category: "self", summary: "SUSE Bug 1112906", url: "https://bugzilla.suse.com/1112906", }, { category: "self", summary: "SUSE Bug 1112907", url: "https://bugzilla.suse.com/1112907", }, { category: "self", summary: "SUSE Bug 1113257", url: "https://bugzilla.suse.com/1113257", }, { category: "self", summary: "SUSE Bug 1113284", url: "https://bugzilla.suse.com/1113284", }, { category: "self", summary: "SUSE CVE CVE-2017-16533 page", url: "https://www.suse.com/security/cve/CVE-2017-16533/", }, { category: "self", summary: "SUSE CVE CVE-2017-18224 page", url: "https://www.suse.com/security/cve/CVE-2017-18224/", }, { category: "self", summary: "SUSE CVE CVE-2018-18386 page", url: "https://www.suse.com/security/cve/CVE-2018-18386/", }, { category: "self", summary: "SUSE CVE CVE-2018-18445 page", url: "https://www.suse.com/security/cve/CVE-2018-18445/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2018-10-31T13:44:37Z", generator: { date: "2018-10-31T13:44:37Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2018:3593-1", initial_release_date: "2018-10-31T13:44:37Z", revision_history: [ { date: "2018-10-31T13:44:37Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-default-livepatch-4.12.14-25.25.1.ppc64le", product: { name: "kernel-default-livepatch-4.12.14-25.25.1.ppc64le", product_id: "kernel-default-livepatch-4.12.14-25.25.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", product: { name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", product_id: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "kernel-default-livepatch-4.12.14-25.25.1.x86_64", product: { name: "kernel-default-livepatch-4.12.14-25.25.1.x86_64", product_id: "kernel-default-livepatch-4.12.14-25.25.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", product: { name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", product_id: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15", product: { name: "SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-25.25.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", }, product_reference: "kernel-default-livepatch-4.12.14-25.25.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-4.12.14-25.25.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", }, product_reference: "kernel-default-livepatch-4.12.14-25.25.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", }, product_reference: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15", product_id: "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", }, product_reference: "kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15", }, ], }, vulnerabilities: [ { cve: "CVE-2017-16533", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-16533", }, ], notes: [ { category: "general", text: "The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-16533", url: "https://www.suse.com/security/cve/CVE-2017-16533", }, { category: "external", summary: "SUSE Bug 1066674 for CVE-2017-16533", url: "https://bugzilla.suse.com/1066674", }, { category: "external", summary: "SUSE Bug 1087082 for CVE-2017-16533", url: "https://bugzilla.suse.com/1087082", }, { category: "external", summary: "SUSE Bug 1146519 for CVE-2017-16533", url: "https://bugzilla.suse.com/1146519", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:37Z", details: "moderate", }, ], title: "CVE-2017-16533", }, { cve: "CVE-2017-18224", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2017-18224", }, ], notes: [ { category: "general", text: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2017-18224", url: "https://www.suse.com/security/cve/CVE-2017-18224", }, { category: "external", summary: "SUSE Bug 1084831 for CVE-2017-18224", url: "https://bugzilla.suse.com/1084831", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:37Z", details: "moderate", }, ], title: "CVE-2017-18224", }, { cve: "CVE-2018-18386", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18386", }, ], notes: [ { category: "general", text: "drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18386", url: "https://www.suse.com/security/cve/CVE-2018-18386", }, { category: "external", summary: "SUSE Bug 1094825 for CVE-2018-18386", url: "https://bugzilla.suse.com/1094825", }, { category: "external", summary: "SUSE Bug 1112039 for CVE-2018-18386", url: "https://bugzilla.suse.com/1112039", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:37Z", details: "moderate", }, ], title: "CVE-2018-18386", }, { cve: "CVE-2018-18445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-18445", }, ], notes: [ { category: "general", text: "In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2018-18445", url: "https://www.suse.com/security/cve/CVE-2018-18445", }, { category: "external", summary: "SUSE Bug 1112372 for CVE-2018-18445", url: "https://bugzilla.suse.com/1112372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-default-livepatch-4.12.14-25.25.1.x86_64", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15:kernel-livepatch-4_12_14-25_25-default-1-1.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2018-10-31T13:44:37Z", details: "low", }, ], title: "CVE-2018-18445", }, ], }
ghsa-6434-jhwc-gm9v
Vulnerability from github
Published
2022-05-14 03:27
Modified
2022-05-14 03:27
Severity ?
Details
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
{ affected: [], aliases: [ "CVE-2017-18224", ], database_specific: { cwe_ids: [ "CWE-362", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2018-03-12T03:29:00Z", severity: "MODERATE", }, details: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", id: "GHSA-6434-jhwc-gm9v", modified: "2022-05-14T03:27:48Z", published: "2022-05-14T03:27:48Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18224", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { type: "WEB", url: "https://www.debian.org/security/2018/dsa-4188", }, { type: "WEB", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { type: "WEB", url: "http://www.securityfocus.com/bid/103353", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2017-18224
Vulnerability from fkie_nvd
Published
2018-03-12 03:29
Modified
2024-11-21 03:19
Severity ?
Summary
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "A4344060-7D43-4A74-A2EF-DE9A6F8457A6", versionEndExcluding: "4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", }, { lang: "es", value: "En el kernel de Linux, en versiones anteriores a la 4.15, fs/ocfs2/aops.c omite el uso de un semáforo y, por consiguiente, tiene una condición de carrera al acceder al árbol extent durante las operaciones de lectura en modo DIRECT. Esto permite que usuarios locales provoquen una denegación de servicio (bug) modificando cierto campo e_cpos.", }, ], id: "CVE-2017-18224", lastModified: "2024-11-21T03:19:36.803", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-03-12T03:29:00.260", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103353", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2018/dsa-4188", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103353", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2018/dsa-4188", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-362", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2017-18224
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-18224", description: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", id: "GSD-2017-18224", references: [ "https://www.suse.com/security/cve/CVE-2017-18224.html", "https://www.debian.org/security/2018/dsa-4188", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2017-18224", ], details: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", id: "GSD-2017-18224", modified: "2023-12-13T01:21:10.624532Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-18224", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "DSA-4188", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4188", }, { name: "103353", refsource: "BID", url: "http://www.securityfocus.com/bid/103353", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "4.15", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2017-18224", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-362", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", refsource: "MISC", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3e4c56d41eef5595035872a2ec5a483f42e8917f", }, { name: "103353", refsource: "BID", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103353", }, { name: "DSA-4188", refsource: "DEBIAN", tags: [], url: "https://www.debian.org/security/2018/dsa-4188", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:L/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "LOW", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 4.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 1, impactScore: 3.6, }, }, lastModifiedDate: "2018-05-03T01:29Z", publishedDate: "2018-03-12T03:29Z", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.